Grab the Learning Bonanza with up to 50% OFF on Combo Courses + Buy 1 Get 4* FREE on All Courses*
Grab the Learning Bonanza with up to 50% OFF on Combo Courses + Buy 1 Get 4* FREE on All Courses*

ISACA CDPSE Domain 2: Privacy Architecture

Every organization requires a secure privacy architecture that helps to maintain and manage data centers, privilege access management, secure application and software development, and privacy controls. Many organizations have privacy requirements at the core of their operational models. When privacy breaches or lapses are encountered, it may lead to the loss of the organization’s ability to do business in the market.

CDPSE Domain 2

The ISACA’s CDPSE certification covers the essential topics of privacy architecture implemented by security experts.

Domains of ISACA CDPSE:

The ISACA CDPSE exam consists of three domains:

This comprehensive blog is to explore and provide an overview of the contents and concepts covered in ISACA CDPSE Domain 2.

Domain 2: Privacy Architecture

Privacy Architecture is the second domain of the CDPSE certification, which includes 36% of the exam weightage. This domain covers how software, hardware, and other enterprise technologies and the professionals manage and work together to develop a privacy architecture for an organization. It includes the technical privacy controls that need to protect data and evaluate how they are applied.

The CDPSE certification validates the candidate’s skills in implementing essential operations, such as privacy impact assessments, when developing a software application in an organization.

What is Privacy Architecture?

Privacy architecture is an infrastructure that includes applications, software, and technical privacy controls. It allows achieving valuable insights on privacy requirements for an organization. Implementing the design techniques of privacy architecture helps organizations to develop secure technologies for existing products and services that include user data. Securing infrastructure and application or software development concepts will be covered in the first and second parts of Domain 2.

Privacy architecture is required to track technologies and privacy controls that are used to monitor and manage the privacy impact in the organization. Maintaining privacy across the organization is difficult without tracking privacy controls and technologies. The concepts of tracking technologies and privacy controls will come under the second and third parts of Domain 2.

Outline of ISACA CDPSE Domain 2: Privacy Architecture

Part 1: Infrastructure

This part of the domain covers the concepts of self-managed infrastructure, the basics of cloud computing, privacy concerns such as privileged access based on privacy controls, and various approaches to end-point security.

  • Module 1: Self-managed infrastructure includes technology stacks
      1. Non-cloud alternative to on-premises centers
      2. Advantages of self-managed infrastructure
      3. Limitations of self-managed infrastructure
      4. Key privacy concerns
  • Module 2: Cloud Computing
    1. Cloud Data Centers
    2. Characteristics of cloud computing
    3. Cloud Service Models
    4. Shared Responsibility Model
    5. Advantages of cloud computing
    6. Limitations of cloud computing
  • Module 3: End-points
    1. Approaches to Endpoint Security
  • Module 4: Remote Access
    1. Virtual Private Networks
    2. Desktop Sharing
    3. Privileged Access Management
  • Module 5: System Hardening


Part 2: Applications and Software.

This part of the domain covers the concepts of privacy controls implemented during the development of applications and software, referring to the Secure Development Life cycle. Also, tracking technologies ensure that the privacy architecture is implemented during the development phase.

  • Module 1: Secure Development Life cycle
    1. Privacy and the Phases of Secure Development Life Cycle
    2. Privacy by Design
  • Module 2: Applications and Software Hardening
  • Module 3: APIs and Web Services
  • Module 4: Tracking Technologies
    1. Types of Tracking Technologies


Part 3: Technical Privacy Controls

This part of the domain covers the concepts of communication protocols and their models, applications of cryptographic systems, and Identity Access Management in maintaining system access permissions and security.

  • Module 1: Communication and Transport Protocols
    1. Various types of communication protocols
    2. LAN
    3. TCP/IP and its relation to the OSI Reference Model
    4. Transport Layer Security
    5. Secure Shell
  • Module 2: Encryption, Hashing and De-identification
    1. Encryption
    2. De-identification
    3. Hashing
    4. Applications of Cryptographic Systems
  • Module 3: Key Management
    1. Certificates
    2. Public Key Infrastructure
  • Module 4: Monitoring and Logging
    1. Monitoring
    2. Logging
    3. Privacy and Security Logging
  • Module 5: Identity and Access Management
    1. System Access Permissions
    2. Mandatory and Discretionary Access Controls
    3. Information Security and External Parties

Concepts covered in CDPSE Domain 2: Privacy Architecture

Domain 2 of CDPSE covers the technical concepts of privacy architecture. So, by the end of domain 2, you will be able to:

  • Identify, validate, and implement privacy controls based on data classification procedures.
  • Coordinate and execute Privacy Impact Assessment (PIA) to identify appropriate tracking technologies and technical privacy controls.
  • Participate in developing privacy control procedures that include business needs and privacy policies.
  • Evaluate the information and enterprise architecture to ensure it abides by privacy by design principles.
  • Collaborate with cybersecurity professionals on the security risk assessment process to manage privacy compliance and risk mitigation
  • Coordinate with other practitioners to ensure that privacy programs and practices are implemented while designing, developing, and implementing applications, systems, and infrastructure.
  • Evaluate advancements and changes in privacy-enhancing technologies.

CDPSE training with InfosecTrain

InfosecTrain is a leading global provider of Information Technology and Cybersecurity training that offers the CDPSE certification training course. Our well-experienced trainer helps you to get a complete understanding of data privacy and compliance concepts. To know more, check out our CDPSE course and enroll now.


Emaliya Keerthana
Content Writer
Emaliya Keerthana working as a Content Writer at InfosecTrain. She likes to explore the latest technology. She writes on emerging IT-related topics and is passionate about sharing her thoughts through blogs.