CISSP For Dummies

About (ISC) ² and the CISSP Certification

The International Information Systems Security CertificationsConsortium, or (ISC)2, established the Certified Information Systems Security Professional (CISSP) certification program in 1989. The (ISC) ² is a nonprofit, tax-exempt corporation chartered for the explicit purpose of developing and administering the certification and education programs associated with the CISSP (as well as several CISSP concentrations, and the Systems Security Certified Practitioner, or SSCP, and the Certification and Accreditation Professional, (or CAP) certification. The CISSP certification is based on a Common Body of Knowledge (CBK) identified by the (ISC) ² and defined through ten distinct domains:

• Access Control

• Telecommunications and Network Security

• Information Security and Risk Management

• Application Security

• Cryptography

• Security Architecture and Design

• Operations Security

• Business Continuity and Disaster Recovery Planning

• Legal, Regulations, Compliance, and Investigations

• Physical (Environmental) Security