Module 1: Domain 1 Security and Risk Management
Lesson 1: Understand, Adhere to, and Promote Professional Ethics
Lesson 2: Understand and Apply Security Concepts
Lesson 3: Evaluate, Apply, and Sustain Security Governance Principles
Lesson 4: Understand Legal, Regulatory, and Compliance Issues that Pertain to Information Security in a Holistic Context
Lesson 5: Understand Requirements for Investigation Types
Lesson 6: Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines
Lesson 7: Identify, Analyze, Assess, Prioritize, and Implement Business Continuity (BC) Requirements
Lesson 8: Contribute to and Enforce Personnel Security Policies and Procedures
Lesson 9: Understand and Apply Risk Management Concepts
Lesson 10: Understand and Apply Threat Modeling Concepts and Methodologies
Lesson 11: Apply Supply Chain Risk Management (SCRM) Concepts
Lesson 12: Establish and Maintain a Security Awareness, Education, and Training Program
Module 2: Domain 2 Asset Security
Lesson 13: Identify and Classify Information and Assets
Lesson 14: Establish Information and Asset Handling Requirements
Lesson 15: Provision Information and Assets Securely
Lesson 16: Manage Data Lifecycle
Lesson 17: Ensure Appropriate Asset Retention
Lesson 18: Determine Data Security Controls and Compliance Requirements
Module 3: Domain 3 Security Architecture and Engineering
Lesson 19: Research, Implement, and Manage Engineering Processes using Secure Design Principles
Lesson 20: Understand the Fundamental Concepts of Security Models
Lesson 21: Select Controls Based Upon Systems Security Requirements
Lesson 22: Understand Security Capabilities of Information Systems
Lesson 23: Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
Lesson 24: Select and Determine Cryptographic Solutions
Lesson 25: Understand Methods of Cryptanalytic Attacks
Lesson 26: Apply Security Principles to Site and Facility Design
Lesson 27: Design Site and Facility Security Controls
Lesson 28: Manage the Information System Lifecycle
Module 4: Domain 4 Communication and Network Security
Lesson 29: Apply Secure Design Principles in Network Architecture
Lesson 30: Secure Network Components
Lesson 31: Implement Secure Communication Channels According to Design
Module 5: Domain 5 Identity and Access Management (IAM)
Lesson 32: Control Physical and Logical Access to Assets
Lesson 33: Design Identification and Authentication Strategy
Lesson 34: Federated Identity with a Third-party Service
Lesson 35: Implement and Manage Authorization Mechanisms
Lesson 36: Manage the Identity and Access Provisioning Lifecycle
Lesson 37: Implement Authentication Systems
Module 6: Domain 6 Security Assessment and Testing
Lesson 38: Design and Validate Assessment, Test, and Audit Strategies
Lesson 39: Conduct Security Controls Testing
Lesson 40: Collect Security Process Data
Lesson 41: Analyze Test Output and Generate Report
Lesson 42: Conduct or Facilitate Security Audits
Module 7: Domain 7 Security Operations
Lesson 43: Understand and Comply with Investigations
Lesson 44: Conduct Logging and Monitoring Activities
Lesson 45: Perform Configuration Management (CM)
Lesson 46: Apply Foundational Security Operations Concepts
Lesson 47: Apply Resource Protection
Lesson 48: Conduct Incident Management
Lesson 49: Operate and Maintain Detection and Preventative Measures
Lesson 50: Implement and Support Patch and Vulnerability Management
Lesson 51: Understand and Participate in Change Management Processes
Lesson 52: Implement Recovery Strategies
Lesson 53: Implement Disaster Recovery (DR) Processes
Lesson 54: Test Disaster Recovery Plan (DRP)
Lesson 55: Participate in Business Continuity (BC) Planning and Exercises
Lesson 56: Implement and Manage Physical Security
Lesson 57: Address Personnel Safety and Security Concerns
Module 8: Domain 8 Software Development Security
Lesson 58: Understand and Integrate Security in the Software Development Life Cycle (SDLC)
Lesson 59: Identify and Apply Security Controls in Software Development Ecosystems
Lesson 60: Assess the Effectiveness of Software Security
Lesson 61: Assess the Security Impact of Acquired Software
Lesson 62: Define and Apply Secure Coding Guidelines and Standards
Module 9: Attaining Your CISSP Certification
Lesson 63: The Examination
Lesson 64: The Certification Process
