ISC2 CISSP Security Architecture Guide

Study ISC2 CISSP Security Architecture: key concepts, common traps, and exam decision cues.

This domain is where governance becomes engineering. ISC2 wants architecture choices that embody secure design principles, not just isolated point controls.

Work this chapter in order

Lesson	Focus
3.1 Design Principles & Models	Learn how CISSP frames core design principles and model-based reasoning.
3.2 Crypto & Resilience	Learn how the exam chooses cryptographic and resilience controls in real systems.

Fast routing inside this chapter

If the question is really about…	Go first to…
design principles, trust boundaries, or BLP vs Biba vs Clark-Wilson	3.1 Design Principles & Models
cryptography, HSMs, system vulnerabilities, or resilience design	3.2 Crypto & Resilience

What strong answers usually do

choose architectures that reduce blast radius and preserve trust boundaries
use the security model that matches the system objective
separate confidentiality, integrity, availability, and assurance goals instead of mixing them

In this section

ISC2 CISSP Trust Boundaries Guide
Study ISC2 CISSP Trust Boundaries: key concepts, common traps, and exam decision cues.
ISC2 CISSP Cryptography and Resilience Guide
Study ISC2 CISSP Cryptography and Resilience: key concepts, common traps, and exam decision cues.

Revised on Sunday, May 10, 2026

2. Assets

4. Network