| Previous CISSP Domain Name | New CISSP Domain Name |
| Domain 1: Security and Risk Management | Domain 1: Security and Risk Management |
| Domain 2: Asset Security | Domain 2: Asset Security |
| Domain 3: Security Engineering | Domain 3: Security Architecture and Engineering |
| Domain 4: Communications and Network Security | Domain 4: Communication and Network Security |
| Domain 5: Identity and Access Management | Domain 5: Identity and Access Management (IAM) |
| Domain 6: Security and Assessment Testing | Domain 6: Security Assessment and Testing |
| Domain 7: Security Operations | Domain 7: Security Operations |
| Domain 8: Software Development Security | Domain 8: Software Development Security |
The domain weights are as follows:
| Major Domains | Weightings (Percentage) |
| Domain 1: Security and Risk Management | 15% |
| Domain 2: Asset Security | 10% |
| Domain 3: Security Architecture and Engineering | 13% |
| Domain 4: Communication and Network Security | 14% |
| Domain 5: Identity and Access Management (IAM) | 13% |
| Domain 6: Security Assessment and Testing | 12% |
| Domain 7: Security Operations | 13% |
| Domain 8: Software Development Security | 10% |
| Total | 100% |
ISC2 Security Conference – 2018 Oct 8-10
CISSP Test Taking Best Practice
- Answer the question from a MANAGER perspective. Do NOT answer from the ENGINEER perspective.
- Look for key words such as NOT, MOST, BEST
- The English test is ADAPTIVE.
- You will have up to 3 hours. Don’t get in a rush.
- You will have a minimum of 100 questions
- Do not leave an answer blank. There is no additional penalty for wrong answers.
- Use the process of elimination to increase your odds of getting the question correct.
- Use LOTS of practice tests to prepare you for the real test. See the Practice Test section.