Home Career How many Domains does the CISSP have?

How many Domains does the CISSP have?

Certified Information Systems Security Professional (CISSP):

The Certified Information Systems Security Professional abbreviated for CISSP is an IT security certification. The CISSP is offered by the International Information System Security Certification Consortium, more commonly known as (ISC) ² and has been approved by the United States Department of Defense (DOD) in both, the Information Assurance Technical (IAT) and the Information Assurance Managerial (IAM).

The CISSP is a certification considered exclusively in the field of information security. The CISSP online training is associated with the (ISC) ² CBK 2018 course requirement. It covers a vast area of field teaching you to excel in various different expertise of information security; such as management, design, controls, and architecture. If you’re looking to opt for an IT security position, you should get started on your CISSP training as soon as possible as those job positions require a CISSP certification.

CISSP Certification

CISSP Certification

Within 10 weeks, this course will provide you with some insight on (ISC) ²; go through each of the 8 domains, provide you with the relevant and resourceful reading materials and practice questions. And within just a few weeks you will be prepared to pass this exam and excel in your future security professional career.

The CISSP Certification Course Description

CISSP Training Course Options:

  • 32 hours of training with a certified trainer and instructor
  • 32 hours of videos to watch at your own pace
  • 5 mockup test papers
  • Offers the required 30 CPEs to take the CISSP exam

For individuals

  • Self-Paced Learning:
  • Lifetime access to high-grade, e-learning content generated by professionals
  • Learner support and assistance 24/7
  • Pricing charges: $399
  • Online Lecture Flexi-Pass:
  • Flexible access to a certified instructor teaching online training classes in 90 days
  • Lifetime access to high-grade, e-learning content and live class recordings generated by professional instructors
  • Learner support and assistance 24/7
  • Pricing charges: $499

For business

  • Business Corporate Training:
  • Combined learning delivery models (high-grade e-learning content generated by professionals)
  • Corporate level Learning Management System (LMS)
  • Corporate dashboards for individuals and groups
  • Learner support and assistance 24/7
  • Flexible pricing options

Course Objectives:

CISSP certification course preparation trains you and teaches you in a way that will assist you to pass the CISSP examination in the first attempt. It helps develop expertise within you with the help of the internationally approved information security standards and focuses on designing, architecture, building, and sustaining a protected business setting for your organization.

In today’s, growing world of Information Technology and the transfer of businesses into the IT world has been requiring IT security professionals now more than ever. As with the benefits that IT has to offer to the world there are also some drawbacks in the form of security breaches which has increased the demand for Information security professionals gradually.

So this course goes beyond you as an individual and has a lot more to offer than one can possibly imagine. For further relevant information:

Introduction to CISSP by Chuck Easttom.

CISSP Examination’s 8 Domains:

The International Information System Security Certification Consortium (ISC) ²’s CISSP Examination covers 8 domains as of 2018 which are as follows:

  • Domain 1 covers Security and Risk Management
  • Domain 2 covers Asset Security
  • Domain 3 covers Security Engineering
  • Domain 4 covers Communications and Network Security
  • Domain 5 covers Identity and Access Management
  • Domain 6 covers Security and Assessment Testing
  • Domain 7 covers Security Operations
  • Domain 8 covers Software Development Security

Each of the 8 domains holds individual weights in the examination. The weights of each individual domain are as follows:

  • Domain 1: Security and Risk Management holds 15%
  • Domain 2: Asset Security holds 10%
  • Domain 3: Security Architecture and Engineering holds 13%
  • Domain 4: Communication and Network Security holds 14%
  • Domain 5: Identity and Access Management (IAM) holds 13%
  • Domain 6: Security Assessment and Testing holds 12%
  • Domain 7: Security Operation holds 13%
  • Domain 8: Software Development Security holds 10%

Combining to a total of 100 percent.

Domain 1: Security and Risk Management

This domain focuses on the various aspects of risk and glides over the basic concepts which are required to be known in information security. This domain concentrates on CIA; confidentiality, integrity, and availability.

The evaluation is done on the basis of the skills required when implementing the security procedures and policies. And how well the implementation is done when perfecting the business continuity planning, recovery points, and user awareness programs. Moreover, how the risk is managed when it comes to the secure attainment of new hardware, software, and services.

Domain 2: Asset Security

This domain is important and focuses on securing the assets, issues regarding management of the data, and on ownership of the required information. This domain consists of the know-how of the privacy concerns, the limits of use, and the different roles of data processing (owner, processor, etc.).

Domain 3: Security Architecture and Engineering

This domain is focused on the application of the principles in the Information Security architectural design and has a wide range of scope. It covers the various vital points and concepts used in information security; such as database security, clouds, crypto, and vulnerabilities. Applicants and mainly tested on the security engineering models, processes, and design principles.

Domain 4: Communications and Network Security

This domain is focused on designing, protecting the network’s security, and creating secure communication channels. Applicants will be tested on the various characteristics of communication protocols, network architecture, routing and wireless transmissions, and segmentations.

Domain 5: Identity and Access Management

This domain focuses on controlling the different ways users attain access to information and data and on ways of identifying who has rights to access information and servers. It includes multi-factor authentication, credentials, rule-based or role-based access control, proofing, DAC, and MAC.

Domain 6: Security Assessment and Testing

This domain focuses on analyzing, designing, and performing security testing. It includes the tools and techniques to assess the security of the systems and discovering errors in coding or design, vulnerabilities, weaknesses. Furthermore, covering business continuity plans, disaster recovery, and awareness training for users.

Domain 7: Security Operations

This domain focuses on foundational concepts, incident management, investigations, and disaster recovery. It covers digital forensic and investigations to invasion prevention and detection tools, sandboxing, and firewalls.

Domain 8: Software Development Security

This domain focuses on understanding, applying, and enforcing software security. It focuses on implementing security controls on the software within the environment, risk analysis, auditing, and identifying vulnerabilities in source codes.


Please enter your comment!
Please enter your name here