Re: Information security Domains

mianwaseemabbas · ‎09-26-2019

Can anyone on in this community direct me to a set of Information Security domain what are these domain please anyone suggest its title

mgorman · ‎09-26-2019

The domains are the areas of knowledge considered for the various certifications, so they are different, depending on what cert you are looking at. For CISSP, you should look at the general info to get started, it will lead you to the domains. If you are looking for a different cert, just search that one on the ISC2 page, and you'll find the same sort of information.

https://www.isc2.org/Certifications/CISSP

Chuxing · ‎09-26-2019

Domain 1: Security and Risk Management

Domain 2: Asset Security

Domain 3: Security Architecture and Engineering

Domain 4: Communication and Network Security

Domain 5: Identity and Access Management (IAM)

Domain 6: Security Assessment and Testing

Domain 7: Security Operations

Domain 8: Software Development Security

____________________________________
Chuxing Chen, Ph.D., CISSP, PMP

Tariq · ‎09-27-2019

Can any one answer me for yhis question please?
Can I choose two domains for the CISSP exam? Or do i have to take the exam for all of them?
The reason i am asking is because it says you should profession two domains! But i doesn't say hiw is it done in the exam!

mgorman · ‎09-27-2019

The exam covers all 10. The CISSP is a very broad certification, intending to certify that you have a broad knowledge of the entirety of Information Security. If that is daunting (and it is), you might look at ISC2 specialties, like Cloud, Software (CCSP, CSSLP), etc. to narrow the focus of what you would be tested on. Or start with certs from other vendors, like Security+, which are lower level. CISSP is regarded as the highest, or one of the few highest, overall, cybersecurity certs out there. It does take a considerable amount of knowledge, some of which, you can be almost guaranteed, you have not seen professionally. The requirement you point out for two domains is the experience requirement. You must have a verifiable amount of experience in at least 2 of the 10 domains, as well as pass the exam on all 10.

Tariq · ‎09-27-2019

Thank you for your comprehensive answer.

AlecTrevelyan · ‎09-28-2019

@mgorman wrote:
The exam covers all 10. The CISSP is a very broad certification, intending to certify that you have a broad knowledge of the entirety of Information Security. If that is daunting (and it is), you might look at ISC2 specialties, like Cloud, Software (CCSP, CSSLP), etc. to narrow the focus of what you would be tested on. Or start with certs from other vendors, like Security+, which are lower level. CISSP is regarded as the highest, or one of the few highest, overall, cybersecurity certs out there. It does take a considerable amount of knowledge, some of which, you can be almost guaranteed, you have not seen professionally. The requirement you point out for two domains is the experience requirement. You must have a verifiable amount of experience in at least 2 of the 10 domains, as well as pass the exam on all 10.

The CISSP curriculum was consolidated from 10 domains down to 8 mid 2015 - the 8 current domains were posted above.

mianwaseemabbas · ‎09-28-2019

Thank you chuxing and all others i got great help from your answer.

Chuxing · ‎09-28-2019

@mianwaseemabbas @Tariq

There are tons of posts here in this forum, describing personal exam prep experiences.

In my view, the most important first step is to perform a thorough self assessment on your knowledge and experiences against the domains, figuring out your strengths and weaknesses. This assignment should provide you the basis for exam preparation planning.

Best,

____________________________________
Chuxing Chen, Ph.D., CISSP, PMP

AmmarHasayen · ‎10-01-2019

CISSP domains are the objectives covered in the exam and each domain gets a share of questions in the exam. Have a look at this https://blog.ahasayen.com/cissp-exam-day/