The following quiz is excerpted from the CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 7th Edition, ©2015 John Wiley & Sons, All Rights Reserved.
For IT professionals whose background may be more focused on hardware and software, the world of cybersecurity, risk management and compliance can be new, and sometimes challenging, territory. As opposed to the muscle-memory tasks like firewall configuration or patch deployment, the skills needed to navigate the shifting, strategic concepts of risk and compliance uses a different part of your brain. But these areas are critical for building a security program in any organization, from small businesses to global enterprises.
The importance of these disciplines is not lost on the (ISC)2, which administers the Certified Information Systems Security Professional (CISSP) exam. Domain 1 of the certification exam, Security and Risk Management, is one of the most heavily weighted sections of the test. It accounts for 16% of the final score -- the largest amount assigned to the exam’s eight domains. Only other section of the test, Domain 7: Security Operations, shares the same weight.
At a high level, Domain 1 covers cybersecurity, risk management, compliance, law, regulations and business continuity. According to (ISC)2, more specific concepts tested in Domain 1 include:
- confidentiality, integrity and availability
- security governance principles
- legal and regulatory issues
- professional ethics
- security policies, standards, procedures and guidelines
Planning to take the CISSP exam and obtain certification? Test your knowledge of Domain 1 with this practice quiz, comprising five multiple-choice questions and 10 true/false questions on key concepts, vocabulary and principles of cybersecurity, risk management, compliance and more.
CISSP® is a registered mark of (ISC)².