Table of Contents

• Key Terms & Definitions
• Key Areas
• Security and Risk Management_Mindmap
• BCP_DR_Mindmap
• Security Architecture & Engineering_Mindmap
• Domain 03_Practise Tests
• Domain 03_Flashcard
• Resources
• Credits & Disclaimer
• Contribution
• Related Mindmaps

CISSP Mindmap – Domain 03

A comprehensive CISSP Mindmap Series will include all 8 Domains. This collection is designed to equip prospective CISSP professionals with essential resources for exam preparation, training and reference.

• Cryptology: The science of secure communication
• Cryptography: Secret Writing. Creating messages whose meaning is hidden
• Cryptanalysis: The science of breaking encrypted messages (recovering their meaning).
• Cipher: A cryptographic algorithm
• Encryption: Process by which plaintext is converted to ciphertext with a key, using a cipher. (Encipher)
• Decryption: Process by which ciphertext is converted to plaintext (with the key) by the use of a cipher. (Decipher)
• Kerckhoff’s Principle: Only the key should be kept secret. Algorithms should be publicly known.
• Algorithm: Set of mathematical rules used in encryption and decryption
• Key: Secret sequence of bits and instructions that governs the act of encryption and decryption
• Work factor: Estimated time, effort, and resources necessary to break a cryptosystem
• Diffusion: The order of the plaintext is dispersed in the ciphertext
• Confusion: Creating a random relationship between the plaintext and the ciphertext
• Substitution: Replaces one character with another, which provides diffusion
• Permutation (Transposition): Provides confusion by rearranging the plaintext characters (like an anagram)
• Modular Math: Shows what remains Y=25th letter. C=3rd letter. Y+C=B (b/c 25+3=28. 28-26=2 B=2nd letter)
• XOR (Exclusive Or): Combining a key with a plaintext via XOR creates ciphertext (0+0=0 0+1=1 1+1=0 1+0=1)
• Monoalphabetic Cipher: Uses ONE alphabet (A becomes X)
• PolyAlphabetic Cipher: Uses two or more alphabets (A becomes X) (X becomes M) …
• Running Key Cipher (Book Cipher): Substitution cipher using books, or some other
• known source. Agree on the source, then note the page#, line#, and word offset. Uses whole words at each position.
• Scytale Cipher: Spartans. Wrap cloth around a rod and write down all the strips of cloth. Unwind to encrypt.
• Caesar Cipher (Rotation Cipher): Monoalphabetic rotation cipher. Key is # of places to shift in alphabet (3: A=D)
• Vigenere Cipher: Polyalphabetic cipher. Alphabet repeated 26 times in a Vigenere Square.
• One-Time Pad (Vernam Cipher): Unbreakable cipher. Key is as many bits as message. Key Mgmt issues.
• Steganography: Hiding or embedding data (not encrypting) in an image.
• Digital Signature: A hash value encrypted with a private key
• Digital Certificate: A public key signed with a digital signature

• Cryptography
• Concepts of secure design principles
• Security models fundamental principles
• Security capabilities of information system
• Cryptography: Concepts, methodologies, and practices
• Physical security
• Secure protocol and design components

• CISSP Practice Set_01: Security Architecture & Engineering

• CISSP Flashcard Set_01: Security Architecture & Engineering

• (ISC)2 CISSP Official Study Guide (OSG) 9th Edition by Mike Chapple, James Michael Stewart, and Darril Gibson
  • Chapter 06 – Chapter10, Pg219-489
• CISSP All-in-One Exam Guide, Ninth Edition by Fernando Maymi and Shon Harris
  • Part III, Pg283-417
• Eleventh Hour CISSP® Study Guide, Third Edition by Eric Conrad, Seth Misenar, Joshua Feldma
  • Domain-03, Pg47-93
• Destination Certification – A Concise Guide by Rob Witcher, John Berti, Lou Hablas, Nick Mitropoulos
  • Domain-03, Pg97-235

• The Official (ISC)2 CISSP CBK Reference, 6th Edition by Arthur Deane and Aaron Kraus

  • Domain-03, Pg147-281

• (ISC)2 CISSP Official Practice Tests by Mike Chapple and David Seidl
• How to Think Like a Manager for the CISSP Exam by Luke Ahmed
• Boson Practice Exam
• Study Notes and Theory (SNT) by Luke Ahmed

• Mike Chapple’s CISSP Cert Prep on LinkedIn Learning.
• Kelly Handerhan’s CISSP Prep Course on Cybrary
• Destination CISSP Mindmap Video
• Pete Zerger’s CISSP Exam Cram 
• Prabh’s Coffee Shots
• Luke Ahmed’s Study Notes and Theory (SNT) 

We express our gratitude to the below-mentioned authors, creators, and sources which have been referred for the creation of our Interactive CISSP Mindmap – Mike Chapple and David Seidl (OSG), Luke Ahmed (SNT), Pete Zerger (Exam Cram), Prashant Mohan (Memory Palace) , Prabh (Coffee shots), Rob Witcher (destcert.com/)  and M. Waleed Khaliq (CISSP Concepts Guide).This Mindmap has been meticulously created to ensure that information is shared effectively. This Mindmap aims to offer a thorough grasp of essential concepts with a dedication to assist enhanced learning experiences. We hope that this resource helps people absorb information more thoroughly, which will lead to a broader understanding of each CISSP domains and is freely available for all.

We have already included some reference images and short notes for most of the topics so that users can more effectively refer to the content in the mindmap. If you have any information, images, or notes that can make the mindmap more effective, please feel free to share them.

https://github.com/sajinshivdas/CISSP_Interactive_Mindmap/tree/main/CISSP_Domain_03

For issues and concern please feel free to raise a issue in Github link https://github.com/sajinshivdas/CISSP_Interactive_Mindmap/issues

Connect with me www.linkedin.com/in/sajin-shivdas