Domain 8 also sees very little change in terms of course content.
2015 Exam Outline | 2018 Exam Outline |
Understand and apply Security in the Software Development Life Cycle (SDLC)
| Understand and integrate security in the Software Development Life Cycle (SDLC)
#No Change |
Enforce security controls in development environments
| Identify and apply security controls in development environments
#No Change |
Assess the effectiveness of software security
| Assess the effectiveness of software security
#No Change. Just removed acceptance testing. |
Assess security impact of acquired software | Assess security impact of acquired software #No Change |
Define and apply secure coding guidelines and standards
#No Change. Added secure coding practices. |
In Summary ,
DOMAIN | %Weightage in 2015 | % Weightage in 2018 |
Security and Risk Management | 16% | 15% |
Asset Security | 10% | 10% |
Security Architecture and Engineering | 12% | 13% |
Communications and Network Security | 12% | 14% |
Identity and Access Management (IAM) | 13% | 13% |
Security Assessment and Testing | 11% | 12% |
Security Operations | 16% | 13% |
Software Development Security | 10% | 10% |