CISSP Domain #3: Security Architecture and Engineering
Security architecture and engineering is the third domain of the CISSP certification that covers around 13% of the total exam questions. The knowledge candidates will gain from this domain is crucial and will work as a base for any kind of cyber security role. As the domain is wide, aspirants often ask, what are the areas they should cover to pass the CISSP exam? Well, we are about to explain that in this blog post. So, let’s start our journey:
Knowledge Areas Of Security Architecture and Engineering Every Aspirant Should Cover
Security Design Principles
As the CISSP consists of the scenario-based questions students must have an in-depth understanding of the security principles to answer the questions. The security principles include;
Adding security into the design process
The security engineer retrofits the existing system with the security features that are designed to protect the triad- confidentiality, integrity, and availability of the data within the organizational system.
Subject and object model
In this security approach every request is analyzed with two different components:
- Subject: it refers to the one who is requesting some type of access.
- Object: it is the entity to which the resource being requested.
Failure modes
There are only two possibilities of the failure modes which are:
- Fail secure system: in this scenario, if the security controls fail they are automatically bypassed.
- Fail open system: In this scenario when the security controls fail the system locked down itself, denying all the accessing requests to the system.
Security models
This part of the Security architecture and engineering domain is more theoretical rather than being practical in nature. Yet you still need to have the theoretical knowledge about the security models as the CISSP exam will cover them one way or another. Although there are several books you can refer to it is good to have a rough idea about the security module:
- Bell-LaPadula security model
- Lattice-Based Access controls
- Integrity models
- Information Flow model
- Chinese wall model
- Noninterference model
- Take-Grant Protection model
- The Access Control Matrix
- Graham-Denning model
- Access control matrix
- Security requirements
Students who are ready to take over the role of CISSP professional with the ISC2 Certification Course need to understand what security requirements are necessary to get approval for the access.
Certification: It is the process that takes place to determine whether the technology products meet the requirements of a certain level of certification.
Accreditation: It is the decision that is made after the certification to ensure the specific technology system can be used in a particular business environment or not?
Cloud computing and virtualization
As you move forward with the CISSP exam preparation, you start understanding the importance of the three main types of cloud computing:
- Public cloud
- Private cloud
- Hybrid cloud
There are many organizations that use a hybrid to take advantage of both public and private clouds. In such computing, they use a private cloud for one computing workload and public cloud for other one.
We will take our leave here but you can continue to learn to make sure you are not living any concept
Unattended. In the end, the prime objective of this domain is to test the knowledge and skills of the candidates on various security modules. Those who have a firm grasp of the key security principles can easily answer all the questions related to this domain. Moreover, if you have any further doubts regarding security engineering than feel free to knock at the door of ProICT Training.
Leave a Reply