top of page

CISSP-Related NIST Documents

Do you really need to know every single NIST document word for word?

Answer: No

Are NIST documents an incredible source of learning material to expand your knowledge and provide clarity for the CISSP exam?

Answer: Yes

Do the actual study guide books and practice exam question engines use NIST documents as their references when trying to explain topics? Answer: Yes

Basically, if the Sybex book, the Shon Harris book and even Study Notes and Theory, are using documents provided by the National Institute of Standards and Technology to explain topics, wouldn't it be a good idea to just go to the heart of the information?

Answer: Your choice.

The below NIST documents will only enhance your knowledge on the journey to the CISSP, especially 800-34, 800-30 and 800-88. Just skim them, you don't have to read them like a novel.

NIST Special Publication Documents Relevant to the CISSP CBK

SP 800-12 - An Introduction to Computer Security

SP 800-14 - Generally Accepted Principles and Practices for Securing Information Technology Systems

SP 800-115 - Technical Guide to Information Security Testing and Assessment

SP 800-30 - Risk Management Guide for Information Technology Systems

SP 800-34 - Contingency Planning Guide for Information Technology Systems

SP 800-86 - Guide to Integrating Forensic Techniques into Incident Response

SP 800-88 - Guidelines for Media Sanitization

SP 800-137 - Information Security Continuous Monitoring SP 800-53 - Security and Privacy Controls for Federal Information Systems and Organization

SP 800-145 - The NIST Definition of Cloud Computing

If there are some that are not on here, let me know and I'll add them.

bottom of page