By Show
In security, Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices. CBK is organized by domain and it is annually gathered and updated by the International Information Systems Security Certification Consortium, otherwise known as (ISC)2. (ISC)2 uses the various domains of the CBK to test a certificate candidate's levels of expertise in the most critical aspects of InfoSec. The Certified Information Systems Security Professional (CISSP) certification exam covers the CBK domains: security and risk management, asset security, security engineering, communications and network security, identity and access management, security assessment and testing, security operations, and software development security. CISSP CBK domainsThe eight different CISSP domains that the (ISC) 2's CISSP Exam covers are compiled from various topics in the (ISC)2 CBK and are annually updated to reflect the most relevant topics within the profession. The CISSP CBK domains further include:
How to study for the CISSP certificationThe CISSP certification covers all eight CISSP domains, and CISSP CBK test takers are expected to be familiar with each one. The use of learning materials is encouraged; textbooks and practice exams can be found online. The official test website contains a list of CISSP resources available for purchase. This was last updated in April 2018 Continue Reading About Common Body of Knowledge (CBK)
Dig Deeper on Careers and certifications
Which of the following of the CIA Triad ensures that the information is correct and no unauthorized person has altered it?Integrity involves maintaining the consistency, accuracy and trustworthiness of data over its entire lifecycle. Data must not be changed in transit, and steps must be taken to ensure data cannot be altered by unauthorized people (for example, in a breach of confidentiality).
Which of the following are not part of the CIA triad?Explanation: CIA refers to Confidentiality, Integrity, and Availability that are also considered as the CIA triad. However, the CIA triad does not involve Authenticity.
Which of the following is an example of technical controls that can be used for physical security?Examples include physical controls such as fences, locks, and alarm systems; technical controls such as antivirus software, firewalls, and IPSs; and administrative controls like separation of duties, data classification, and auditing.
What is CIA in terms of information security?The three letters in "CIA triad" stand for Confidentiality, Integrity, and Availability. The CIA triad is a common model that forms the basis for the development of security systems. They are used for finding vulnerabilities and methods for creating solutions.
|