Prime Learning

CISSP blueprint

CISSP exam domains

The ISC2 blueprint defines 8 domains for 2024 exam outline.
View practice test Certification overview
ProviderISC2
Exam codeCISSP
Exam standard2024 exam outline
Domains8

How to use the exam blueprint

Treat every domain as a required area of competence, then use its linked objectives to define exactly what to learn and practice. Published weights indicate relative exam emphasis, not permission to ignore lower-weight areas.

Prepare by objective and decision

Review the knowledge behind each objective, apply it in scenarios or practical work, and use targeted questions to test the decision being measured. Move to timed simulation only after the complete blueprint has been covered.

16% of blueprint / 1 objectives

Security and Risk Management

Covers Apply governance, risk, compliance, ethics, policy, and continuity principles..

10% of blueprint / 1 objectives

Asset Security

Covers Protect information and assets throughout their lifecycle..

13% of blueprint / 1 objectives

Security Architecture and Engineering

Covers Evaluate secure design, engineering, cryptography, and physical security..

13% of blueprint / 1 objectives

Communication and Network Security

Covers Design and assess secure network architectures and communications..

13% of blueprint / 1 objectives

Identity and Access Management

Covers Design and operate identity, authentication, authorization, and access governance..

12% of blueprint / 1 objectives

Security Assessment and Testing

Covers Design, execute, and communicate security assessment and testing..

13% of blueprint / 1 objectives

Security Operations

Covers Operate security programs, incident response, monitoring, and recovery..

10% of blueprint / 1 objectives

Software Development Security

Covers Integrate security into software acquisition and development lifecycles..