CISSP-ISSAP Certification Training

CISSP-ISSAP is a recognized credential recognizing advanced expertise in the area of information security architecture. This official CISSP-ISSAP Certification Training  – Information System Security Architecture Professional Training (ISSAP) seminar provides students with an in-depth review of information security architectural concepts and industry best practices in the design, deployment, and maintenance of an information security program.

This CISSP-ISSAP Training course covers the 6 domains of the CISSP-ISSAP CBK (Common Body of Knowledge). Whether a student is hoping to take the CISSP-ISSAP certification exam or learn more about information architecture, this course is packed with study tips and practical information. All that to be said, CISSP-ISSAP is a great resource for those hoping to review and refresh their information security knowledge while also identifying areas they need to study before writing the certification exam.

• System Security Certified Practitioner Training (SSCP)
• Certified Information Systems Security Professional Training (CISSP)
• Information System Security Engineering Professional Training (ISSEP)
• Information System Security Management Professional Training (ISSMP)

CISSP-ISSAP Certification Training

Domain 1 – Architect for governance, compliance, and risk management

• Determine legal, regulatory, organizational, and industry requirements
• Manage risk

Domain 2 – Security architecture modeling

• Identify the security architecture approach
• CISSP-ISSAP Certification Training
• Verify and validate design (e.g., functional acceptance testing (FAT), regression)

Domain 3 – Infrastructure security architecture

• Develop infrastructure security requirements
• Design defense-in-depth architecture
• Secure shared services (e.g., wireless, e-mail, voice over internet protocol (VoIP), unified communications (UC)
• Domain name system (DNS), network time protocol NTP))
• Integrate technical security controls
• Design and integrate infrastructure monitoring
• Design infrastructure cryptographic solutions
• Design secure network and communication infrastructure (e.g., a virtual private network (VPN), internet protocol security (IPsec), transport layer security (TLS))
• Evaluate physical and environmental security requirements

Domain 4 – Identity and access management (IAM) architecture

• Design identity management and lifecycle
• Design access control management and lifecycle
• Design identity and access solutions

Domain 5 – Architect for application security

• Integrate software development life cycle (SDLC) with application security architecture (e.g., requirements traceability matrix (RTM), security architecture documentation, secure coding)
• Determine application security capability requirements and strategy (e.g., open source, cloud service providers (CSP), software as a service (SaaS)/infrastructure as a service (IaaS)/platform as a service (PaaS) environments)
• Identify common proactive controls for applications (e.g., Open Web Application Security Project (OWASP))

Domain 6 – Security operations architecture

• Gather security operations requirements (e.g., legal, compliance, organizational, and business requirements)
• Design information security monitoring (e.g., security information and event management (SIEM), insider threat, threat intelligence, user behavior analytics, incident response (IR) procedures)
• Design business continuity (BC) and resiliency solutions
• Validate business continuity plan (BCP)/disaster recovery plan (DRP) architecture
• Design incident response (IR) management

CISSP-ISSAP Certification Training Course Recap, Q/A, and Evaluations