CISSP Domain 5 Changes - 2018 vs 2015


Domain 5 also sees a very limited change in terms of the new exam outline.

2015 Exam Outline
2018 Exam Outline
Control physical and logical access to assets 
  • Information
  • Systems
  • Devices
  • Facilities

Control physical and logical access to assets 
  • Information
  • Systems
  • Devices
  • Facilities

# No Change
Manage identification and authentication of people and services
  • Identity management implementation
  • Single/multi-factor authentication
  • Accountability
  • Session management
  • Registration and proofing of identity
  • Federated Identity Management (FIM)
  • Credential management systems

Manage identification and authentication of people, devices, and services
  • Identity management implementation
  • Single/multi-factor authentication
  • Accountability
  • Session management
  • Registration and proofing of identity
  • Federated Identity Management (FIM)
  • Credential management systems

 # No Change
Integrate Identity as a service (e.g., cloud identity)
&
Integrate third-party identity services (e.g., on premised)
Integrate identity as a third-party service
  • On-premise
  • Cloud
  • Federated

# No Change. Combined the two points into one.
Implement and manage authorization mechanisms
  • Role Based Access Control (RBAC)
  • Rule-based access control
  • Mandatory Access Control (MAC)
  • Discretionary Access Control (DAC)

Implement and manage authorization mechanisms
  • Role Based Access Control (RBAC)
  • Rule-based access control
  • Mandatory Access Control (MAC)
  • Discretionary Access Control (DAC)
  • Attribute Based Access Control (ABAC)

# Added a new type of access control.
Prevent or Mitigate access control attacks


#Removed
Manage the identity and access provisioning lifecycle

Manage the identity and access provisioning lifecycle
  • User access review
  • System account access review
  • Provisioning and Deprovisioning

# No Change

Comments

You may also like to read...

How to Pass the CISSP Exam in First Attempt

The CISSP CAT Exam Experience

How to Pass SSCP Exam in the First Attempt