What does the CISSP certification cover?
The ISC2 Certified Information Systems Security Professional (CISSP) is an advanced-level certification designed for information security professionals.
As a CISSP, you’ll be an expert in developing, guiding, and managing security standards, policies, and procedures within your organisation.
CISSP is divided into 10 areas, also referred to as domains, known collectively as the Common Body of Knowledge (CBK).
Here’s what you’ll be covering in those domains, during your CISSP training:
1. Access Control
You’ll learn about concepts, methodologies and techniques to protect the assets of your systems against attacks.
2. Telecommunications & Network Security
This domain focuses on network structures, its components and methods to keep them safe. It also covers transport methods, communication channels and network security measures.
3. Information Security Governance & Risk Management
In this domain, you’ll learn how identify your organisation’s information assets. In addition, you’ll gain understanding of the development, documentation and implementation of policies, procedures and standards regarding:
- Security governance and policy
- Information classification and ownership
- Contractual agreements and procurement processes
- Risk management concepts
- Personnel security
- Security education, training and awareness
- Certification and accreditation
4. Software Development Security
It teaches you about the controls that are included within systems and applications software, and the steps used in their development.
5. Cryptography
The Cryptography domain teaches you about encryption concepts, cryptanalytic attacks, as well as other principles, means and methods of disguising information.
6. Security Architecture & Design
This domain contains the concepts, structures, principles and standards used to design, implement, monitor, and secure, operating systems, equipment, applications and networks.
7. Security Operations
You’ll learn about controls over hardware, media and the operators with access privileges to:
- Resource protection
- Incident response
- Attack prevention and response
- Patch and vulnerability management
8. Business Continuity & Disaster Recovery Planning
If the worst happens to your organisation, you’ll need to react quickly, in order to recover as quickly as possible. In this domain, you’ll learn about recovery strategies, business impact analysis and disaster recovery processes.
9. Legal, Regulations, Investigations and Compliance
This domain addresses computer crime laws and regulations; the investigative measures and techniques which can be used to determine if a crime has been committed and methods to gather evidence.
10. Physical (Environmental) Security
The last domain covers threats and vulnerabilities, and provides preventive measures, that can be used to physically protect an enterprise’s sensitive information. You’ll learn about:
- Site/facility design considerations
- Perimeter security
- Internal security
- Facilities security
Get CISSP-certified with Firebrand
For the past twelve years in a row, we’ve been named one of the Top 20 IT Training Companies in the World.
We offer accelerated courses, training solutions, and Apprenticeships to develop core IT skills.
Could one of them be right for you?