Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.

Gallery

Contacts

411 University St, Seattle, USA

engitech@oceanthemes.net

+1 -800-456-478-23

Twitter Facebook-f Pinterest-p Instagram
Certifications / ISC2 / CISSP / Study Guide
ISC2 Dark
ISC2 Certified Information Systems Security Professional

CISSP Study Guide

Master all 8 domains through scenario-driven lessons, interactive diagrams, and exam-aligned practice. Start with the fundamentals, build toward leadership-level thinking.

8
Domains
100-150
CAT Questions
4 hrs
Exam Time
5 yrs
Experience Req.
1 Know the Exam

Exam Snapshot

The CISSP uses Computerized Adaptive Testing (CAT) in English. The exam adjusts question difficulty based on your responses. You need to demonstrate competence across all 8 domains — there is no single domain you can skip.

CAT
Format
Adaptive (English)
100–150
Questions
Stops when pass/fail determined
4 hrs
Time Limit
~2 min per question average
700
Passing Score
Out of 1000 scaled
$749
Exam Fee
USD, Pearson VUE
5 yrs
Experience
4 yrs with approved degree
2 Your Journey

All 8 Domains

The CISSP spans 8 domains weighted by exam importance. Domain 1 is available now with full interactive lessons. More domains are being built — each follows the same scenario-driven format.

1
Security and Risk Management
16% 12 subtopics Free
Ethics, governance, risk management, compliance, BCP, personnel security, threat modeling, and supply chain risk. The largest domain — and where most candidates start.
2
Asset Security
10% 5 subtopics Coming Soon
Data classification, ownership, privacy, retention, handling requirements, and security controls across the data lifecycle.
3
Security Architecture and Engineering
13% 9 subtopics Coming Soon
Security models, secure design principles, cryptography fundamentals, site/facility security, and vulnerability assessments of security architectures.
4
Communication and Network Security
13% 5 subtopics Coming Soon
Network architecture, secure design, communication channels, and network components including firewalls, VPNs, and wireless security.
5
Identity and Access Management
13% 6 subtopics Coming Soon
Physical and logical access, authentication mechanisms, federated identity, authorization models, and the identity lifecycle.
6
Security Assessment and Testing
12% 5 subtopics Coming Soon
Vulnerability assessments, penetration testing, log review, SOC reports, and internal/external audit strategies.
7
Security Operations
13% 15 subtopics Coming Soon
Incident management, DR/BCP, investigations, logging, monitoring, resource protection, and change management operations.
8
Software Development Security
10% 5 subtopics Coming Soon
SDLC security, application security testing, software vulnerabilities, secure coding practices, and development environment controls.
3 Study Plan

Recommended Study Path

ISC2 expects you to think like a security manager, not a technician. This path is ordered by conceptual dependency — each phase builds on the previous one.

1
Foundation: Governance and Risk
Start here. Every other domain references the risk management and governance concepts from Domain 1. This is where you learn to "think like a manager."
D1 — Security & Risk Mgmt (16%)
2
Assets and Architecture
Understand what you're protecting (D2) and how systems are designed to protect it (D3). These are the building blocks for technical domains.
D2 — Asset Security (10%) D3 — Architecture (13%)
3
Access and Communications
How users and systems authenticate, authorize, and communicate securely. High overlap between D4 and D5 — study them together.
D4 — Network Security (13%) D5 — IAM (13%)
4
Validation and Operations
Test your controls (D6) and run day-to-day security operations (D7). D7 is the second-largest domain by subtopic count — give it extra time.
D6 — Assessment (12%) D7 — SecOps (13%)
5
Software Security and Review
Secure development wraps everything together — apply risk, architecture, and testing concepts to the software lifecycle. Then do a full cross-domain review.
D8 — Software Security (10%)
4 Resources

Study Resources

Tools and references to support your CISSP preparation alongside the domain study guides.

📖
Glossary
Key terms with relationship map and domain filtering
Available
📝
Practice Exam
20-25 timed questions across all covered domains
Coming Soon
🔄
Flashcard Drills
Spaced repetition for key concepts, formulas, and frameworks
Coming Soon
📋
Cheat Sheet PDF
Condensed reference for all 8 domains — desk companion
Coming Soon

Start with Domain 1

Security and Risk Management is the foundation of every other CISSP domain. Begin with interactive lessons, scenario-based learning, and diagnostic quizzes — completely free.

Begin Domain 1 →
Disclaimer: This study guide is an independent educational resource created by Tech Jacks Solutions. It is not affiliated with, endorsed by, or officially associated with ISC2. "CISSP" is a registered certification mark of ISC2. All exam details are based on publicly available information from the ISC2 website. This material is preparatory only — it does not guarantee exam success. Always verify current exam requirements directly with ISC2 at isc2.org.