Security Assessment & Testing Domain

This domain represents 12 percent of the CISSP certification exam.

Security assessment and testing is based on designing, assessment and analyzing phases. The purpose of designing an interpretation and security assessment is to ensure that all security controls that have been implemented work properly.

Assessment and testing are performed in the next phase to ensure all risks are properly mitigated.