CISSP Essentials training: Domain 4, Security Architecture and Design

In our lesson on Domain 4, Security Architecture and Design, Shon Harris reveals key concepts in system architecture security, as well as the importance of access control and must-know access control models.

As computers and networks have become more complex, so too have approaches for securing them evolved.

In this CISSP Essentials Security School lesson, Domain 4, Security Architecture and Design, noted CISSP certification exam trainer Shon Harris investigates the framework and structures that make up typical computer systems. The special video presentation below sketches the evolution of security models and evaluation methods as they have struggled to keep pace with changing technology needs.

Domain 4 spotlight article

Security architecture and design is a dauntingly broad domain for security pros to conquer, but this Domain 4 spotlight article by Shon Harris outlines it comprehensively. Learn how security is architected and designed into software and hardware tools and technologies, and then uncover how products and methodologies are evaluated, rated and certified.

Domain 4 training video: Security architecture and design

In the first of training video, our Domain 4 video on security architecture and design offers a deep-dive on the security issues related to fundamental IT architecture and design principles. Expert Shon Harris looks at the key components and processes of system architecture and why they matter to security, as well as memory management, APIs and process isolation.

Domain 4 training video: Access control security models

In the second training video, our Domain 4 video on access control security models provides a detailed review of security controls, assurance evaluation and certification/accreditation. Presenter Shon Harris offers in-depth explanations of the difference between security policies and models, security policy statements and then details the four common access control models. Later, Harris discusses assurance evaluation and Common Criteria, and then lays out the certification and accreditation process.

Domain 4 quiz: Security architecture and design

Finally, after reading the spotlight article and two training videos, test your comprehension of the material with our Domain 4 quiz on security architecture and design. The 15-question interactive quiz uses a variety of multimedia components to mimic the interactive nature of the CISSP exam.

CISSP® is a registered certification mark of the International Information Systems Security Certification Consortium, Inc., also known as as (ISC)2.

Next Steps

NEXT after completing this lesson, proceed to Domain 5: Telecommunications and Network Security.

RETURN to SearchSecurity's CISSP Essentials Security School main page.

This was last published in October 2014

Dig Deeper on CISSP certification