
What we cover: Course orientation and external study resources for certification preparation.
Why it matters: Resource awareness supports consistent learning and reduces gaps in security knowledge.
Exam relevance: Not directly tested, but supports readiness through practice questions and supplemental review.
What we cover: Course logistics for downloading study guides and submitting an instructor review.
Why it matters: Effective study resource use supports consistent knowledge retention and self-assessment during preparation.
Exam relevance: No direct exam objectives are tested, but it affects readiness and performance on exam-style questions.
What we cover: Course notation cues that flag high-priority topics, partial lists, and keywords for memorization.
Why it matters: Clear signal interpretation improves accurate terminology recall and reduces misunderstanding of scope.
Exam relevance: Tested indirectly through precise term recognition and selecting correct definitions when distractors use incomplete lists.
What we cover: The scope of Domain 3 topics across architecture and design, cryptography, and physical security controls.
Why it matters: Correct control selection depends on understanding how systems, encryption, and facilities protections work together.
Exam relevance: Tested as conceptual distinctions and scenario-based control choices spanning architecture, crypto primitives, and physical safeguards.
What we cover: Access control models DAC, MAC, RBAC, ABAC, and rule-based access control as a policy mechanism.
Why it matters: Correct model selection enforces least privilege, prevents privilege creep, and supports separation of duties.
Exam relevance: Tested as conceptual distinctions and scenario-based identification of the appropriate access control approach.
What we cover: Mandatory access control models and their confidentiality versus integrity focus.
Why it matters: Correct model selection depends on whether preventing disclosure or preventing modification is the primary control goal.
Exam relevance: Tested by identifying Bell-LaPadula versus Biba properties and recognizing lattice, Graham-Denning, and HRU keywords.
What we cover: Integrity and access control models plus security modes and the Zachman enterprise architecture framework.
Why it matters: These models define how integrity, information flow, and authorization boundaries are enforced across subjects and objects.
Exam relevance: Tested as model identification and correct control selection, including differentiating dedicated, system high, compartmented, and multilevel modes.
What we cover: Security evaluation models and Common Criteria components including TOE, Protection Profile, Security Target, and EAL assurance levels.
Why it matters: These criteria standardize how product security assurance is defined and compared across systems and networks.
Exam relevance: Tested as model selection and terminology distinction questions, especially Orange versus Red Book scope and Common Criteria elements.
What we cover: Secure design principles and threat modeling frameworks for access control, layered controls, failure behavior, and trust models.
Why it matters: These principles guide selecting controls that reduce attack surface, limit misuse, and preserve confidentiality, integrity, and availability.
Exam relevance: Tested as conceptual distinctions and scenario-based choices between access models, fail-closed versus fail-open, Zero Trust, and cloud responsibility boundaries.
What we cover: Secure system design concepts using layering, abstraction, and security domains including user mode versus kernel mode separation.
Why it matters: Separation of privilege boundaries limits direct hardware access and reduces the blast radius of faults.
Exam relevance: Tested as conceptual distinctions between modes, rings, and open versus closed system design choices.
What we cover: Information system lifecycle phases and the security governance controls applied across them.
Why it matters: Lifecycle security prevents gaps by aligning requirements, changes, access, monitoring, and disposal with risk and compliance.
Exam relevance: Tested as selecting the correct lifecycle phase or control category for a described system security need.
What we cover: SASE as a cloud-delivered architecture combining WAN connectivity with integrated network security services.
Why it matters: It enables consistent policy enforcement and secure access across users, devices, and locations without a fixed perimeter.
Exam relevance: Tested as selecting SASE versus VPN or perimeter appliances and mapping it to zero trust and cloud security controls.
What we cover: Core PC architecture components and CPU execution concepts including interrupts, processes, threads, and memory protection.
Why it matters: These distinctions drive correct isolation and resource-control choices in multiuser and multitasking systems.
Exam relevance: Tested through scenario-based selection between interrupts, processes, threads, multithreading, multiprocessing, swapping, paging, and virtual memory.
What we cover: BIOS boot process and integrity plus TPM, DEP, ASLR, and WORM as secure hardware and memory controls.
Why it matters: These controls protect boot trust, cryptographic keys, and memory execution from tampering and exploitation.
Exam relevance: Identify BIOS risks and select TPM, DEP, ASLR, or WORM when hardening boot, logs, and memory protections.
