Certified Information Systems Security Professional


 Security and Risk Management

This domain covers the fundamentals of security policies, compliance laws, risk management and threat modelling, professional ethics etc.

Asset Security

This domain deals with asset security and comprises of collection and help secure assets through data classification, data management, and data loss prevention methods etc.

Security Architecture and Engineering

Security engineering domain primarily focusses on implementation of effective security architecture, security models, cryptography, reference models and physical security.

Communication and Network Security

Candidates will learn about different kinds of network structures, various transmission methods, OSI model and firewalls, Intrusion Detection System etc.

Identity and Access Management (IAM)

This domain encapsulates the crucial Identity Management components like access control, identification, authorization, attacks on the access controls and its respective countermeasures.

Security Assessment and Testing

This domain deals with audits, security control assessment and testing reports. Candidates will get complete insights on Audits, Vulnerability Assessment and of identifying and assessing risks, testing etc.

Security Operations

In this domain, candidates will get in-depth knowledge of investigations, monitoring, logging, and disaster recovery by defending against future attacks, change management, and perimeter security.

Software Development Security

Primarily, this domain widely covers software development security components like API, Malware, Spyware, Adware, Social Engineering attacks and SQL injection attacks.

Exam Details: 

1. Duration of Exam: 3 hours

2. Total Questions: 100-150 Questions

3. Minimum Score: 700/1000

4. Exam Format: Multiple-Choice Questions