2. What are CISSP Security Domains?

-Security and Risk Management

-Asset Security.

-Security Architecture and Engineering.

-Communications and Network Security.

-Identity and Access Management.

-Security Assessment and Testing

-Security Operations

-Software Development Security

3. What are Cybersecurity Domains?

A way to understand these concepts is to organize them into categories called security domains. Security teams use domains to organize daily tasks in identifying security gaps to establish the organization's security posture.

4. DOMAIN 1 - Security and Risk Management

The Security and Risk Management domain focuses on security goals and objectives, risk mitigation, compliance, business continuity, and the law.

5. (DOMAIN 1) By defining security goals and objectives, organizations can reduce risks to critical assets and data, such as personally identifiable information (PII).

6. DOMAIN 2 - Asset Security

The Asset Security domain focuses on securing digital and physical assets. It is also related to the storage, maintenance, retention, and destruction of data.

7. (DOMAIN 2) Security specialists in this domain may be tasked with ensuring old equipment is properly disposed of or destroyed to ensure that any private data stored on the old hardware can't be accessed by threat actors.

8. DOMAIN 3 - Security Engineering and Architecture

This domain is concerned with optimizing data security by ensuring effective tools, systems, and processes are in place to protect an organization's assets and data.

9. (DOMAIN 3) One of the core concepts of secure design architecture is shared responsibility.

This means that all individuals within an organization take an active role in lowering risk and maintaining both physical and virtual security.

10. DOMAIN 4 - Communication and Network Security

This domain focuses on managing and securing physical networks and wireless communications. As a security analyst, you might be tasked with analyzing user behavior within your organization.

11. (DOMAIN 4) For example, imagine discovering that users are connecting to unsecured wireless hotspots.

This could leave the organization and its employees vulnerable to attacks.

Secure networks, whether physical or wireless, keep an organization's data and comm's safe.

12. DOMAIN 5 - Identity and Access Management

Also called "IAM", this domain focuses on keeping data secure by ensuring users follow established policies to control and manage physical assets, like office spaces, and logical assets, such as networks and applications.

13. (DOMAIN 5) The Components of IAM

-Identification. When a user verifies who they are.

-Authentication. The verification process to prove a person's identity.

-Authorization. A user's identity has been confirmed.

-Accountability. Monitoring and recording user actions.

14. DOMAIN 6 - Security Assessment and Testing

This domain focuses on conducting control testing, collecting and analyzing data, and conducting security audits to monitor for risks, threats, and vulnerabilities.

15. DOMAIN 7 - Security Operations

Security Operations focuses on conducting investigations and implementing preventative measures. Investigations begin once a security incident has been identified. This process requires a heightened sense of urgency to minimize potential risks.

16. (DOMAIN 7) A digital forensic investigation must take place to identify when, how, and why the breach occurred. This helps security teams determine areas for improvement and preventative measures that can be taken to mitigate future attacks.

17. (DOMAIN 7) To illustrate the role of this domain, imagine you receive an alert that an unknown device has been connected to your internal network.

You would then follow the organizational policies and procedures to stop the potential threat in its tracks.

18. DOMAIN 8 - Software Development Security

Software Development Security concerns itself with secure coding practices. These are a set of recommended guidelines that are used to create secure applications and services.

19. (DOMAIN 8) A security analyst may work with a software development team to ensure security practices are incorporated into the software development lifecycle.

20. (DOMAIN 8) The software development lifecycle is an efficient process used by teams to quickly build software products and features. In this process, security is an additional step.

21. (DOMAIN 8) By making sure that each phase of the software development lifecycle undergoes security reviews, security can be fully integrated into the software product.

22. (DOMAIN 8) Performing a secure design review during the design phase, secure code reviews in the development and test phases, and penetration testing during the deployment and implementation phase ensures that security is embedded into the software product at every step.

23. Final Word.

Understanding these domains is crucial for entry-level cybersecurity analysts, as they provide a foundation for comprehending the overall security landscape and the various roles within it.

24. If you find my notes helpful, get them sent to your inbox

papicreative.substack.com