Volg ICTI

Free CISSP 2018 body of knowledge study template

| Joost Krapels | Templates

The Certified Information System Security Professional (CISSP) certification is a way for security engineers, managers, executives, and consultants to show they have a firm grasp of the technical and organizational aspects of Information Security. The official study guide provided by (ISC)², the organization behind CISSP, contains 948 pages of study material divided over eight domains. To help keep track of your studying, we have created a free CISSP study template.

The consultants of ICT Institute are always looking for ways to broaden and/or deepen our knowledge of everything IT-related. In 2020, we plan to have at least two consultants (Sieuwert and Joost) pass the CISSP exam. In order to do this, they will read through all the theory, practice using self-assessments, and do practice exams. The eight CISSP domains range from high level, e.g. Security and Risk Management, to low level, e.g. Security Architecture and Engineering.

CISSP Body of Knowledge

The CISSP Body Of Knowledge consists of the following eight domains:

  1. Security and Risk Management
  2. Asset Security
  3. Security Architecture and Engineering
  4. Communication and Network Security
  5. Identity and Access Management (IAM)
  6. Security Assessment and Testing
  7. Security Operations
  8. Software Development Security

Every domain is divided into several sub-chapters, e.g. 1.2, and often even those are divided into several sub-chapters (e.g. 1.2.1). This results in the Body Of Knowledge consisting of 270 separate items to study for the exam.

Even though this Body of Knowledge touches upon most topic of information security, it is not the ideal place to start if you have no previous experience and just want to gain some security knowledge. We recommend reading free articles and blog posts on Information Security Management Systems (ISMS) first. This give you a great idea of what technical and organizational aspects of information security are used and sometimes even required in the private and public sector. The CISSP study material is often quite technical and leans on previous knowledge of IT-systems and security.

The template

To help anyone who has committed themself to this seemingly daunting task, we have created a free CISSP study template. You can mark which items and concepts you have read and tested yourself on. Once you have read or practiced all items in a domain, the template automatically reflects this. We have created the template under the Creative Commons licence; you may use, edit, and share the template as you wish, as long as you credit ICT Institute for the original version. The template is based on the (ISC)²’s orginal exam.

For more articles about information security, visit this page.

Image credit: @flipboo via Unsplash

Author: Joost Krapels
Joost Krapels has worked at ICT Institute from 2019 - oct 2024. He is a security and privacy officer with a lot of GDPR and ISO 27001 experience, and has Security+ and CISSP certification.