Monday, April 30, 2018

CISSP Domain 7 Changes - 2018 vs 2015



As you will see below, there is almost no change in content for this domain. Subjects such as Industry Standards, Asset management, and Duress have been added.

2015 Exam Outline
2018 Exam Outline
Understand and support investigations
  • Evidence collection and handling
  • Reporting and documenting
  • Investigative techniques
  • Digital forensics

Understand and support investigations
  • Evidence collection and handling
  • Reporting and documentation
  • Investigative techniques
  • Digital forensics tools, tactics, and procedures
#No Change
Understand requirements for investigation types
  • Operational
  • Criminal
  • Civil
  • Regulatory
  • Electronic Discovery

Understand requirements for investigation types
  • Administrative
  • Criminal
  • Civil
  • Regulatory
  • Industry standards
#No Change. Removal of e-discovery.
Conduct logging and monitoring activities
  • Intrusion detection and prevention
  • Security Information and Event Management (SIEM)
  • Continuous monitoring
  • Egress monitoring

Conduct logging and monitoring activities
  • Intrusion detection and prevention
  • Security Information and Event Management (SIEM)
  • Continuous monitoring
  • Egress monitoring
#No Change
Securely provisioning resources
  • Asset inventory
  • Configuration management
  • Physical Assets
  • Virtual Assets
  • Cloud Assets
  • Applications

Securely provisioning resources
  • Asset inventory
  • Asset management
  • Configuration management

#Limited Changes. Consolidation of resources under one subheading.
Understand and apply foundational security operations concepts
  • Need-to-know/least privileges
  • Separation of duties and responsibilities
  • Monitor special privileges.
  • Job rotation
  • Information lifecycle
  • Service Level Agreements (SLA)

Understand and apply foundational security operations concepts
  • Need-to-know/least privileges
  • Separation of duties and responsibilities
  • Privileged account management
  • Job rotation
  • Information lifecycle
  • Service Level Agreements (SLA)
#No Change
Employ resource protection techniques
  • Media management
  • Hardware and software asset management

Apply resource protection techniques
  • Media management
  • Hardware and software asset management
#No Change
Conduct incident management
  • Detection
  • Response
  • Mitigation
  • Reporting
  • Recovery
  • Remediation
  • Lessons learned

Conduct incident management
  • Detection
  • Response
  • Mitigation
  • Reporting
  • Recovery
  • Remediation
  • Lessons learned
#No Change
Operate and maintain preventative measures

  • Firewalls
  • Intrusion detection and prevention systems
  • Whitelisting/blacklisting
  • Third-party security services
  • Sandboxing
  • Honeypots/honeynets
  • Anti-malware

Operate and maintain detective and preventative measures
  • Firewalls
  • Intrusion detection and prevention systems
  • Whitelisting/blacklisting
  • Third-party provided security services
  • Sandboxing
  • Honeypots/honeynets
  • Anti-malware
#No Change
Implement and support patch and vulnerability management
Implement and support patch and vulnerability management
#No Change
Participate in and understand change management processes
Understand and participate in change management processes
#No Change
Implement recovery strategies
  • Backup storage strategies
  • Recovery site strategies
  • Multiple processing sites
  • System resilience, high availability, Quality of Service (QoS), and fault tolerance

Implement recovery strategies
  • Backup storage strategies
  • Recovery site strategies
  • Multiple processing sites
  • System resilience, high availability, Quality of Service (QoS), and fault tolerance
#No Change
Implement Disaster Recovery (DR) processes
  • Response
  • Personnel
  • Communications
  • Assessment
  • Restoration
  • Training and awareness

Implement Disaster Recovery (DR) processes
  • Response
  • Personnel
  • Communications
  • Assessment
  • Restoration
  • Training and awareness
#No Change
Test Disaster Recovery Plans (DRP)
  • Read-through/tabletop
  • Walkthrough
  • Simulation
  • Parallel
  • Full interruption

Test Disaster Recovery Plans (DRP)
  • Read-through/tabletop
  • Walkthrough
  • Simulation
  • Parallel
  • Full interruption
#No Change
Participate in Business Continuity (BC) planning and exercises
Participate in Business Continuity (BC) planning and exercises
#No Change
Implement and manage physical security
  • Perimeter security controls
  • Internal security controls

