Volg ICTI

Free CISSP body of knowledge study template

| Joost Krapels | Security

The Certified Information System Security Professional (CISSP) certification is a way for security engineers, managers, executives, and consultants to show they have a firm grasp of the technical and organizational aspects of Information Security. The official study guide provided by (ISC)², the organization behind CISSP, contains 948 pages of study material divided over eight domains. To help keep track of your studying, we have created a free CISSP study template.

The consultants of ICT Institute are always looking for ways to broaden and/or deepen our knowledge of everything IT-related. In 2020, we plan to have at least two consultants (Sieuwert and Joost) pass the CISSP exam. In order to do this, they will read through all the theory, practice using self-assessments, and do practice exams. The eight CISSP domains range from high level, e.g. Security and Risk Management, to low level, e.g. Security Architecture and Engineering.

CISSP Body of Knowledge

The CISSP Body Of Knowledge consists of the following eight domains:

  1. Security and Risk Management
  2. Asset Security
  3. Security Architecture and Engineering
  4. Communication and Network Security
  5. Identity and Access Management (IAM)
  6. Security Assessment and Testing
  7. Security Operations
  8. Software Development Security

Every domain is divided into several sub-chapters, e.g. 1.2, and often even those are divided into several sub-chapters (e.g. 1.2.1). This results in the Body Of Knowledge consisting of 270 separate items to study for the exam.

Even though this Body of Knowledge touches upon most topic of information security, it is not the ideal place to start if you have no previous experience and just want to gain some security knowledge. We recommend reading free articles and blog posts on Information Security Management Systems (ISMS) first. This give you a great idea of what technical and organizational aspects of information security are used and sometimes even required in the private and public sector. The CISSP study material is often quite technical and leans on previous knowledge of IT-systems and security.

The template

To help anyone who has committed themself to this seemingly daunting task, we have created a free CISSP study template. You can mark which items and concepts you have read and tested yourself on. Once you have read or practiced all items in a domain, the template automatically reflects this. We have created the template under the Creative Commons licence; you may use, edit, and share the template as you wish, as long as you credit ICT Institute for the original version. The template is based on the (ISC)²’s orginal exam.

 

Image credit: @flipboo via Unsplash

Joost Krapels
Author: Joost Krapels
Joost Krapels has completed his BSc. Lifestyle Informatics (Artificial Intelligence) and MSc. Information Sciences at the VU Amsterdam. During his Master study he evaluated several compliance tools for GDPR compliance and interviewed business owners about the impact of the GDPR. Within ICT Institute, Joost provides IT advice to clients, advises clients on Privacy, improves our GDPR tools and templates, and helps develop the Security Verified standard.