What we cover: Microservices, containerization, and serverless computing as cloud deployment and virtualization models.
Why it matters: These models change isolation boundaries, shared responsibility, and how resources are provisioned and managed.
Exam relevance: Tested as conceptual distinctions and scenario-based selection, including containers vs VMs and scalability vs elasticity.
What we cover: Kernel architecture distinctions and discretionary access control for file and user permissions.
Why it matters: These concepts define where enforcement occurs and who can grant or change access rights.
Exam relevance: Tested through selecting correct kernel type or DAC permission behavior in OS access control questions.
What we cover: Virtualization fundamentals including hypervisor placement and the Type 1 versus Type 2 hypervisor distinction.
Why it matters: Virtualization changes the attack surface through hypervisor compromise, VM escape risk, segmentation needs, and shared-resource availability.
Exam relevance: Identify hypervisor type and select appropriate virtualization security controls in scenario-based questions.
What we cover: Cloud deployment models and their tenancy and ownership distinctions across private, public, hybrid, and community clouds.
Why it matters: Correct deployment selection aligns data sensitivity and availability needs with shared responsibility and governance controls.
Exam relevance: Tested as conceptual differentiation and scenario-based selection of the appropriate cloud model and provider oversight expectations.
What we cover: Public cloud shared responsibility across IaaS, PaaS, and SaaS service models.
Why it matters: Correctly assigning security ownership drives proper control placement and accountability boundaries.
Exam relevance: Identify the service model from who manages infrastructure, OS, platforms, applications, and data in scenario questions.
What we cover: Grid computing and thin clients as distributed resource models using pooled nodes or centralized execution.
Why it matters: These architectures shift where processing and data reside, changing exposure, control placement, and resilience assumptions.
Exam relevance: Identify grid versus peer-to-peer versus thin client in prompts and choose the correct architecture or risk implication.
What we cover: Distributed computing environments, high performance computing, and edge computing as cloud architecture models.
Why it matters: These models change latency, scaling, fault tolerance, and CIA prioritization across distributed resources.
Exam relevance: Identify DCE versus grid and CDN versus edge, and choose architectures based on latency and CIA requirements.
What we cover: Internet of Things security weaknesses and compensating network controls for connected smart devices.
Why it matters: IoT devices expand attack surface due to weak defaults and limited patching, requiring isolation and hardening.
Exam relevance: Tests selecting appropriate controls for IoT risk, especially segmentation, patch management, and credential hardening decisions.
What we cover: Emanations, covert channels, steganography, and digital watermarks as confidentiality and data-hiding concepts.
Why it matters: These mechanisms enable unintended leakage or intentional exfiltration outside approved communication paths.
Exam relevance: Tested as conceptual distinctions and control selection for preventing data leakage and detecting covert exfiltration methods.
What we cover: Malware categories with emphasis on virus types and antivirus detection methods.
Why it matters: Correct identification drives appropriate preventive controls and effective detection and eradication choices.
Exam relevance: Tested through scenario keywords requiring selection of controls for macro, boot sector, stealth, polymorphic, and multipartite infections.
What we cover: Key malware types and detection approaches including worms, Trojans, rootkits, logic bombs, and client-side versus server-side attacks.
Why it matters: Correct classification drives appropriate preventive and detective control selection across endpoints, networks, and user behavior.
Exam relevance: Tested as terminology distinctions and scenario-based identification of malware behavior and the most suitable detection method.
What we cover: Web architecture attack surface concepts including applets, OWASP Top 10 purpose, XML usage, and SOA basics.
Why it matters: Security added after design increases exposure across interconnected web components and data exchange layers.
Exam relevance: Tested through scenario-based identification of web vulnerabilities and selecting appropriate mitigations or secure design choices.
What we cover: Database security terms distinguishing polyinstantiation, aggregation, inference, data mining, and data analytics.
Why it matters: These concepts guide confidentiality controls and detection approaches when data access and patterns can reveal sensitive information.
Exam relevance: Tested as terminology differentiation and selecting the correct concept when describing data exposure, analysis, or monitoring outcomes.
What we cover: Mobile device security controls and governance using MDM and BYOD policy enforcement.
Why it matters: Standardized configuration and technical restrictions reduce data exposure from loss, theft, and user workarounds.
