Let’s get this out of the way first, ISC2 wants you to know their code of ethics, which you’ll be required to adhere to as a CISSP, so here it is:
Protect society, the common good, necessary public trust and confidence, and the infrastructure.
Act honorably, honestly, justly, responsibly, and legally.
Provide diligent and competent service to principals.
Advance and protect the profession.
Notice the bolded letters above. You can remember this by using the acronym “PAPA”: Protect, Act, Provide, and Advance.
You should read the full code of ethics on the ISC2 website. We won’t paste it here because it may change from time to time, but if you read it once and become familiar with the four tenets, you’re probably good for the exam.
CIA of Information Security
There are three concepts to memorize:
- Confidentiality
- Integrity
- Availability
Confidentiality is the concept that only authorized entities have access to certain data, integrity ensures that the data hasn’t changed (unless the changes are authorized), and availability ensures that the data is accessible to those who are authorized.