CISSP Domain 3: Security systems engineering

Last updated:September 2017

Editor's note

For as long as humans have possessed sensitive information, they have invented ways of protecting it from prying eyes. In one example from the ancient world, Julius Caesar developed a way to encode his private correspondence using a simple substitution cipher now known as the eponymous (and extremely unsecure) Caesar cipher. Modern security systems engineering has come a long way since then, but the goal remains unchanged: to establish and maintain mechanisms of preventing unauthorized access of information and resources.

In this Security School, based on (ISC)² CISSP training material on Domain 3 of the exam, learn about essential concepts covered in one of the more in-depth, technical parts of the test. From security architectures to cryptanalysis to abstraction techniques, this Security School provides an overview of security systems engineering topics tested in Domain 3. In his tip and video, expert Adam Gordon provides a comprehensive overview of cryptography attacks and a sweeping introduction to various security capabilities of information systems that CISSP candidates should develop fluency in.

Once you've reviewed the parts of this Security School on security systems engineering, take the quiz to see how much you have learned about information security structures, vocabulary and different vulnerabilities.  

View our Security School Course Catalog to view more schools.

CISSP® is a registered mark of (ISC)².

1Security systems engineering: What you need to know

While some domains of the CISSP exam cover more abstract topics, Domain 3 focuses heavily on the nuts and bolts of securing enterprise data and protecting it from attacks. Review different types of security features of information systems, cryptography attacks and more.

Enterprise Desktop
Cloud Computing