Posts

CISSP Domain 5 Changes - 2018 vs 2015

Image
Domain 5 also sees a very limited change in terms of the new exam outline. 2015 Exam Outline 2018 Exam Outline Control physical and logical access to assets   Information Systems Devices Facilities Control physical and logical access to assets   Information Systems Devices Facilities # No Change Manage identification and authentication of people and services Identity management implementation Single/multi-factor authentication Accountability Session management Registration and proofing of identity Federated Identity Management (FIM) Credential management systems Manage identification and authentication of people, devices , and services Identity management implementation Single/multi-factor authentication Accountability Session management Registration and proofing of identity Federated Identity Management (FIM) Credential management systems   # No

CISSP Domain 4 Changes - 2018 vs 2015

Image
Here too, the changes are extremely limited. The only major change is the removal of the topic "Prevent and Mitigate network attacks" from the new outline. Overall Change: Limited Change 2015 Exam Outline 2018 Exam Outline Apply secure design principle to network architecture Open System Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) models Internet Protocol (IP) networking Implications of multilayer protocols Converged protocols Software-defined networks Wireless networks Cryptography used to maintain communication security Implement secure design principles in network architectures Open System Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) models Internet Protocol (IP) networking Implications of multilayer protocols Converged protocols Software-defined networks Wireless networks # Limited Change. Removal of Cryptography .

CISSP Domain 3 Changes - 2018 vs 2015

Image
When a comparison is done between the two exam outlines the overall result, in this case, would also be  Extremely Limited. The topics have just been moved here and there which hardly signifies any change. 2015 Exam Outline 2018 Exam Outline Implement and manage engineering processes using secure design principles Implement and manage engineering processes using secure design principles Understand the fundamental concepts of security models (confidentiality, integrity ) Understand the fundamental concepts of security models Select controls and countermeasures based upon systems security evaluation models Select controls based upon systems security requirements Understand security capabilities of information systems (e.g., memory protection, trusted platform module, interfaces, fault tolerance) Understand security capabilities of information systems (e.g., memory protection, Trusted Platform Module (TPM), encryption

CISSP Domain 2 Changes - 2018 vs 2015

Image
There are hardly any changes which have been done in this domain. Cryptography has been explicitly removed and will be added to Data Protection Methods. Overall Result - No Change. 2015 Exam Outline 2018 Exam Outline Classify Information and Supporting assets ( e.g. sensitivity, criticality ) Identify and classify information and assets Data classification Asset Classification #No Change Determine and maintain ownership ( e.g. data owners, system owners, business/mission owners) Determine and maintain information and asset ownership #No Change Protect privacy Data owners Data processors Data remanence Collection limitation Protect privacy Data owners Data processors Data remanence Collection limitation #No Change Ensure appropriate retention ( e.g. media, hardware, personnel) Ensure appropriate asset retention #No Change Determine data security controls

CISSP Domain 1 Changes - 2018 vs 2015

Image
The new exam outline has been released by (ISC)2 for the CISSP exam. I will be evaluating each domain of the 2015 & 2018 exam outline and would present you a point by point change in the course content.  New Course Content which has added in the 2018 edition will be added in the form of posts on the blog. Here is the overall result in Domain 1: Extremely Limited Change 2015 Exam Outline 2018 Exam Outline Understand and apply concepts of confidentiality, integrity and availability Understand and apply concepts of   confidentiality, integrity and availability # No Change Apply security governance principles through Alignment of security function to business strategy, goals, mission, and objectives Organizational processes (e.g., acquisitions, divestitures, governance committees) Security roles and responsibilities Control frameworks Evaluate and apply security governance principles Alignment of security f