The ThorTeaches CISSP, CISM, and CC blog!

Get certification updates, tips, tricks, sales, and much more!

orange-underline-thorteaches-cissp-cism-cc-ccsp-security-training

CISSP D1 Preview | The ISC² Code of Ethics

The (ISC)² code of ethics and the code of ethics of the organization you work for are something you need to know by heart.

For the CISSP exam, the (ISC)² code of ethics is VERY testable.
In the 2021 update of the CISSP curriculum, it has been moved up in priority. It is something you can learn very quickly and it is easy points on your exam; take them. In this video, I cover the (ISC)² code of ethics.

Remember, the CISSP exam is a management-level exam, you need the right point of view to pass the exam.

https://youtu.be/_ZgHvPQnAxk

You can get all my courses, free study materials, my free CISSP course and much more on https://thorteaches.com/

Transcript:

In this lecture, we’re going to talk about ethics.
They are very important both on the exam, for your job and for your career.
As part of that, you need to know, adhere to and understand the (ISC)² Code of Ethics not just as an IT security professional, but also for the exam.
This is very testable and luckily it’s not very long.
These are easy points.
So take them where you can get them.
And also understand these are high level guidelines.
They should not replace your good ethical judgment.
For the exam, I would know both the Preamble and the actual Ethics Canons.
And yes, I am going to read them to you because they are so important.
The preamble is the safety and welfare of society and the common good, duty to our principles and to each other, requires that we adhere to and be seen to adhere to the highest ethical standards of behavior.
Therefore, strict adherence to this code is a condition of certification.
That means before you take the exam, you will be signing the Code of Ethics.
And if you actually break them, it is possible you can have your certification revoked.
So know them, understand them, and adhere to them.
In most cases, if this happens, if you lose your certification, it will tie back to negligence or gross negligence.
And now, let’s look at the 4 Canons.
Protect society, the common good, necessary public trust and confidence, and the infrastructure.
Act honourably, honestly, justly, responsibly, and legally.
Provide diligent and competent services to the principles.
And last, but very much not least, advance and protect the profession.
And as I mentioned, these are testable.
You sign them.
So know the Preamble, know the Canons and understand the sentiment behind them.
For the exam, there are a couple of other ethics standards that I would know.
First off, we have the Ten Commandments from the Computer Ethics Institute.
Most of these are similar in their intent.
The wording is, however, different.
Thou shall not use a computer to harm other people.
Thou shall not interfere with other people’s computer work.
Thou shall not snoop around in other people’s computer files.
Thou shall not use a computer to steal.
Thou shall not use the computer to bear false witness.
Thou shall not copy or use proprietary software which you have not paid for.
Thou shall not use other people’s computer resources without authorization and proper compensation.
Thou shall not appropriate other people’s intellectual output.
Think about the social consequences of programs you’re writing or systems you are designing.
And finally, thou shall always use a computer in a way that ensures consideration and respect for your fellow humans.
On the exam, I don’t think you’re going to get any questions that are specific saying, “What is this commandment or that commandment?”
I would recognize them, but much more important, understand the intent behind them.
It is pretty simple.
Don’t do stuff you’re not allowed to or that is illegal.
Think about the consequences of your actions and act ethically.
And then as the last ethics standards that you might see on the exam, is the IABs Ethics and the Internet.
And this is what they consider unethical behavior:
To gain unauthorized access to resources on the Internet.
Disrupt the intended use of the Internet.
Waste resources; that can be people, capacity, or computers, through actions like destroying the integrity of computer-based information or compromising the privacy of users.
And then finally, for your job as an IT security professional, you obviously need to know the ethics standards of your organization.
Many large organizations have their own code of ethics. Most of them, just like the (ISC)² one, boil down to the very same key elements; do what is right, don’t steal, and be ethical.
Learn these, know these, and understand them.
They are easy points on your exam.

Start studying today!

  • 34 hours of CISSP videos
  • 5,000+ CISSP questions
  • A 300-page CISSP study guide
  • 120-page quick sheets
  • CISSP Mnemonics
  • A CISSP study plan
  • A 2,500-page CISSP Glossary
  • The 24/7 CISSP ThorBot (chatbot)
  • 2,500 CISSP Flashcards
  • Subtitles English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese, and Hindi
  • Lifetime or 12-months access
  • 32 hours of CISM videos
  • 900 CISM questions
  • A 200-page CISM study guide
  • CISM Mnemonics
  • A CISM study plan
  • A 2,500-page CISM Glossary
  • The 24/7 CISM ThorBot (chatbot)
  • 2,500 CISM Flashcards
  • Subtitles English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese, and Hindi
  • Lifetime or 12-months access
  • 17 hours of CC videos
  • 1,700+ CC questions
  • A 120-page CC study guide
  • CC Mnemonics
  • A CC study plan
  • A 2,500-page CC Glossary
  • The 24/7 CC ThorBot (chatbot)
  • 2,500 CC Flashcards
  • Subtitles English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese, and Hindi
  • Lifetime or 12-months access