EffectiveDate:April15,2015(ExamOutline)EffectiveDate:January1,20151©2015InternationalInformationSystemsSecurityCertificationConsortium,Inc.AllRightsReserved.Duplicationforcommercialpurposesisprohibited.Revised1.14.15V10April15,2015考试大纲考生信息公告生效日期:2015年4月15日(ISC)²注册信息系统安全师EffectiveDate:April15,2015Non-Discrimination(ISC)²doesnotdiscriminateagainstcandidatesonthebasisofnationality,gender,religion,race,ethnicity,sexualorientation,ageordisability.Forfurtherinformationon(ISC)²’snon-discriminationpolicy,pleasevisithttps://www.isc2.org/legal-info-policies.aspx.非歧视性原则(ISC)²绝不会因考生的国籍、性别、宗教信仰、种族、族裔背景、性别取向、年龄或残障而给予歧视性待遇。更多有关(ISC)²非歧视性政策的信息,敬请访问:https://www.isc2.org/legal-info-policies.aspx.2©2015InternationalInformationSystemsSecurityCertificationConsortium,Inc.AllRightsReserved.Duplicationforcommercialpurposesisprohibited.Revised1.14.15V10EffectiveDate:April15,20151)SecurityandRiskManagement(e.g.,Security,Risk,Compliance,Law,Regulations,BusinessContinuity)安全与风险管理(例如:安全、风险、合规、法律、法规与业务连续性)...........8Overview概述..........................................................................................................................................8KeyAreasofKnowledge关键知识领域.................................................................................................92)AssetSecurity(ProtectingSecurityofAssets)资产安全(保护资产的安全)...........................14Overview概述.........................................................................................................................................14KeyAreasofKnowledge关键知识领域................................................................................................153)SecurityEngineering(EngineeringandManagementofSecurity).....................................16安全工程(安全工程与管理).................................................................................
