CISSP
(Certified Information System Security Practitioner) exam is one of the reputed
and highly sought after certifications in the information security domain. The
certification validates candidates' skills in designing, architecting, and
managing an organization's security posture. CISSP is launching its updated
version in May 2021. The current version, which was updated in 2018, will
undergo some changes to maintain the exam's relevance and address the latest
issues faced by cybersecurity professionals. These changes are nothing but the
addition of a few subdomains and concepts.
Here are
some of the notable changes that will come into effect from May 2021:
Changes
in the exam weightage
Exam
weightage of the 'Communication and network security' domain is decreased to
13%. Earlier it was 14 %. The weightage of the domain 'Software development
security' has been increased by 1%. In the new CISSP (2021) exam, the weightage
of 'software development security' will be 11%.
|
Exam domains |
Weightage (CISSP 2018) |
Weightage(CISSP 2021) |
|
1.
Security and
risk management |
15% |
15% |
|
2.
Asset Security |
10% |
10% |
|
3.
Security
Architecture and Engineering |
13% |
13% |
|
4.
Communication
and Network Security |
14% |
13% |
|
5.
Identity and
access management |
13% |
13% |
|
6.
Security
Assessment and Testing |
12% |
12% |
|
7.
Security
Operations |
13% |
13% |
|
8.
Software
Development Security |
10% |
11% |
Changes
in the exam domain
The domain vise
changes are mentioned below:
1. Security and risk management
A new subdomain entitled 'Understand, adhere to, and promote professional ethics' has been added in the security and risk management domain.
2. Security architecture and engineering
The security architecture
and engineering domain have a domain named 'Research, implement and manage
engineering processes using secure design principles.' The new concepts have
been added in these domains, which are as follows:
·
Zero
trust
·
Privacy
by design
·
Trust
but verify
· Shared responsibility
A new subdomain entitled 'Understand methods of cryptanalytic attacks' has been included.
3. Communication and network security
This is the fourth domain
of the CISSP exam. In the updated version, the following new concepts have been
added in the 'Assess and implement secure design principles in network
architecture' subdomain:
·
SD-WAN
·
Wireless
network
· Cellular network (4G, 5G, etc.)
4. Identity and access management
A new subdomain entitled 'Implement authentication systems' has been included in this domain. It sheds light on the concepts regarding Open ID connect, Open authorization, Security Assertion mark-up language, Kerberos, and Remote Authentication Dial-in service.
5. Software development security
Software development security is the 8th domain of the CISSP exam. Some new concepts such as Static application security testing and dynamic application security testing are added in its subdomain entitled 'identify and apply security control in the development environment.'
Bottom
line
The exam topics of CISSP 2021 are similar to its previous version. Some subdomains have been updated or refreshed to meet the industry requirement. There are no changes in the number of exam domains, experience requirements, and exam formats. Therefore, the candidates who are preparing for the CISSP exam by going through the current domains should not get worried about the changes. The changes will come into effect on 1st May 2021.
Get your
CISSP certification with Infosec Train?
Infosec
Train is one of the prominent Advanced IT security training provider. Our CISSP certification training program aims at equipping candidates with the skill sets
to successfully design and manage the security posture of an organization.
Hands-on learning and interactive training sessions from the highly skilled
trainers will definitely help you get through the exam and earn this globally
reputed credential.
Check out
the latest schedule for our CISSP training program:
https://www.infosectrain.com/courses/cissp-certification-training/
