Tuesday, January 27, 2015

Big updates to ISC2 CISSP Exam coming soon

The recently announced changes to the ISC2 CISSP exam are the most significant I've seen in years. They're moving to re-align test coverage to the newest issues in information security and current job practice areas. Some of the previous security domains have been expanded, while others have changed completely or been eliminated.  The new domains are:


  • Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity)

  • Asset Security (Protecting Security of Assets)

  • Security Engineering (Engineering and Management of Security)

  • Communications and Network Security (Designing and Protecting Network Security)

  • Identity and Access Management (Controlling Access and Managing Identity)

  • Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)

  • Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery)

  • Software Development Security (Understanding, Applying, and Enforcing Software Security)


  • Dr. Eric Cole, author of SANS MGT414, is presenting the new curriculum through the vLive format in early March and other presenters will be field-testing it between now and September 9th when I launch the Mentor sessions in East Lansing, Michigan.

    If you saw my earlier post about the Mentor session I'm presenting for the CISSP exam prep, I've updated it to link to the new flyer and registration page.

    original post: http://www.redcedarnet.com/2015/01/sans-mentor-information-security.html