CISSP Study Guide: Training to pass the CISSP exam

CISSP certification can give channel partners an edge over their competition by giving their employees credibility with certified expertise. Our CISSP Study Guide can help you prepare for and pass the exam with help from security expert and author Shon Harris.

Obtaining a CISSP certification can give value-added resellers (VARs) and security consultants the credibility needed to gain an edge over competitors. The CISSP exam is made up of the 10 domains of the Common Body of Knowledge. In each section of this CISSP Study Guide, created in partnership with security expert Shon Harris, we will define each domain, offer domain-specific tips and resources, and provide a CISSP practice quiz to...

test your knowledge and help you prepare for and pass the CISSP exam.

The CISSP Domains

CISSP Study Guide Domain 1: Telecommunications and Network Security
(see link below)
CISSP Domain 1, telecommunications and network security, covers protocol stack models, network components and extension services, core technologies and more. In order to sucessfully pass the CISSP exam, you'll need to have an in-depth understanding of telecommunication and network security processes, such as how networks work, how data is transmitted from one device to another, how protocols transmit information and how applications understand, interpret and translate data.

Here you will learn how to ensure these telecommunications and network security processes are done securely. After reading about Domain 1, test your knowledge with our CISSP Study Guide quiz.

CISSP Study Guide Domain 2: Physical Security
(see link below)
Facility management, risk identification and perimeter security all fall under the physical security category. An effective security program will take both logical and physical security risks into account, and it should address proper door locks, the quality of construction materials, physical location, fire prevention and detection, power supply concepts and even environmental controls like water drains and pressure control.

Learn how to secure a physical security system and test yourself by taking our Domain 2 CISSP Study Guide quiz.

CISSP Study Guide Domain 3: Cryptography
(see link below)
Cryptography, the transformation of clear text to unreadable form, is an essential element in electronic data protection and safe message transmission. Crytography covers a range of different methods and technologies, including hashing algorithms, symmetric and asymmetric approaches and PKI deployments. Test your knowledge of all these technologies, as well as cryptosystem attacks, by reviewing our CISSP Domain 3 resources and CISSP Study Guide quiz.

CISSP Study Guide Domain 4: Operations Security
(see link below)
Operations security pertains to the security management and risk assessment of a network, computer system and overall environment. In order to thwart attacks and keep information secure, it is essential for security professionals to fully understand all aspects of operations security management, including administrative responsibilities, attack types, change configuration management, email security and more.

Use our SearchSecurityChannel.com resources and CISSP Study Guide quiz to ensure your knowledge of CISSP Domain 4 and operations security.

CISSP Study Guide Domain 5: Access Control
(see link below)
Domain 5 of the CISSP exam, access control, reviews the protection of critical system components by monitoring and restricting access. In order to fully understand access control, security professionals need to have adequate knowledge of biometric technologies, authentication tools and models, auditing practices, access control types and possible threats. Test your knowledge of access control by referring to our Domain 5 CISSP Study Guide resources and Domain 5 quiz.

CISSP Study Guide Domain 6: Application Security and System Development
(see link below)
The CISSP Domain 6, application security, addresses application structure and the security mechanisms used during application access. Security professionals must make certain that their corporate systems and applications are developed for security as well as functionality.

In order to properly develop and secure systems and applications, professionals need to understand several aspects of application security and system development, such as software architecture, programming concepts, software lifecycle development, change control, data interfaces and more. Learn more about these application security and system development technologies, and use our Domain 6 CISSP Study Guide quiz to assess your CISSP comprehension.

CISSP Study Guide Domain 7: Information Security and Risk Management
(see link below)
Implementing proper information security and risk management practices is the first step that every organization should take in the fight against Trojans, malware and any other types of malicious code attacks. Domain 7 of the CISSP exam, information security and risk management, reviews security management practices and security policies.

Security professionals must understand risk management, data classification and information security roles and responsibilities. Learn about all aspects of information security and risk management by referring to our technical tips and taking our Domain 7 CISSP Study Guide quiz.

CISSP Study Guide Domain 8: Security Architecture and Model
(see link below)
Both the security model, which is the baseline for security implementation, and the security architecture, which acts as the security system's framework, are essential aspects of a security system structure.

CISSP Domain 8 pertains to security models involving operating systems and network architectures. The domain covers platform architectures, layered models, system development and operating system principles. Check out our resources on security architectures and models. Then revisit what you learned by taking our Domain 8 CISSP Study Guide quiz.

CISSP Study Guide Domain 9: Laws, Investigations and Ethics
(see link below)
Theft and fraud will always be a risk factor for corporations, no matter how hard professionals try to prevent these types of threats. It is therefore essential for security pros to know how to react to these crimes through investigation.

CISSP Domain 9, law, investigations and ethics, outlines legal issues associated with information security, addresses legal regulations and compliance and reviews how to properly investigate a crime in the event of an attack. Read our SearchSecurityChannel.com tips and take our Domain 9 CISSP Study Guide to test your knowledge of law, investigations and ethics, including digital forenics, computer law and incident handling procedures.

CISSP Study Guide Domain 10: Business Continuity
(see link below)
The act of business continuity planning and disaster recovery often involves dealing with systems failures and other catastrophic service interruptions. In order to fully understand Domain 10, security professionals will need to know about backups, off-site data recovery and emergency response.

Ensure you have a comprehensive understanding of business continuity and disaster recovery by referencing to our SearchSecurityChannel.com resources and taking our Domain 10 CISSP Study Guide quiz.

About the author:
Shon Harris, CISSP, MCSE and president of Logical Security, an IT security consulting and training company, is the author of CISSP: All-in-One Exam Guide and creator of The Shon Harris CISSP Solution.

This was first published in February 2008

Dig deeper on Information Security Training and Certification

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

3 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close