Not exactly my favorite topic, or any topic in Domain 8!

But you just don't know what the CISSP exam will test you on, so best to just know all of it at a surface level. Believe me, I have zero experience with software development, so Domain 8 was particularly difficult for me while studying for the exam. Not so much now that I'm an instructor :)

Just know the basics below, nothing crazy:

Relational databases organize information using a structured model built on tables and

relationships. Understanding these structures helps security professionals evaluate how data is stored, accessed, and protected.

A relation is essentially a table that stores data.

Each table consists of:

Columns (attributes) – the data categories

Rows (tuples) – individual records

The degree of a relation refers to the number of columns in the table.

For example, a table with seven attributes has a degree of seven.

The tuple count represents the number of rows in the table.

Relational databases also define how tables relate to each other using cardinality.

Common cardinality relationships include:

One-to-One (1:1)

One record relates to exactly one record.

Example: a person and their Social Security number.

One-to-Many (1:N)

One record relates to multiple records.

Example: one salesperson with many orders.

Many-to-Many (N:M)

Multiple records relate to multiple records.

Example: students enrolled in multiple courses.

Another important concept is the database view.

A view is a virtual table created from existing tables.

Views allow administrators to:

• restrict access

• simplify queries

• present different data to different users

For CISSP candidates, views demonstrate how security controls can be

implemented at the database layer.