CISSP: Security Architecture and Engineering Proficiency (Advanced Level)

  • 30m
  • 30 questions
The CISSP: Security Architecture and Engineering Proficiency benchmark will measure your ability to recognize key terms and concepts related to security architecture and engineering. You will be evaluated on secure design principles, cryptography, design vulnerabilities, and site and facility security. A learner who scores high on this benchmark demonstrates that they have the skills related to understanding security architecture and engineering terminology and concepts.

Topics covered

  • assess the security capabilities of information systems (memory protection, TPM, encryption/decryption)
  • compare security between clients-based systems and server-based systems
  • compare symmetric and asymmetric key cryptosystems
  • compare the security distinctiveness of securing containerized applications, both server-based and serverless, and microservices
  • define the characteristics of the Zero Trust (ZT) principle and zero trust architecture (ZTA)
  • describe cryptographic hashing and message authentication codes
  • describe digital signatures and digital certificates and their common use cases
  • describe enterprise mobility management and control
  • describe how to defend the perimeter using various physical controls
  • describe security of high-performance computing (HPC) systems and edge computing systems
  • describe the defense-in-depth approach as it applies to sites and facilities
  • describe the security of virtualization and cloud-based deployments, such as IaaS, PaaS, SaaS, MSSPs, and CASBs
  • describe the security principle of defense in depth (DiD) and provide real-world examples
  • describe the security principle of least privilege and provide real-world examples
  • describe the security principle of privacy by design and provide real-world examples
  • describe the security principle of separation of duties (SoD) and provide real-world examples
  • describe the unique aspects of securing embedded systems and SoC deployments
  • examine a variety of common categories of physical controls
  • explore elliptic curve and quantum computing
  • identify the distinctiveness of securing database systems, including scoping, tailoring, tokenizing, and abstraction
  • implement controls to protect distribution frames, wiring systems, and wiring closets
  • implement controls to protect media and evidence storage facilities
  • implement controls to protect server rooms and data centers
  • list use cases for the trust but verify security principle
  • outline the characteristics of securing distributed systems
  • outline the cryptographic life cycle, including keys and algorithm selection
  • outline the design principles and use cases of secure defaults
  • outline the elements of Public Key Infrastructure
  • recognize the main vulnerabilities to IoT based on the Open Web Application Security Project (OWASP)
  • recognize the security of industrial control systems and supervisory control and data acquisition (SCADA)