Exam relevance: Tests selecting appropriate mobile controls and distinguishing corporate-owned versus BYOD management and policy requirements.
What we cover: Industrial control system components and the distinction between SCADA, DCS, PLC, RTU, and field devices.
Why it matters: Correctly classifying ICS elements supports appropriate security control placement across supervisory and operational layers.
Exam relevance: Tested as terminology and architecture identification, including choosing which component or protocol fits a described control environment.
What we cover: Core cryptography terms and functions across confidentiality, integrity, authentication, and nonrepudiation.
Why it matters: Correct cryptographic control selection depends on distinguishing protection goals from algorithm-breaking and implementation weaknesses.
Exam relevance: Tested through terminology distinctions and choosing appropriate cryptographic actions or controls from short scenarios.
What we cover: Monoalphabetic versus polyalphabetic substitution ciphers, frequency analysis, XOR operation, and confusion versus diffusion principles.
Why it matters: These concepts explain how encryption resists pattern-based cryptanalysis through key variation and bitwise transformation.
Exam relevance: Identify cipher types, recognize frequency analysis weaknesses, apply XOR truth outcomes, and distinguish confusion from diffusion in questions.
What we cover: Key historical cipher types and the symmetric shared-secret concept behind early cryptography.
Why it matters: Recognizing cipher categories clarifies how secrecy depends on keys, substitution, and mechanical complexity.
Exam relevance: Tested as conceptual identification of cipher types and symmetric key usage in basic cryptography questions.
What we cover: One-time pads as symmetric encryption requiring a truly random key used exactly once.
Why it matters: Key reuse or weak randomness breaks confidentiality despite a theoretically perfect algorithm.
Exam relevance: Tested as identifying OTP properties and recognizing implementation failures like pad reuse over algorithm compromise.
What we cover: Symmetric versus asymmetric encryption and hybrid encryption for key exchange and bulk data protection.
Why it matters: Correct encryption selection balances performance, key management complexity, and secure key distribution over untrusted networks.
Exam relevance: Identify which method fits a scenario and compute symmetric key counts using n(n-1)/2.
What we cover: Symmetric encryption using DES and 3DES, including block modes and 3DES keying options.
Why it matters: Mode and keying choices determine confidentiality strength and error propagation behavior in encrypted data.
Exam relevance: Tests recognition of insecure versus acceptable legacy symmetric options and selection of correct DES mode or 3DES keying.
What we cover: Symmetric cipher selection focusing on AES rounds and key sizes plus legacy alternatives and Feistel structure.
Why it matters: Correct algorithm choice depends on security status, block versus stream operation, and key and block size properties.
Exam relevance: Tested as identifying AES characteristics and rounds by key length and rejecting deprecated ciphers like Blowfish and RC4.
What we cover: Asymmetric cryptography key pairs and how encryption and digital signatures use public and private keys.
Why it matters: It enables secure communication without pre-shared secrets while requiring strict private key protection.
Exam relevance: Tests choosing correct key usage for confidentiality versus authenticity and nonrepudiation in scenario-based questions.
What we cover: Asymmetric algorithms and their roles in key exchange, signatures, and confidentiality.
Why it matters: Correct algorithm selection determines whether confidentiality, integrity, authenticity, or key agreement is achieved.
Exam relevance: Tested through scenario-based identification of RSA, DSA, Diffie-Hellman, ECC, ElGamal, and insecure knapsack.
What we cover: Hashing as a one-way integrity control producing fixed-length output from variable-length input.
Why it matters: Hashes detect unauthorized changes and support evidence integrity verification.
Exam relevance: Identify hashing versus encryption and recognize collision risk and weak algorithms like MD5 in questions.
What we cover: Hash algorithm strength differences and the purpose of salts and nonces in authentication.
Why it matters: Correct hashing choices protect integrity and stored credentials against collision and precomputation attacks.
Exam relevance: Tests selecting secure hashes over deprecated options and distinguishing salts versus nonces for replay resistance.
What we cover: Quantum key distribution as a cryptographic key exchange using quantum properties to detect interception.
Why it matters: It enables secure key establishment by making observation and copying of quantum states detectable or impossible.
Exam relevance: Identify QKD as key distribution, not bulk encryption, and select it when tamper-evident key exchange is required.
What we cover: Cryptographic attack types including key theft, brute force, digraph analysis, man-in-the-middle, and session hijacking.
