Changes to the CISSP Exam

Changes to the CISSP Exam
The CISSP is getting better to the needs of the industry.
Some smaller changes that took place was that (ISC)2 changed the names of some of the CISSP Common Body of Knowledge (CBK) domain names, which has caused some confusion.The core of each domain has not changed, although some items have been added to some of the domains.
The current domains in the CBK (Common Body of Knowledge) are listed below :
• Access Control
• Application Security
• Business Continuity and Disaster Recovery Planning
• Cryptography
• Information Security and Risk Management
• Legal, Regulations, Compliance and Investigations
• Operations Security
• Physical (Environmental) Security
• Security Architecture and Design
• Telecommunications and Network Security

Information Security Risk Management
o New – Security program and blueprints
o New – Risk Models
• Access Control
o New – Identity Management
• Cryptography
o New – more block cipher modes and integrity controls
o New – more attack types
• Physical Security - Environmental
o New – Light types, CCTV, lock picking, lock type
o New – More focus on methodology and process
• Application Security
o New – more focus on methodology and process
o New – web site and application security
o New – more malware types and attack types
• Business Continuity and Disaster Recovery Planning
o New – more focus on methodology and process
• Telecommunications and Network
o New – 802.11 types and security
o New – instant messaging
• Operations Security
o New - Vulnerability and Penetration Testing
o New - Attack Types
o New – Malware Control Types
• Security Architecture and Design
o New – enterprise architecture, building, maintaining, holistic security, security trust zones, Zackman Framework
o New – less Orange Book and more Common Criteria
• Legal, Regulations, Compliance and Investigation
o New - types of Laws
o New – focus on forensics and methodology

To get more information , please visit :
http://www.logicalsecurity.com/education/education_courses_cissp.html.
• Updated study questions and exam material
• http://www.logicalsecurity.com/practice/practice_overview.html
Articles on the CISSP exam
• http://www.logicalsecurity.com/resources/resources_articles.html
•
• http://www.cccure.org
• http://cisspblog.logicalsecurity.com
• http://www.logicalsecurity.com/education/education_courses_cissp.html