CISSP 15-April 2018 Changes Summary

Yasser Ramzy

To understand these changes lets first go two versions back CISSP 2012 made from 10 Domains:

  1. Information Security Governance and Risk Management
  2. Access Control
  3. Security Architecture and Design
  4. Physical and Environmental Security
  5. Telecommunications and Network Security
  6. Cryptography
  7. Business Continuity and Disaster Recovery
  8. Legal, Regulations, Compliance, and Investigations
  9. Software Development Security
  10. Security Operations

In 2015 new changes happened to CISSP and the 10 domains became 8 domains:

  1. Security and Risk Management
  2. Asset Security
  3. Security Engineering
  4. Communication and Network Security
  5. Identity and Access Management
  6. Security Assessment and Testing [the official book is 1304 pages, this domain is 49 pages ONLY!!]
  7. Security Operations
  8. Software Development Security

Summary for what happened in 2015:

  • No topics were REMOVED from the exam.
  • New topics were added to the exam.7% such as:
  1. Talking about SCADA & Dnp3 protocol, IoT
  2. More about Converged protocols (e.g., FCoE, MPLS, VoIP, iSCSI)
  3. New Investigation types, Asset types
  4. DevOps , Agile and Scrum overview
  5. Attribute-based access control ABAC
  • The Book was condensed from 10 domains to 8 domains but the content was not removed. It was simply restructured

In April 2018 few changes happened again, But we still have 8 domains:

  1. Security and Risk Management
  2. Asset Security
  3. Security Architecture and Engineering
  4. Communication and Network Security
  5. Identity and Access Management (IAM)
  6. Security Assessment and Testing
  7. Security Operations
  8. Software Development Security

Summary for what happened in 2018:

  • “Security Engineering” Domain name changed to “Security Architecture and Engineering”
  • No topics were REMOVED from the exam.
  • Only 1% New topics were added to the exam and Official Book.
  • Content restructured again.
  • Domains weight changed in the exam

Domain Average Weight in CAT exam

Security and Risk Management 15%

Asset Security 10%

Security Architecture and Engineering 13%

Communication and Network Security 14%

Identity and Access Management (IAM) 13%

Security Assessment and Testing 12%

Security Operations 13%

Software Development Security 10%

So Nothing really changed from 2015 version to 2018 version, just remember that exam now in CAT format since December 2017

https://www.isc2.org/Certifications/CISSP/CISSP-CAT

Published by Yasser Ramzy

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s