CISSP Curriculum: What's New?

Hello,  

I've just passed the new version of the CISSP Exam, and I created this Course to help you pass as well!

This course describes the changes to the Certified Information Systems Security Professional Exam Outline. Now, CISSP has been around for quite some time and the previous version of the course syllabus was established in April 2018.  That was the version that I was taught, but only recently, as of the 1st of May this year, the Exam Outline changed significantly.  In this course, I'm going to go through all of that material for you and show you what has changed, in detail, to help you with your revision.

I'm going to give you an overview of what's changed and how this material has been developed for you. 

In the course, we're going to cover all eight domains from Security and Risk Management all the way through to Software Development Security.  The CISSP is a very broad course and it covers all sorts of things like physical security and fire prevention right through to some more detailed technical stuff on the workings of the Internet, software development, and security testing as well.

There have been significant changes to all of those domains except one. There's a small change to number one, as we will see, but it's not huge. However, Domains 2 to 7 have all gone undergone significant changes.  (Some of those changes were already in the official course material, in the study guide and some were already in the official practice tests; we will cover that too.)

Looking at Domains 2 to 8, we see that in the main to the major changes, the resource types are now listed that we the resources that we need to protect, and the different data activities in the data lifecycle are now listed.

Also, I wanted to let you know what I've done to create this course.

I went on the official five-day course, which cost about $2,500 (US), where we went through hundreds of slides per day.  You get a course guide with it, which is 800 pages long.  There is a lot of good material in there, an awful lot to learn.  In addition, I've also been through the official study guide, which is 1,000 pages and contains quite a lot of material that wasn't in the official course.  

Then there is the CISSP glossary, which is about 50 pages and that's got over 400 definitions in.  (The glossary is not so much use, and it seems to be quite out of date to me. There are a lot of definitions that you don't need and quite a few that you do need that are missing.)  There is also a list of over 50 references that you are recommended to read.  

You're not going to read 50+ books and standards!

Just the first two are 1,800 pages long.  So it's an enormous hill to climb without some guidance to help, you where to look.  I've included page numbers for the Official Study Guide, which covers the material we're going to talk about.  However, even the Study Guide doesn't cover everything that we're going to cover.  So I've had to go online and look up information to show you where to get started on these new topics.