Common Body of Knowledge = CBK as the TLA
The Common Body of Knowledge [CBK] is a compilation and
distillation of all security information collected internationally
of relevance to Information Security [IS] professionals. With
no industry standards for such knowledge,
(ISC)2 was formed, in
part, to aggregate, standardize and maintain such information.
(ISC)2 works to ensure that accomplished and experienced IS
professionals with CISSP Certification have a working knowledge
of all ten domains of the CBK:
- Security Management Practices - you have this study guide as a
handout. It is a foundational domain and the best one for an overview.
- Security Architecture and Models
- Access Control Systems & Methodology
- Application Development Security
- Operations Security
- Physical Security
- Cryptography
- Telecommunications, Network, & Internet Security
- Business Continuity Planning
- Law, Investigations, & Ethics
IS practitioners with SSCP Certification must have a working
knowledge in seven domains of the CBK:
- Access Controls
- Administration
- Audit and Monitoring
- Cryptography
- Data Communications
- Malicious Code/Malware
- Risk, Response and Recovery