Dissecting the CISSP Curriculum

The common denominator guiding the creation of a CISSP curriculum is that the CISSP exam deals with Information Security (meaning, how the IT Professional is to be guided in the creation, management and maintenance of the security systems of any IT system.) You know some commonly-used security systems already, as used by laymen, such as PINs, passwords, and usernames. But a CISSP curriculum in any training program goes deeper than you realize.

The Common Body of Knowledge is the basis of coverage of any CISSP training curriculum and of the CISSP accreditation exam itself. It starts out with the domain of Access Control Systems and Methodology, moves on to the domain of Application and Systems Development, and afterwards will deal with Business Continuity and Disaster Recovery Planning.

The fourth domain is concerned with cryptography, while the fifth domain talks about Law, Investigations and Ethics. Sixth on the list of domains covered is Operations Security while number seven is about Physical Security.

The last three domains are, respectively, Security Architecture and Models; Security Management Practices; and lastly, Telecommunications, Network and Internet Security.

One look at these domain headings tells you this is one big field of knowledge. If you attempt to swallow this whole database of technical knowledge in big chunks of information, you will literally choke. It is best to create a realistic and doable study plan for studying the CISSP curriculum so that you do not lose your nerve and quit halfway through your studies. If you can get study partners who are just as committed as you, even better. Sometimes it is good to have other minds to bounce your impressions off on. If nobody in real time can accommodate your study hours, then find online forums to join. Many people benefit from forum interaction, even if you keep odd hours.