Implement and manage physical security
  • Perimeter security controls
  • Internal security controls
#No Change
Participate in addressing personnel safety concerns
Address personnel safety and security concerns
  • Travel
  • Security training and awareness
  • Emergency management
  • Duress
#Limited Change

Wednesday, April 25, 2018

CISSP Domain 6 Changes - 2018 vs 2015



Overall Result: Extremely Minor Changes

2015 Exam Outline
2018 Exam Outline
Design and validate assessment and test strategies

Design and validate assessment, test, and audit strategies
  • Internal
  • External
  • Third-party

 #Minor Change
Conduct security control testing
  • Vulnerability assessment
  • Penetration testing
  • Log reviews
  • Synthetic transactions
  • Code review and testing
  • Misuse case testing
  • Test coverage analysis
  • Interface testing

Conduct security control testing
  • Vulnerability assessment
  • Penetration testing
  • Log reviews
  • Synthetic transactions
  • Code review and testing
  • Misuse case testing
  • Test coverage analysis
  • Interface testing

 #No Change
Collect security process data (e.g., management and operational)
  • Account management
  • Management review
  • Key performance and risk indicators
  • Backup verification data
  • Training and awareness
  • Disaster Recovery (DR) and Business Continuity (BC)

Collect security process data (e.g., technical and administrative)
  • Account management
  • Management review and approval
  • Key performance and risk indicators
  • Backup verification data
  • Training and awareness
  • Disaster Recovery (DR) and Business Continuity (BC)
 #No Change
Analyze test output and generate report
Analyze test output and generate report

#No Change
Conduct or facilitate security audits

Conduct or facilitate security audits
  • Internal
  • External
  • Third-party
#Minor Change

Tuesday, April 24, 2018

CISSP Domain 5 Changes - 2018 vs 2015


Domain 5 also sees a very limited change in terms of the new exam outline.

2015 Exam Outline
2018 Exam Outline
Control physical and logical access to assets 
  • Information
  • Systems
  • Devices
  • Facilities

Control physical and logical access to assets 
  • Information
  • Systems
  • Devices
  • Facilities

# No Change
Manage identification and authentication of people and services
  • Identity management implementation
  • Single/multi-factor authentication
  • Accountability
  • Session management
  • Registration and proofing of identity
  • Federated Identity Management (FIM)
  • Credential management systems

Manage identification and authentication of people, devices, and services
  • Identity management implementation
  • Single/multi-factor authentication
  • Accountability
  • Session management
  • Registration and proofing of identity
  • Federated Identity Management (FIM)
  • Credential management systems

 # No Change
Integrate Identity as a service (e.g., cloud identity)
&
Integrate third-party identity services (e.g., on premised)
Integrate identity as a third-party service
  • On-premise
  • Cloud
  • Federated

# No Change. Combined the two points into one.
Implement and manage authorization mechanisms
  • Role Based Access Control (RBAC)
  • Rule-based access control
  • Mandatory Access Control (MAC)
  • Discretionary Access Control (DAC)

Implement and manage authorization mechanisms
  • Role Based Access Control (RBAC)
  • Rule-based access control
  • Mandatory Access Control (MAC)
  • Discretionary Access Control (DAC)
  • Attribute Based Access Control (ABAC)

# Added a new type of access control.
Prevent or Mitigate access control attacks


#Removed
Manage the identity and access provisioning lifecycle

Manage the identity and access provisioning lifecycle
  • User access review
  • System account access review
  • Provisioning and Deprovisioning

# No Change

Monday, April 23, 2018

CISSP Domain 4 Changes - 2018 vs 2015

Here too, the changes are extremely limited. The only major change is the removal of the topic "Prevent and Mitigate network attacks" from the new outline.

