8 concepts

Security Model
Bell-LaPadula Model
Domain 3 · Security Architecture

Enforces confidentiality via no read up / no write down rules. The go-to model for military and government data classification.

Explore
Security Model
Biba Integrity Model
Domain 3 · Security Architecture

Addresses integrity — the mirror of Bell-LaPadula. No read down / no write up. Prevents corruption of high-integrity data.

Explore
Security Model
Clark-Wilson Model
Domain 3 · Security Architecture

Commercial integrity model using well-formed transactions and separation of duties. Closer to real-world business controls than Biba.

Explore
Network Architecture
OSI 7-Layer Model
Domain 4 · Network Security

The foundational reference model for network communication. Every CISSP question about protocols maps to one of these 7 layers.

Explore
Cryptography
Public Key Infrastructure
Domain 3 · Security Architecture

The trust framework behind digital certificates, CAs, and encrypted communication. Understand the chain of trust cold.

Explore
Access Control
Zero Trust Architecture
Domain 5 · Identity & Access

Never trust, always verify. Eliminates implicit trust based on network location. The modern replacement for perimeter security.

Explore
Risk Framework
Risk & ALE Formula
Domain 1 · Risk Management

SLE × ARO = ALE. The quantitative risk formula every CISSP candidate must know. Used to justify security controls financially.

Explore
Cryptography
TLS Handshake
Domain 4 · Network Security

Step-by-step negotiation that establishes an encrypted TLS session. Understanding this = understanding PKI, ciphers, and authentication together.

Explore