Why it matters: These attacks bypass strong encryption by targeting keys, authentication, or predictable session identifiers.
Exam relevance: Identify attack descriptions and choose the correct mitigation category such as key management, account lockout, or key stretching.
What we cover: Social engineering influence tactics and cryptographic attack types targeting hashes and ciphers.
Why it matters: These attacks exploit human behavior and weak cryptographic implementations to recover secrets without brute force.
Exam relevance: Identify attack descriptions and choose appropriate mitigations like salting, awareness training, and stronger cryptographic designs.
What we cover: Cryptographic attack types including key-knowledge, cryptanalysis, side-channel, and Kerberos credential replay and ticket abuse.
Why it matters: These attacks exploit non-randomness, weak implementations, and credential artifacts rather than breaking strong algorithms directly.
Exam relevance: Tested as conceptual distinctions and selecting the correct attack label from symptoms involving hashes, tickets, and leakage.
What we cover: Digital signatures and PKI components including key storage, certificate issuance, and revocation status checking.
Why it matters: Correct key custody and certificate validation preserve integrity, nonrepudiation, and trust in encrypted communications.
Exam relevance: Tests selecting signature versus encryption flows and distinguishing CA, RA, CRL, OCSP, and key escrow roles.
What we cover: Message authentication codes and TLS as cryptographic integrity, authentication, and confidentiality controls.
Why it matters: Correctly selecting keyed integrity versus encrypted transport prevents tampering and impersonation in data exchange.
Exam relevance: Tested by distinguishing MAC versus HMAC and identifying TLS handshake roles, certificates, and optional mutual authentication.
What we cover: IPsec components and modes plus PGP and S/MIME email security models.
Why it matters: Correct protocol selection ensures confidentiality, integrity, authentication, and key management across networks and messaging.
Exam relevance: Tested as choosing AH versus ESP, tunnel versus transport, IKE negotiation, PGP web-of-trust, and S/MIME PKI usage.
What we cover: Physical security control types and their primary classification.
Why it matters: Correct control categorization drives appropriate selection and layered defense design.
Exam relevance: Tested by distinguishing control types from keywords and selecting the best control category in scenarios.
What we cover: Physical security perimeter controls and their deterrent, preventive, and detective classifications.
Why it matters: Correct control classification supports layered defense and appropriate access restriction at facility boundaries.
Exam relevance: Tested through control-type distinctions and selecting suitable perimeter measures, lighting, and surveillance storage design.
What we cover: Physical locks as preventive controls and key-based access mechanisms including master, core, and combination locks.
Why it matters: Lock and key management determines physical access assurance and limits compromise from copying, picking, bumping, or brute force.
Exam relevance: Tested as control-type classification and selecting appropriate physical access controls based on security level and key custody.
What we cover: Physical access controls using smart cards, magnetic stripe cards, mantraps, turnstiles, and contraband checks.
Why it matters: Correct control selection reduces unauthorized entry and limits credential cloning and social-engineering bypass.
Exam relevance: Tested as control-type distinctions, authentication factor mapping, and choosing preventive, detective, or deterrent physical controls.
What we cover: Physical perimeter controls and secure facility design for protected areas.
Why it matters: Layered physical controls reduce unauthorized entry while preserving safe egress and containment.
Exam relevance: Tested as selecting correct physical controls and identifying weak points in doors, ceilings, and data center boundaries.
What we cover: Physical security controls for guards, dogs, and restrictive work areas with visitor and vendor access handling.
Why it matters: Correctly selecting and managing these controls reduces unauthorized access risk and strengthens layered defense.
Exam relevance: Tested as control-type distinctions and scenario-based choices for guard categories, dog use, visitor badges, and escort requirements.
What we cover: Physical site selection and shared-tenancy facility risks for critical infrastructure and data centers.
Why it matters: Location and co-tenancy constraints drive physical and administrative control choices for layered defense.
Exam relevance: Tests selecting physical security controls and recognizing demarc and wiring-closet exposure in shared facilities.
What we cover: Data center physical security design for site selection, power redundancy, and fire suppression controls.
Why it matters: Proper facility planning reduces environmental and utility risks through resilient physical and safety controls.
Exam relevance: Tested as choosing appropriate physical controls and distinguishing dry-pipe versus clean-agent suppression and UPS versus generator roles.
