CISSP Domains

Description

Mind map of CISSP Domains.
Sara Talbott
Mind Map by Sara Talbott, updated more than 1 year ago More Less
pikeje
Created by pikeje about 10 years ago
Sara Talbott
Copied by Sara Talbott over 7 years ago
8
0

Resource summary

CISSP Domains
  1. Domain 1: Access Control
    1. Concepts/methodologies/techniques
      1. Effectiveness
        1. Attacks
        2. Domain 2: Telecommunications and Network Security
          1. Network architecture and design
            1. Communication channels
              1. Network components
                1. Network attacks
                2. Domain 3: Information Security Governance and Risk Management
                  1. Security governance and policy
                    1. Information classification/ownership
                      1. Contractual agreements and procurement processes
                        1. Risk management concepts
                          1. Personnel security
                            1. Security education, training and awareness
                              1. Certification and accreditation
                              2. Domain 4: Software Development Security
                                1. Systems development life cycle (SDLC)
                                  1. Application environment and security controls
                                    1. Effectiveness of application security
                                    2. Domain 5: Cryptography
                                      1. Encryption concepts
                                        1. Digital signatures
                                          1. Cryptanalytic attacks
                                            1. Public Key Infrastructure (PKI)
                                              1. Information hiding alternatives
                                              2. Domain 6: Security Architecture and Design
                                                1. Fundamental concepts of security models
                                                  1. Capabilities of information systems (e.g. memory protection, virtualization)
                                                    1. Countermeasure principles
                                                      1. Vulnerabilities and threats (e.g. cloud computing, aggregation, data flow control)
                                                      2. Domain 7: Operations Security
                                                        1. Resource protection
                                                          1. Incident response
                                                            1. Attack prevention and response
                                                              1. Patch and vulnerability management
                                                              2. Domain 8: Business Continuity and Disaster Recovery Planning
                                                                1. Business impact analysis
                                                                  1. Recovery strategy
                                                                    1. Disaster recovery process
                                                                      1. Provide training
                                                                      2. Domain 9: Legal, Regulations, Investigations and Compliance
                                                                        1. Legal issues
                                                                          1. Investigations
                                                                            1. Forensic procedures
                                                                              1. Compliance requirements/procedures
                                                                              2. Domain 10: Physical (Environmental) Security
                                                                                1. Site/facility design considerations
                                                                                  1. Perimeter security
                                                                                    1. Internal security
                                                                                      1. Facilities security
                                                                                      Show full summary Hide full summary

                                                                                      Similar

                                                                                      CCNA Security 210-260 IINS - Exam 3
                                                                                      Mike M
                                                                                      Application of technology in learning
                                                                                      Jeff Wall
                                                                                      CCNA Security Final Exam
                                                                                      Maikel Degrande
                                                                                      Innovative Uses of Technology
                                                                                      John Marttila
                                                                                      Ch1 - The nature of IT Projects
                                                                                      mauricio5509
                                                                                      The Internet
                                                                                      Gee_0599
                                                                                      CCNA Answers – CCNA Exam
                                                                                      Abdul Demir
                                                                                      SQL Quiz
                                                                                      R M
                                                                                      Security Guard Training
                                                                                      Summit College
                                                                                      ISACA CISM Exam Glossary
                                                                                      Fred Jones
                                                                                      Professional, Legal, and Ethical Issues in Information Security
                                                                                      mfundo.falteni