CISSP 2024 exam changes in DETAIL!

In this video, we delve into the details of the CISSP 2024 exam changes – guiding you to navigate the exam changes with confidence! 00:00:00 Intro 00:01:09 Brief overview 00:03:02 Domain weighting changes 00:03:47 Pass Rate Talk with Lou Hablas 00:07:12 Domain weighting changes 00:08:19 CAT Exam changes 00:09:35 Detailed changes 00:10:58 Domain 1: Security & Risk Management 00:11:29 5 Pillars of Information Security 00:15:14 Sustain 00:15:22 Specific frameworks 00:15:40 Standards 00:16:27 Security control frameworks 00:17:07 ISO 27000 Family 00:18:02 Cyber Kill/Attack Chain 00:19:09 3 Major Enterprise Security Architectures 00:19:24 Merged sub-domains 00:19:32 Moved from removed sub-domain 00:19:46 Added “assess” 00:20:21 New topic 00:21:06 External Dependencies 00:22:53 Minor rewording 00:22:59 Cybersecurity Insurance 00:24:45 Minor rewording 00:24:51 Specific Frameworks 00:25:00 Risk Frameworks 00:25:46 Tampering, counterfeits 00:25:56 Risk associated with the acquisition of products and services 00:27:18 Specific Mitigations 00:27:23 Risk Mitigations 00:30:05 Minor rewording 00:30:10 Example content to review 00:30:34 Periodic content reviews 00:31:06 Domain 2: Asset Security 00:31:17 Domain 3: Security Architecture & Engineering 00:31:35 Keep it simple and small 00:32:51 Merged “Zero Trust” & “Trust but Verify” 00:35:03 Secure Access Service Edge (SASE) 00:37:19 Operational Technology 00:38:32 Types of ICS 00:38:46 Minor rewording - API 00:38:51 Quantum Key Distribution 00:39:11 Key Distribution 00:41:15 Minor rewording 00:41:25 Brand New Section! 00:41:34 Information System Lifecycle 00:43:12 Clarification from Rob 00:43:37 Information System Lifecycle 00:44:34 Domain 4: Communication and Network Security 00:44:45 Rewording 00:44:50 Anycast 00:45:00 Transmission Methods 00:46:57 IPSec, SSH, SSL/TLS 00:47:10 Converged Protocols (InfiniBand, Compute Express Link) 00:48:57 Transport Architecture 00:50:58 Network Topologies 00:53:05 Planes 00:53:41 Cut-through vs. Store-and-forward 00:54:28 Performance Metrics 00:57:08 Traffic flows 00:57:14 North-south & east-west traffic patterns 00:59:17 Physical Segmentation 01:01:21 Logical segmentation 01:02:51 Micro-segmentation 01:08:25 Edge Networks 01:10:09 Rewording 01:10:16 Software Defined Network (SDN) 01:11:00 Traditional Network 01:11:46 SDN 01:12:45 Virtual Private Cloud (VPC) 01:13:41 Monitoring & management 01:15:35 Rewording 01:15:58 Domain 5: Identity & Access Management 01:16:14 Services 01:17:03 Groups & Roles 01:18:27 AAA 01:20:01 Password-less Authentication 01:20:30 Advantages of password-less authentication 01:21:33 Challenges of password-less authentication 01:21:54 Password Vault 01:23:10 Access Policy Enforcement 01:24:07 Rewording 01:24:11 Service Accounts Management 01:24:47 Domain 6: Security Assessment & Testing 01:24:51 Rewording 01:24:58 Location 01:26:16 Red, Blue, and/or Purple Team 01:27:45 Added “benchmarks” 01:28:02 Location 01:28:09 Domain 7: Security Operations 01:28:14 Rewording 01:28:24 Tuning 01:29:41 Protecting Data at Rest & In Transit 01:30:01 Backup Storage Strategies 01:32:05 Resource Capacity Agreements 01:32:40 Domain 8: Software Development Security 01:32:50 Scaled Agile Framework 01:34:54 Interactive Application Security Testing 01:35:41 Removed cloud service models 01:36:33 The Easiest Way to Pass the CISSP exam! Join our r/DestCert subreddit for valuable CISSP resources, training advice, support, and to connect with other CISSP professionals!