What we cover: Secure backup media storage controls including offsite storage, encryption at rest, inventory tracking, retention, and destruction.
Why it matters: Proper media handling preserves recoverability while preventing unauthorized disclosure through loss, theft, or improper disposal.
Exam relevance: Tests selecting correct administrative and physical controls for backup media storage, retention requirements, and secure sanitization decisions.
What we cover: Asset inventory tracking and hardware hardening as administrative and technical controls for endpoint and device security.
Why it matters: Accurate inventories and hardened configurations reduce unknown exposure and shrink attack surface across connected hardware.
Exam relevance: Tested through choosing appropriate controls for asset management, secure configuration, patching, segmentation, and peripheral port restrictions.
What we cover: Clean power controls and EMI mitigation for data center availability and integrity.
Why it matters: Stable voltage and interference-resistant cabling prevent outages, hardware damage, and data corruption.
Exam relevance: Tested as selecting UPS versus generator versus PDU and choosing fiber over copper to reduce EMI and sniffing.
What we cover: Environmental controls for data centers including HVAC, humidity, positive pressure, and static electricity mitigation.
Why it matters: These physical controls prevent equipment damage and reduce contamination and moisture risks in controlled spaces.
Exam relevance: Tested as physical security control selection and distinguishing temperature, humidity, airflow, and ESD protections in facility questions.
What we cover: Fire detection environmental controls using heat, smoke, and flame detectors and their trigger characteristics.
Why it matters: Correct detector selection reduces false alarms and ensures timely activation of alarms and suppression controls.
Exam relevance: Tested as choosing appropriate physical security controls and distinguishing detector types by what they sense and limitations.
What we cover: Fire suppression methods using the fire triangle and data center sprinkler system types.
Why it matters: Correct suppression selection balances life safety with minimizing equipment damage during facility incidents.
Exam relevance: Tested as choosing appropriate suppression for IT environments and distinguishing wet, dry, deluge, and interlock sprinklers.
What we cover: Clean-agent fire suppression versus water systems and fire extinguisher classes for physical security controls.
Why it matters: Correct suppression selection protects equipment and people by matching agent hazards to the environment.
Exam relevance: Tested as control selection and safety constraints, including clean-agent use cases, extinguisher class matching, and PASS operation.
What we cover: Personnel safety controls for evacuations including roles, assembly points, accessibility planning, and life-safety fail-open mechanisms.
Why it matters: Clear policies and training ensure safe, coordinated egress and reliable accountability during emergencies.
Exam relevance: Tested as selecting appropriate physical security and safety controls, especially fail-open behavior and alerting requirements.
What we cover: Domain 3 scope across architecture and design, cryptography, and physical security control categories.
Why it matters: It supports selecting layered controls that match system design constraints and threat types.
Exam relevance: Tested as conceptual distinctions and scenario-based control selection across architecture, crypto primitives, and physical safeguards.
What we cover: Network and communications security fundamentals across models, protocols, addressing, devices, attacks, and topologies.
Why it matters: Correctly classifying network components and controls enables secure design and protection of data in transit.
Exam relevance: Tested through conceptual distinctions and scenario-based selection of protocols, ports, devices, and mitigations.
What we cover: Core networking distinctions across duplex modes, baseband versus broadband, switching types, QoS, and network scope terms.
Why it matters: Correctly classifying network behavior supports appropriate protocol use, traffic prioritization, and secure connectivity design.
Exam relevance: Tested through terminology identification and scenario-based selection between switching, QoS needs, network types, and VPN purpose.
What we cover: OSI model layers 1 and 2 functions and their protocol data units.
Why it matters: Layer mapping enables correct control placement and accurate fault isolation across physical and data link boundaries.
Exam relevance: Tested through layer identification from terms like frames, MAC, ARP, CSMA, and physical media security tradeoffs.
What we cover: OSI layers 3 through 7 distinctions including IP routing, TCP versus UDP transport, and session, presentation, application functions.
Why it matters: Correctly mapping protocols and controls to layers enables accurate traffic analysis and appropriate defensive control placement.
Exam relevance: Tested through protocol-to-layer identification and choosing TCP or UDP behavior and common attack implications in scenarios.
What we cover: TCP/IP model layers and their mapping to OSI layers.
Why it matters: Layer mapping enables correct protocol placement and control selection across network traffic handling.
Exam relevance: Tested as conceptual layer identification, OSI-to-TCP/IP mapping, and encapsulation versus decapsulation recognition.
What we cover: MAC address formats and IP addressing with port ranges and common service ports.
Why it matters: Correctly distinguishing addressing layers and port usage supports secure traffic control and protocol hardening.
Exam relevance: Tested through port-number identification, TCP versus UDP selection, and well-known versus registered versus ephemeral range classification.
What we cover: Socket addressing and traffic delivery types across UDP, TCP, unicast, multicast, and broadcast.
Why it matters: Correctly classifying traffic and endpoints supports accurate monitoring boundaries and network control selection.
Exam relevance: Tested as protocol and addressing distinctions, including ephemeral ports, well-known ports, and broadcast forwarding limits.
What we cover: IPv4 addressing basics including private versus public ranges, CIDR subnet notation, and NAT versus PAT behavior.
Why it matters: Correct address classification and translation choices support routing boundaries, segmentation, and controlled Internet access.
Exam relevance: Tested as conceptual identification of address types, CIDR meaning, and selecting NAT, pool NAT, or PAT in scenarios.
What we cover: IPv6 addressing structure and key differences from IPv4 including notation, address types, and header fields.
Why it matters: IPv6 changes network security assumptions around addressability, built-in IPsec support, and traffic handling.
Exam relevance: Tested as IPv4 versus IPv6 feature comparison and interpreting IPv6 formats, scopes, and header field equivalents.
What we cover: Core properties and security posture of ARP, ICMP, Telnet, SSH, FTP variants, and TFTP.
Why it matters: Protocol trust and encryption choices determine exposure to spoofing, sniffing, and insecure file transfer.
Exam relevance: Tested as protocol identification by function and port plus selecting secure alternatives and recognizing ARP poisoning risk.
What we cover: Core network protocol roles and ports for email, DNS, SNMP, HTTP versus HTTPS, and DHCP versus BOOTP.
Why it matters: Correct protocol selection reduces exposure from cleartext management traffic and unauthenticated name resolution.
Exam relevance: Tested as port and protocol identification plus secure alternative selection, including DNSSEC and SNMPv3 distinctions.
What we cover: Key differences between copper and fiber cabling, including UTP versus STP and signal loss concepts.
Why it matters: Cable choice affects susceptibility to EMI, crosstalk, and attenuation, impacting confidentiality, integrity, and availability.
Exam relevance: Tested as scenario-based media selection and connector identification using terms like attenuation, shielding, and fiber security.
What we cover: LAN topologies and media access methods at the physical and data link layers.
Why it matters: Topology and access method choices determine collision behavior, redundancy, and exposure on shared segments.
Exam relevance: Tested as selecting correct topology or CSMA variant and distinguishing hubs versus switches and legacy LAN technologies.
What we cover: WAN technologies and protocols including legacy circuits, packet switching, label switching, software-defined WAN, and SCADA communications.
Why it matters: Correct WAN protocol selection determines connectivity characteristics and security control placement across untrusted provider networks.
Exam relevance: Tested as terminology recognition and scenario-based differentiation between circuit versus packet switching, MPLS versus SD-WAN, and industrial protocols.
What we cover: Key WAN-related technologies including SAN connectivity, VoIP transport, and software-defined networking concepts.
Why it matters: Correct protocol selection determines segmentation boundaries, routability, and control-plane exposure across storage, voice, and WAN links.
Exam relevance: Tested as terminology recognition and choosing routable versus nonroutable options, plus identifying SDN, VXLAN, and VoIP protocol roles.
What we cover: Wireless LAN security risks including rogue access points, evil twins, and jamming as wireless-specific threats.
Why it matters: Wireless extends the attack surface beyond physical cabling and requires controls to preserve confidentiality, integrity, and availability.
Exam relevance: Tested through terminology recognition and scenario-based selection of mitigations like switch port security and wireless scanning.
What we cover: Wireless 802.11 bands, client modes, SSID concepts, and Wi-Fi encryption standards.
Why it matters: Correct wireless configuration reduces interception risk and improves confidentiality and integrity over shared radio.
Exam relevance: Tested as selecting secure Wi-Fi settings by distinguishing WPA3 versus WPA2 versus WPA versus WEP and recognizing monitor mode limits.
What we cover: Bluetooth as a PAN with device classes, weak legacy cryptography, and common Bluetooth attack types.
Why it matters: Bluetooth risk depends on proximity, discoverability, pairing secrets, and patch level for access control.
Exam relevance: Tested as wireless technology identification, attack distinction, and selecting mitigations like disabling discovery and updating firmware.
What we cover: Wireless network types and their physical transmission constraints across Li-Fi, Zigbee, satellite, and cellular generations.
Why it matters: Link medium and range limits drive secure connectivity choices under interference, coverage, and reliability constraints.
Exam relevance: Tested as conceptual comparisons and scenario-based selection of appropriate wireless connectivity based on speed, latency, range, and line-of-sight.
What we cover: OSI layer mapping for repeaters, hubs, bridges, switches, VLANs, trunks, VXLAN, and routers.
Why it matters: Correct device and segmentation selection reduces exposure from broadcast leakage and unauthorized access.
Exam relevance: Tested as conceptual layer identification and scenario-based choice of switching, VLAN segmentation, and routing behavior.
What we cover: Dynamic routing protocol types and convergence behavior across interior and exterior routing.
Why it matters: Correct protocol selection prevents unstable routing tables and routing loops during topology changes.
Exam relevance: Tested as protocol identification and comparison, including RIP limits, OSPF IP protocol 89, and BGP AS-based path decisions.
What we cover: Network performance metrics and traffic flow visibility controls for monitoring and management.
Why it matters: These measures support availability and detection by quantifying network health and exposing abnormal communications.
Exam relevance: Tested as choosing correct metric or monitoring method and distinguishing north-south versus east-west traffic controls.
What we cover: Firewall types and inspection depth across OSI layers from packet filtering to next-generation controls.
Why it matters: Inspection capability determines what traffic attributes can be enforced and what threats can be blocked.
Exam relevance: Identify firewall type by behavior, layer visibility, and features like state tables, proxies, application awareness, and deep packet inspection.
What we cover: Bastion hosts, dual-homed hosts, and screened subnet DMZ firewall architectures.
Why it matters: These designs determine network segmentation strength, defense-in-depth, and single-point-of-failure exposure.
Exam relevance: Identify the correct perimeter design and DMZ placement, including fail-closed behavior and redundancy tradeoffs.
What we cover: Modem types and roles including DTE versus DCE and the demarcation point.
Why it matters: Clear device responsibility and signal conversion boundaries support correct network design and troubleshooting.
Exam relevance: Tested as terminology distinctions and identifying ISP versus customer responsibility in connectivity and demarc scenarios.
What we cover: Network authentication and tunneling protocol security for data in transit.
Why it matters: Correct protocol selection preserves confidentiality and integrity without exposing credentials or relying on unauthenticated tunnels.
Exam relevance: Tested as protocol comparison and secure-choice decisions, especially legacy weaknesses versus 802.1X EAP methods and VPN tunneling.
What we cover: IPsec components and modes plus TLS versus SSL and legacy ISDN versus DSL access characteristics.
Why it matters: Correct protocol and mode selection determines confidentiality, integrity, and authentication coverage across network links.
Exam relevance: Tested as choosing IPsec AH versus ESP, tunnel versus transport, TLS versus SSL, and identifying ISDN or DSL traits.
What we cover: Legacy callback verification, remote administration protocols, and VDI client types as secure communications access methods.
Why it matters: These controls reduce unauthorized remote access by strengthening identity verification and centralizing endpoint data exposure.
Exam relevance: Identify callback and caller ID weaknesses, distinguish RDP versus VNC, and differentiate thin clients from zero clients.
What we cover: Secure communication risks and controls for instant messaging, web conferencing, CDNs, third-party connectivity, and NAC enforcement.
Why it matters: These channels expand attack surface and require policy-aligned access control and risk governance.
Exam relevance: Tests selecting appropriate controls and agreements to secure communications and vendor connections while enforcing least privilege.
What we cover: Communication and network security fundamentals across models, addressing, protocols, routing, devices, media, and topologies.
Why it matters: Correctly selecting network controls depends on understanding how traffic flows and where attacks occur.
Exam relevance: Tested through protocol and port identification, OSI/TCP-IP mapping, and choosing mitigations and devices for network scenarios.
* Updated for the 2024 CISSP curriculum and exam. We do in-place updates, meaning any future exam updates you get for free*
Welcome, I am Thor Pedersen, here to help you pass your CISSP certification and advance your career.
Get your CISSP certification, the gold standard in IT Security, and unlock career opportunities with an average salary of over $147,000 in the US.
There are over 82,000 CISSP job openings, so now is the perfect time to get certified.
Join the over 760,000 enrollments from 209 countries who have taken my “Best Selling” and “Highest Rated” CISSP, CISM, and Certified in Cybersecurity (CC) courses here on Udemy.
I think my courses are fantastic but don't just take my word for it. Here's what some of my other students have to say about them:
Thor's videos played a major factor in my ability to pass I cannot recommend them enough! (Blair, ★★★★★).
I passed the CISSP with the ISC Book and Thor's lectures and practice questions. Enough said! (Warren, ★★★★★).
Thor the Legend Pedersen! His course material here, his training site which has other supplementary stuff and his facebook channel all helped me in passing my CISSP. (Kenny, ★★★★★).
This content helped me pass my CISSP first time! It was the main material I used for studying! Very helpful! (Duncan, ★★★★★).
This course assisted me in successfully passing the CISSP Exam! Highly recommend! (Patrick, ★★★★★).
Hi Thor, I used your test and videos and passed the exam at first attempt. (Shan, ★★★★★).
Join our community of successful students and reach your certification goals!
When you buy this course you get all this:
13.5 hours of CISSP videos: Covering the CISSP Domain 3 and 4 exam topics.
134-page PDF CISSP study guides: Detailed guides made from our lectures.
5 Detailed CISSP Mind Maps.
52-page PDF Quick Sheets: For your review sessions.
2-page PDF CISSP Mnemonics: Memory aids to help you remember key concepts.
60 Domain 3-4 practice questions. Test your knowledge with 30 questions from each domain.
72 topic-specific questions: Reaffirm your knowledge after each major topic..
150 website links: Additional resources to deepen your understanding of Domain 3 and 4 topics.
Subtitles in multiple languages: nglish, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Japanese, Chinese, and Hindi.
An automatic certificate of completion: Hang on your wall or use for CEUs/PDUs. (13 CEUs).
30-day money-back guarantee: No questions asked.
Lifetime Access to the course and all course updates.
Offline video viewing: Available on the Udemy mobile apps.
In Domain 3 we cover:
3.1 Research, implement, and manage engineering processes using secure design principles
3.2 Understand the fundamental concepts of security models (e.g., Biba, Star Model, Bell-LaPadula)
3.3 Select controls based upon systems security requirements
3.4 Understand security capabilities of Information Systems (e.g., memory protection, Trusted Platform Module (TPM), encryption/decryption)
3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
3.6 Select and determine cryptographic solutions
3.7 Understand methods of cryptanalytic attacks
3.8 Apply security principles to site and facility design
3.9 Design site and facility security controls
3.10 Manage the information system lifecycle
In Domain 4 we cover:
4.1 Apply secure design principles in network architectures
4.2 Secure network components
4.3 Implement secure communication channels according to design
We continue to update our courses to make sure you have the latest and most effective study materials:
2025: Added 5 CISSP Domain 3-4 Mind Maps. Updated quiz and practice questions.
2024: Updated for the 2024 curriculum. New videos on Managing the Information System Lifecycle, SASE - Secure Access Service Edge, Quantum Cryptography and Key Distribution, Network Performance and Traffic Management. Added subtitles in Japanese and Portuguese (Brazil).
2023: 30+ updates with new content, clearer explanations, practice questions, and study guides. Added subtitles in Spanish (Latin America), French, Arabic, Chinese, and Hindi, and added topic quizzes with 69 questions.
2022: 20+ updates with new content, clearer explanations, practice questions, and study guides.
2021: Full course update for the 2021 curriculum.
2020: 20+ updates with new content, clearer explanations, practice questions, and study guides.
2019: 30+ updates with new content, clearer explanations, practice questions, and study guides.
2018: Full course update for the 2018 curriculum.
Start Your Certification Journey Today!
Join thousands of successful professionals who have transformed their careers with ThorTeaches. Let me guide you to CISSP certification success.
Enroll now and let's achieve your certification goals together!
Thor Pedersen