<P> The CISSP curriculum covers subject matter in a variety of Information Security topics . The CISSP examination is based on what (ISC) 2 terms the Common Body of Knowledge (or CBK). According to (ISC) 2, "the CISSP CBK is a taxonomy--a collection of topics relevant to information security professionals around the world . The CISSP CBK establishes a common framework of information security terms and principles that allow information security professionals worldwide to discuss, debate and resolve matters pertaining to the profession with a common understanding ." </P> <P> From 2015, the CISSP curriculum is divided into eight domains: </P> <Ul> <Li> Security and Risk Management </Li> <Li> Asset Security </Li> <Li> Security Engineering </Li> <Li> Communications and Network Security </Li> <Li> Identity and Access Management </Li> <Li> Security Assessment and Testing </Li> <Li> Security Operations </Li> <Li> Software Development Security </Li> </Ul> <Li> Security and Risk Management </Li>

Eight domains of the csslp common body of knowledge (cbk)