The CISSP Exam Update and Eight Domain Rewrite for 2015

For individuals considering the (ISC)² CISSP exam, you need to be aware of a major update that will go into effect April 1, 2015.  Gone are the ten domains that have been with us for many years. Here are the current ten domains.

1. Operations security

2. Telecommunications and network security

3. Information security governance and risk management

4. Software development security

5. Cryptography

6. Security architecture and design

7. Access control

8. Business continuity and disaster recovery planning

9. Legal, regulations, investigations and compliance

10. Physical (environmental) security

According to the ISC2 website, “refreshed technical content has been added to the Official (ISC)² CISSP CBK to reflect the most current topics in the information security industry today.” These changes include reordering the domains and reducing the current ten domains to eight.  Listed below are the eight CISSP domains:

1. Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity)

2. Asset Security (Protecting Security of Assets)

3. Security Engineering (Engineering and Management of Security)

4. Communications and Network Security (Designing and Protecting Network Security)

5. Identity and Access Management (Controlling Access and Managing Identity)

6. Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)

7. Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery)

8. Software Development Security (Understanding, Applying, and Enforcing Software Security)

Exam candidates have been asking what they should they do, keep studying or wait for the new exam? Keep studying! IT/cyber security has not changed overnight.  It’s more of a steady evolution.  While the topics are being reorganized, everything you have or are learning will still be relevant. Over the next few days and weeks, I will be comparing the current ten domains to the new 8 domains where I can get started on the update to the CISSP Exam Cram. I will post more about these changes to the new April 15, 2015 version of the CISSP exam. Stay tuned…

This entry was posted in Cyber security, IT and Computer Security, Training and Education and tagged , , , . Bookmark the permalink.

Comments are closed.