Monday, April 30, 2018

CISSP Domain 7 Changes - 2018 vs 2015



As you will see below, there is almost no change in content for this domain. Subjects such as Industry Standards, Asset management, and Duress have been added.

2015 Exam Outline
2018 Exam Outline
Understand and support investigations
  • Evidence collection and handling
  • Reporting and documenting
  • Investigative techniques
  • Digital forensics

Understand and support investigations
  • Evidence collection and handling
  • Reporting and documentation
  • Investigative techniques
  • Digital forensics tools, tactics, and procedures
#No Change
Understand requirements for investigation types
  • Operational
  • Criminal
  • Civil
  • Regulatory
  • Electronic Discovery

Understand requirements for investigation types
  • Administrative
  • Criminal
  • Civil
  • Regulatory
  • Industry standards
#No Change. Removal of e-discovery.
Conduct logging and monitoring activities
  • Intrusion detection and prevention
  • Security Information and Event Management (SIEM)
  • Continuous monitoring
  • Egress monitoring

Conduct logging and monitoring activities
  • Intrusion detection and prevention
  • Security Information and Event Management (SIEM)
  • Continuous monitoring
  • Egress monitoring
#No Change
Securely provisioning resources
  • Asset inventory
  • Configuration management
  • Physical Assets
  • Virtual Assets
  • Cloud Assets
  • Applications

Securely provisioning resources
  • Asset inventory
  • Asset management
  • Configuration management

#Limited Changes. Consolidation of resources under one subheading.
Understand and apply foundational security operations concepts
  • Need-to-know/least privileges
  • Separation of duties and responsibilities
  • Monitor special privileges.
  • Job rotation
  • Information lifecycle
  • Service Level Agreements (SLA)

Understand and apply foundational security operations concepts
  • Need-to-know/least privileges
  • Separation of duties and responsibilities
  • Privileged account management
  • Job rotation
  • Information lifecycle
  • Service Level Agreements (SLA)
#No Change
Employ resource protection techniques
  • Media management
  • Hardware and software asset management

Apply resource protection techniques
  • Media management
  • Hardware and software asset management
#No Change
Conduct incident management
  • Detection
  • Response
  • Mitigation
  • Reporting
  • Recovery
  • Remediation
  • Lessons learned

Conduct incident management
  • Detection
  • Response
  • Mitigation
  • Reporting
  • Recovery
  • Remediation
  • Lessons learned
#No Change
Operate and maintain preventative measures

  • Firewalls
  • Intrusion detection and prevention systems
  • Whitelisting/blacklisting
  • Third-party security services
  • Sandboxing
  • Honeypots/honeynets
  • Anti-malware

Operate and maintain detective and preventative measures
  • Firewalls
  • Intrusion detection and prevention systems
  • Whitelisting/blacklisting
  • Third-party provided security services
  • Sandboxing
  • Honeypots/honeynets
  • Anti-malware
#No Change
Implement and support patch and vulnerability management
Implement and support patch and vulnerability management
#No Change
Participate in and understand change management processes
Understand and participate in change management processes
#No Change
Implement recovery strategies
  • Backup storage strategies
  • Recovery site strategies
  • Multiple processing sites
  • System resilience, high availability, Quality of Service (QoS), and fault tolerance

Implement recovery strategies
  • Backup storage strategies
  • Recovery site strategies
  • Multiple processing sites
  • System resilience, high availability, Quality of Service (QoS), and fault tolerance
#No Change
Implement Disaster Recovery (DR) processes
  • Response
  • Personnel
  • Communications
  • Assessment
  • Restoration
  • Training and awareness

Implement Disaster Recovery (DR) processes
  • Response
  • Personnel
  • Communications
  • Assessment
  • Restoration
  • Training and awareness
#No Change
Test Disaster Recovery Plans (DRP)
  • Read-through/tabletop
  • Walkthrough
  • Simulation
  • Parallel
  • Full interruption

Test Disaster Recovery Plans (DRP)
  • Read-through/tabletop
  • Walkthrough
  • Simulation
  • Parallel
  • Full interruption
#No Change
Participate in Business Continuity (BC) planning and exercises
Participate in Business Continuity (BC) planning and exercises
#No Change
Implement and manage physical security
  • Perimeter security controls
  • Internal security controls

Implement and manage physical security
  • Perimeter security controls
  • Internal security controls
#No Change
Participate in addressing personnel safety concerns
Address personnel safety and security concerns
  • Travel
  • Security training and awareness
  • Emergency management
  • Duress
#Limited Change

No comments: