Duration : 5 Days (40 Hours)
CISSP-ISSAP Course Overview:
This training provides comprehensive instruction on information security requirements and concepts within design and architecture frameworks. Participants will acquire skills and knowledge applicable to diverse models and scenarios. Successful completion of this course will prepare students to excel in the CISSP-ISSAP Examination. Moreover, students will gain insights into the risks associated with data, multimedia, and voice communications networks.
- Cybersecurity Professionals
- Information Security Consultants
- Security Architects
- Information Security Managers
- IT Security Professionals
- Risk Analysts
- Information Security Specialists
- Security Engineers
- Security Consultants
- CISSP Certified Professionals (as a prerequisite)
Learning Objectives of CISSP-ISSAP:
- Information Security Design and Architecture: The CISSP-ISSAP course delves into the essential concepts and requirements of information security design and architecture. Participants will gain a deep understanding of the principles guiding the development of robust security frameworks.
- Application of Skills in Diverse Scenarios: Through practical exercises and real-world scenarios, participants will have the opportunity to apply their skills and knowledge to a variety of models and situations, preparing them for the complexities of real-world information security challenges.
- CISSP-ISSAP Exam Preparation: The training is tailored to help students successfully pass the CISSP-ISSAP Examination, a globally recognized certification offered by (ISC)². Participants will receive comprehensive instruction and hands-on experience to meet the requirements of the examination.
- Risk Analysis for Communication Networks: Participants will gain insights into the risks associated with communication networks, encompassing data, multimedia, and voice. This knowledge will enable them to assess and address vulnerabilities in complex communication infrastructures.
Domain 1: Architect for Governance, Compliance and Risk Management
- Determine legal, regulatory, organizational and industry requirements
- Manage Risk
Domain 2: Security Architecture Modeling
- Identify security architecture approach
- Verify and validate design (e.g., Functional Acceptance Testing (FAT), regression)
Domain 3: Infrastructure Security Architecture
- Develop infrastructure security requirements
- Design defense-in-depth architecture
- Secure shared services (e.g., wireless, e-mail, Voice over Internet Protocol (VoIP), Unified Communications (UC), Domain Name System (DNS), Network Time Protocol (NTP))
- Integrate technical security controls
- Design and integrate infrastructure monitoring
- Design infrastructure cryptographic solutions
- Design secure network and communication infrastructure (e.g., Virtual Private Network (VPN), Internet Protocol Security (IPsec), Transport Layer Security (TLS))
- Evaluate physical and environmental security requirements
- Map physical security requirements to organizational needs (e.g., perimeter protection and internal zoning, fire suppression)
- Validate physical security controls
Domain 4: Identity and Access Management (IAM) Architecture
- Design identity management and lifecycle
- Design access control management and lifecycle
- Design identity and access solutions
Domain 5: Architect for Application Security
- Integrate Software Development Life Cycle (SDLC) with application security architecture (e.g., Requirements Traceability Matrix (RTM), security architecture documentation, secure coding)
- Determine application security capability requirements and strategy (e.g., open source, Cloud Service Providers (CSP), Software as a Service (SaaS)/Infrastructure as a Service (IaaS)/ Platform as a Service (PaaS) environments)
- Identify common proactive controls for applications (e.g., Open Web Application Security Project (OWASP))
Domain 6: Security Operations Architecture
- Gather security operations requirements (e.g., legal, compliance, organizational, and business requirements)
- Design information security monitoring (e.g., Security Information and Event Management (SIEM), insider threat, threat intelligence, user behavior analytics, Incident Response (IR) procedures)
- Design Business Continuity (BC) and resiliency solutions
- Validate Business Continuity Plan (BCP)/Disaster Recovery Plan (DRP) architecture
- Design Incident Response (IR) management
CISSP-ISSAP Course Prerequisites:
To qualify for the CISSP-ISSAP, you must have at least 2 years of cumulative paid, full-time professional work experience in the area of architecture, maintain your CISSP credential in good standing, and pass the ISSAP examination.
Discover the perfect fit for your learning journey
Choose Learning Modality
This course comes with following benefits:
- Practice Labs.
- Get Trained by Certified Trainers.
- Access to the recordings of your class sessions for 90 days.
- Digital courseware
- Experience 24*7 learner support.
Got more questions? We’re all ears and ready to assist!