Overall Change: Limited Change

2015 Exam Outline
2018 Exam Outline
Apply secure design principle to network architecture
  • Open System Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) models
  • Internet Protocol (IP) networking
  • Implications of multilayer protocols
  • Converged protocols
  • Software-defined networks
  • Wireless networks
  • Cryptography used to maintain communication security

Implement secure design principles in network architectures
  • Open System Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) models
  • Internet Protocol (IP) networking
  • Implications of multilayer protocols
  • Converged protocols
  • Software-defined networks
  • Wireless networks


# Limited Change. Removal of Cryptography.
Secure network components
  • Operation of hardware
  • Transmission media
  • Network Access Control (NAC) devices
  • Endpoint security
  • Content-distribution networks
  • Physical Devices

Secure network components
  • Operation of hardware
  • Transmission media
  • Network Access Control (NAC) devices
  • Endpoint security
  • Content-distribution networks


# Limited Change. Removal of Physical Devices.
Design and establish secure communication channels

  • Voice
  • Multimedia collaboration
  • Remote access
  • Data communications
  • Virtualized networks

Implement secure communication channels according to design
  • Voice
  • Multimedia collaboration
  • Remote access
  • Data communications
  • Virtualized networks

#No Change
Prevent and Mitigate network attacks
#Removed

Sunday, April 22, 2018

CISSP Domain 3 Changes - 2018 vs 2015


When a comparison is done between the two exam outlines the overall result, in this case, would also be  Extremely Limited.

The topics have just been moved here and there which hardly signifies any change.

2015 Exam Outline
2018 Exam Outline
Implement and manage engineering processes using secure design principles
Implement and manage engineering processes using secure design principles
Understand the fundamental concepts of security models (confidentiality, integrity )
Understand the fundamental concepts of security models
Select controls and countermeasures based upon systems security evaluation models
Select controls based upon systems security requirements
Understand security capabilities of information systems (e.g., memory protection, trusted platform module, interfaces, fault tolerance)
Understand security capabilities of information systems (e.g., memory protection, Trusted Platform Module (TPM), encryption/decryption)

# No Change in all of the above.
Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
  • Client-based (applets, local caches)
  • Server-based (data flow control)
  • Database security (inference, aggregation)
  • Large Scale Parallel Data Systems
  • Distributed systems
  • Cryptographic systems
  • Industrial Control Systems

Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
  • Client-based systems
  • Server-based systems
  • Database systems
  • Cryptographic Systems
  • Industrial Control Systems (ICS)
  • Cloud-based systems
  • Distributed systems
  • Internet of Things (IoT)


#Removed Large-Scale Parallel Data Systems. Added Cloud-based systems & Internet of Things. (Most books cover these topics, hence the limited change. IoT was covered under embedded devices topic in 2015 outline)
Assess and mitigate vulnerabilities in web-based systems
Assess and mitigate vulnerabilities in web-based systems

# No Change
Assess and mitigate vulnerabilities in mobile systems
Assess and mitigate vulnerabilities in mobile systems

# No Change
Assess and mitigate vulnerabilities in embedded devices and cyber-physical systems (e.g., network-enabled devices, internet of things (IoT)
Assess and mitigate vulnerabilities in embedded devices
# No change. However, CISSP CBK may throw a surprise here.
Apply cryptography
  • Cryptographic life cycle (e.g., cryptographic limitations, algorithm/protocol governance)
  • Cryptographic Types (e.g., symmetric, asymmetric, elliptic curves)
  • Public Key Infrastructure (PKI)
  • Key management practices
  • Digital signatures
  • Digital Rights Management (DRM)
  • Non-repudiation
  • Integrity (hashing and salting)
  • Methods of Cryptanalytic attacks (e.g., brute  force, ciphertext only, known plaintext)

Apply cryptography
  • Cryptographic life cycle (e.g., key management, algorithm selection)
  • Cryptographic methods (e.g., symmetric, asymmetric, elliptic curves)
  • Public Key Infrastructure (PKI)
  • Key management practices
  • Digital signatures
  • Non-repudiation
  • Integrity (e.g., hashing)
  • Understand methods of cryptanalytic attacks
  • Digital Rights Management (DRM)


# No Change
Apply secure principles to the site and facility design
Apply security principles to the site and facility design

# No Change
Design and Implement physical security
  • Wiring closets
  • Server rooms
  • Media storage facilities
  • Evidence storage
  • Restricted and work area security
  • Data center security
  • Utilities and HVAC considerations
  • Water issues (e.g. leakage, flooding)
  • Fire prevention, detection, and suppression

Implement site and facility security controls
  • Wiring closets/intermediate distribution facilities
  • Server rooms/data centers
  • Media storage facilities
  • Evidence storage
  • Restricted and work area security
  • Utilities and Heating, Ventilation, and Air Conditioning (HVAC)
  • Environmental issues
  • Fire prevention, detection, and suppression

# No Change