CISSP Exam Syllabus

CISSP PDF, CISSP Dumps, CISSP VCE, Information Systems Security Professional Questions PDF, ISC2 Information Systems Security Professional VCEUse this quick start guide to collect all the information about ISC2 CISSP Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the ISC2 Information Systems Security Professional (CISSP) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual ISC2 Certified Information Systems Security Professional (CISSP) certification exam.

The ISC2 CISSP certification is mainly targeted to those candidates who want to build their career in Cybersecurity domain. The ISC2 Certified Information Systems Security Professional (CISSP) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of ISC2 CISSP.

ISC2 CISSP Exam Summary:

Exam Name ISC2 Certified Information Systems Security Professional (CISSP)
Exam Code CISSP
Exam Price $599 (USD)
Duration 360 mins
Number of Questions 250
Passing Score 700/1000
Schedule Exam Pearson VUE
Sample Questions ISC2 CISSP Sample Questions
Practice Exam ISC2 CISSP Certification Practice Exam
 

ISC2 CISSP Exam Syllabus Topics:

Topic Details Weights
Security and Risk Management - Confidentiality, integrity and availability concepts
- Security governance principles
- Compliance
- Legal and regulatory issues
- Professional ethics
- Security policies, standards, procedures and guidelines
16%
Asset Security - Information and asset classification
- Ownership (e.g., data owners, system owners)
- Protect privacy
- Appropriate retention
- Data security controls
- Handling requirements (e.g., markings, labels, storage)
10%
Security Engineering - Engineering processes using secure design principles
- Fundamental concepts of security models
- Security evaluation models
- Security capabilities of information systems
- Security architectures, designs and solution elements vulnerabilities
- Web-based systems vulnerabilities
- Mobile systems vulnerabilities
- Embedded devices and cyber-physical systems vulnerabilities
- Cryptography
- Site and facility design secure principles
- Physical security
12%
Communication and Network Security - Secure network architecture design (e.g., IP & non-IP protocols, segmentation)
- Secure network components
- Secure communication channels
- Network attacks
12%
Identity and Access Management - Physical and logical assets control
- Identification and authentication of people and devices
- Identity as a service (e.g., cloud identity)
- Third-party identity services (e.g., on-premise)
- Access control attacks
- Identity and access provisioning lifecycle (e.g., provisioning review)
13%
Security Assessment and Testing - Assessment and test strategies
- Security process data (e.g., management and operational controls)
- Security control testing
- Test outputs (e.g., automated, manual)
- Security architecture vulnerabilities
11%
Security Operations - Investigations support and requirements
- Logging and monitoring activities
- Provisioning of resources
- Foundational security operations concepts
- Resource protection techniques
- Incident management
- Preventative measures
- Patch and vulnerability management
- Change management processes
- Recovery strategies
- Disaster recovery processes and plans
- Business continuity planning and exercises
- Physical security
- Personnel safety concerns
16%
Software Development Security - Security in the software development lifecycle
- Development environment security controls
- Software security effectiveness
- Acquired software security impact
10%

To ensure success in ISC2 CISSP certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for Information Systems Security Professional (CISSP) exam.

Rating: 4.8 / 5 (42 votes)