CISSP Domain-1 Security and Risk Management
Certified Information System Security Professional (CISSP) is a vendor-neutral certification hosted by International Information System Security Certification Consortium aka (ISC)², a non-portable organization dedicated to its vision of inspiring a safe and secure cyber world.
Why Do CISSP?
- CISSP Provides holistic knowledge about security. All 8 domains of Security ensure that the candidate is well versed with all aspects of security which includes:
- Security Governance and Risk Management
- Asset Security
- Security Engineering
- Network and communication security
- Identity and Access Management
- Security Testing and Evaluation
- Security Operations
- Software Development Security
- CISSP Certified employees are seen with respect in the IT Security industry. Thanks to (ISC)2 to maintain such a high reputation for this certification. This has been possible since there is no shortcut for passing CISSP. The standards set by (ISC)2 ensures that only those who understand the parlance can pass the certification.
- Another fact is that CISSP is accredited by the US Department of Defence (DoD). Any company who wants to engage with the Federal government, need to show up that it has enough CISSP certified candidates to perform security-related tasks
- As per the salary surveys, CISSP certified candidates are paid higher than others. The variation keeps on changing, however, on an average, a CISSP Candidate is paid ~30% higher than others
- Businesses are looking for those professionals who know security technological know-how and understands the business aspect. This helps align Security with Corporate governance. We must understand that IT is a supporting function to Business Vision, Mission and Objectives.
- CISSP Candidates understand the security requirements and Business perspective better to assist senior management in taking risk-based decisions by providing effective recommendations.
What is required to do CISSP?
Truly speaking, there is no foundation to do CISSP. Technically speaking there are two streams to get your CISSP certification:
- Eligibility 1: One option is designed for those who are experienced in security management ie. Having 5 years of experience in any two CISSP Domains.
- Eligibility 2: Those who wish to do CISSP but do not have the required experience. Nothing to lose heart, it’s good if you understand security in your early days of career. Those who do not have required experience can also appear for the CISSP exam. They will be designated as Associates of (ISC)2. They will not be awarded CISSP Certification, but they are well authorized to mention in their resume that they are Associate of ISC after passing CISSP Certification. Believe me, your employer with highly respect that. As you keep moving into security, you can keep registering your experience with (ISC)2, once you register the requisite experience, you will be awarded CISSP Certification. So why to wait??
- You may also obtain a One-year waiver on experience if you have a four years engineering degree or equivalent. For more details please visit (ISC)2 website
How to Prepare for CISSP:
You need to refer the below study material
- (ISC)2 A common body of Knowledge (CBK)
- (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide 8th Edition
- CISSP Official (ISC)2 Practice Tests 2nd Edition
- Other reference material is also available. The above material is the minimum required. You may google them around easily
How to Study for CISSP:
- It is highly recommended to go for a CISSP classroom / online training, which will help you have an overall understanding of the subjects and you will be able to easily grasp the concepts from the books, which are usually dry. Take CISSP training from Cybernous and our highly qualified instructors will guide you to the best. One advantage of getting trained with Cybernous is that we assist you with lots of exam material, study plan and support until you pass your CISSP. Thousands of students have benefited from this training. You may refer to a few of them in the reviews section. Get in touch with us for more details and discounts
- If you are searching for t
he best study plan to pass CISSP, we are the best in trade to assist you in your endeavour.
- There is no shortcut to success, however, we can help you to make your journey really easy with Best in class Training, customized study plan and assisting you with lots of notes along with the best support until you pass your CISSP.
Please read our How to Pass CISSP tip and Tricks for more details
- Lectures 30
- Quizzes 0
- Duration 100 hours
- Skill level All level
- Language English
- Students 87
- Assessments Yes
Domain-1 (Security and Risk Management)
CISSP Domain 1 is the foundation of CISSP. This domain helps you understand the bigger picture of Cybersecurity Risk Management and Governance
- Introduction to Domain 1
- Fundamental Security Concepts
- Understanding Security Governance
- Security and Organizational Process
- Roles and Responisbilities & Due Care
- Security Frameworks
- COSO Enterprise Framework
- Zachman Enterprise Architecture Framework
- SABSA Framework
- Control Objectives for Information and Related Technologies (COBIT)
- ISO 27000 Series of Standards
- NIST Cybersecurity and Risk Management Frameworks
- ITIL, CMMI and CSA Star Frameworks
- PCI DSS Framework
- Quick Summary
- Legal and Regulatory issues in Global Context
- Import Export Regulation
- US Specific Cyber Laws
- Privacy in Global Context
- Intellectual Property Law
- Understanding Policies, Standards, Procedures and Guidelines
- (ISC)2 Code of Ethics
- Risk Management
- Risk Management – Mind map
- Threat Modelling
- Supply Chain Security
- Personnel Security Policies
- Security Awareness
- Business Continuity and Disaster Recovery Part-1
- Business Continuity and Disaster Recovery Part-2