CISSP 8 DOMAINS
Security Operations
This domain focuses on conducting investigations and implementing preventative measures.
Security Assessment and Testing
This domain focuses on conducting security control testing, collecting and analyzing data, and conducting security audits to monitor for risks, threats, and vulnerabilities.
Security and Risk Management
This domain focuses on defining security goals and objectives, risk mitigation, compliance, business continuity, and the law.
Identity and Access Management
This domain focuses on keeping data secure, by ensuring users follow established policies to control and manage physical assets, like office spaces, and logical assets, such as networks and applications.
Communication and Network Security
This domain focuses on managing and securing physical networks and wireless communications.
Architecture and Engineering
This domain focuses on optimizing data security by ensuring effective tools, systems, and processes are in place.
Asset Security
This domain focuses on securing digital and physical assets. It's also related to the storage, maintenance, retention, and destruction of data.
Software Development Security
This domain focuses on using secure coding practices, which are a set of recommended guidelines that are used to create secure applications and services.