Interactive visual guides to every major model, framework, and architecture on the CISSP exam. Click any concept to explore it in depth.
8 concepts
Enforces confidentiality via no read up / no write down rules. The go-to model for military and government data classification.
Addresses integrity — the mirror of Bell-LaPadula. No read down / no write up. Prevents corruption of high-integrity data.
Commercial integrity model using well-formed transactions and separation of duties. Closer to real-world business controls than Biba.
The foundational reference model for network communication. Every CISSP question about protocols maps to one of these 7 layers.
The trust framework behind digital certificates, CAs, and encrypted communication. Understand the chain of trust cold.
Never trust, always verify. Eliminates implicit trust based on network location. The modern replacement for perimeter security.
SLE × ARO = ALE. The quantitative risk formula every CISSP candidate must know. Used to justify security controls financially.
Step-by-step negotiation that establishes an encrypted TLS session. Understanding this = understanding PKI, ciphers, and authentication together.