for the Certified Information Systems Security Professional (CISSP) certification exam, but we provide additional tools to help you prepare. The online TestBank will help you understand the types of questions that will appear on the certification exam.
The sample tests in the TestBank include all the questions in each chapter as well as the questions from the Assessment test in this Introduction section. In addition, there are four bonus practice exams that you can use to evaluate your understanding and identify areas that may require additional study. These four additional practice exams include 125 questions each and cover the breadth of domain topics in a similar percentage ratio as the real exam. They can be used as real exam simulations to evaluate your preparedness.
The flashcards in the TestBank will push the limits of what you should know for the certification exam. The questions are provided in digital format. Each flashcard has one question and one correct answer.
The online glossary is a searchable list of key terms introduced in this exam guide that you should know for the CISSP certification exam.
New for the 9th edition: Audio Review. Author Mike Chapple reads the Exam Essentials for each chapter providing you with 2 hours and 50 minutes of new audio review for yet another way to reinforce your knowledge as you prepare. We suggest using these audio reviews after you have read each chapter. You can listen to them on your commute, at the gym, or anywhere you read audio books!
To start using these to study for the exam, go to www.wiley.com/go/sybextestprep, register your book to receive your unique PIN, and then once you have the PIN, return to www.wiley.com/go/sybextestprep, and register a new account or add this book to an existing account.
Study Guide Exam Objectives
This table provides the extent, by percentage, to which each section is represented on the actual examination.
| Domain | % of exam |
| Domain 1: Security and Risk Management | 15% |
| Domain 2: Asset Security | 10% |
| Domain 3: Security Architecture and Engineering | 13% |
| Domain 4: Communication and Network Security | 13% |
| Domain 5: Identity and Access Management (IAM) | 13% |
| Domain 6: Security Assessment and Testing | 12% |
| Domain 7: Security Operations | 13% |
| Domain 8: Software Development Security | 11% |
| Total | 100% |
isc2.org to download a copy of the Certification Exam Outline. This document includes a complete exam outline as well as other relevant facts about the certification.
Objective Map
This book is designed to cover each of the eight CISSP Common Body of Knowledge domains in sufficient depth to provide you with a clear understanding of the material. The main body of this book consists of 21 chapters. Here is a complete CISSP Exam Outline mapping each objective item to its location in this book's chapters.
| Domain # | Objective | Chapter |
| Domain 1 | Security and Risk Management | |
| 1.1 | Understand, adhere to, and promote professional ethics | 19 |
| 1.1.1 | (ISC)² Code of Professional Ethics | 19 |
| 1.1.2 | Organizational code of ethics | 19 |
| 1.2 | Understand and apply security concepts | 1 |
| 1.2.1 | Confidentiality, integrity, and availability, authenticity and nonrepudiation | 1 |
| 1.3 | Evaluate and apply security governance principles | 1 |
| 1.3.1 | Alignment of security function to business strategy, goals, mission, and objectives | 1 |
| 1.3.2 | Organizational processes (e.g., acquisitions, divestitures, governance committees) | 1 |
| 1.3.3 | Organizational roles and responsibilities | 1 |
| 1.3.4 | Security control frameworks | 1 |
| 1.3.5 | Due care/due diligence | 1 |
| 1.4 | Determine compliance and other requirements | 4 |
| 1.4.1 |