CISSP-ISSAP Training & Certification Course

As an expert who sits between the C-suite and upper management, the information security architect is critical in implementing a solid security programmer in organizations. This role as an information security architect or analyst entails carrying out various information security consultative and analytical processes.

Why This Course

  • 40 hours of instructor-led instruction Access to recorded sessions
  • Certified Trainers
  • 4 hours each day Session, Get certified at a low cost.

Why Enroll In Course?

The CISSP-ISSAP training and certification course enhances expertise in information security architecture, offering career growth opportunities and a comprehensive understanding of security strategies. It’s globally recognized and awarded by (ISC)², providing a network of like-minded professionals. The course is flexible and available online, allowing busy professionals to balance their commitments while advancing their careers.

Training Features

Live Interactive Learning

Lifetime Access

24x7 Support

Hands-On Project Based Learning

Industry Recognized Certification

Cloud

Course Curriculum

1.1 Determine legal, regulatory, organizational and industry

requirements

  • Determine applicable information security standards and guidelines
  • Identify third-party and contractual obligations (e.g., supply chain,
  • outsourcing, partners)
  • Determine applicable sensitive/personal data standards, guidelines
  • and privacy regulations
  • Design for auditability (e.g., determine regulatory, legislative, forensic
  • requirements, segregation, high assurance systems)
  • Coordinate with external entities (e.g., law enforcement, public
  • relations, independent assessor)

1.2 Manage Risk

  • Identify and classify risks
  • Assess risk
  • Recommend risk treatment (e.g., mitigate, transfer, accept, avoid)
  • Risk monitoring and reporting

2.1 Identify security architecture approach

  • Types and scope (e.g., enterprise, network, Service-Oriented
  • Architecture (SOA), cloud, Internet of Things (IoT), Industrial Control
  • Systems (ICS)/Supervisory Control and Data Acquisition (SCADA))
  • Frameworks (e.g., Sherwood Applied Business Security Architecture
  • (SABSA), Service-Oriented Modeling Framework (SOMF))
  • Reference architectures and blueprints
  • Security configuration (e.g., baselines, benchmarks, profiles)
  • Network configuration (e.g., physical, logical, high availability,
  • segmentation, zones)
  • 2.2 Verify and validate design (e.g., Functional Acceptance
  • Testing (FAT), regression)

Validate results of threat modeling (e.g., threat vectors, impact,

probability)

  • Identify gaps and alternative solutions
  • Independent Verification and Validation (IV&V) (e.g., tabletop
  • exercises, modeling and simulation, manual review of functions)

3.1 Develop infrastructure security requirements

  • On-premise, cloud-based, hybrid
  • Internet of Things (IoT), zero trust

3.2 Design defense-in-depth architecture

  • Management networks
  • Industrial Control Systems (ICS) security
  • Network security
  • Operating systems (OS) security
  • Database security
  • Container security
  • Cloud workload security
  • Firmware security
  • User security awareness considerations

3.3 Secure shared services (e.g., wireless, e-mail, Voice over Internet Protocol (VoIP), Unified Communications (UC), Domain Name System (DNS), Network Time Protocol (NTP))

3.4 Integrate technical security controls

  • Design boundary protection (e.g., firewalls, Virtual Private Network (VPN), airgaps, software defined perimeters, wireless, cloud-native)
  • Secure device management (e.g., Bring Your Own Device (BYOD), mobile, server, endpoint, cloud instance, storage)

3.5 Design and integrate infrastructure monitoring

  • Network visibility (e.g., sensor placement, time reconciliation, span of control, record compatibility)
  • Active/Passive collection solutions (e.g., span port, port mirroring, tap, inline, flow logs)
  • Security analytics (e.g., Security Information and Event Manage- ment (SIEM), log collection, machine learning, User Behavior Analytics (UBA))

3.6 Design infrastructure cryptographic solutions

  • Determine cryptographic design considerations and constraints
  • Determine cryptographic implementation (e.g., in-transit, in-use, at-rest)
  • Plan key management lifecycle (e.g., generation, storage, distribution)
  • Map physical security requirements to organizational needs (e.g., perimeter protection and internal zoning, fire suppression)
  • Validate physical security controls

3.7 Design secure network and communication infrastructure

(e.g., Virtual Private Network (VPN), Internet Protocol Security

(IPsec), Transport Layer Security (TLS))

3.8 Evaluate physical and environmental security requirements

4.1 Design identity management and lifecycle

  • Establish and verify identity
  • Assign identifiers (e.g., to users, services, processes, devices)
  • Identity provisioning and de-provisioning
  • Define trust relationships (e.g., federated, standalone)
  • Define authentication methods (e.g., Multi-Factor Authentication
  • (MFA), risk-based, location-based, knowledge-based, object-based,
  • characteristics based)
  • Authentication protocols and technologies (e.g., Security Assertion
  • Markup Language (SAML), Remote Authentication Dial-In User Service
  • (RADIUS), Kerberos)

4.2 Design access control management and lifecycle

  • Access control concepts and principles (e.g., discretionary/mandatory, segregation/Separation of Duties (SoD), least privilege)
  • Access control configurations (e.g., physical, logical, administrative)
  • Authorization process and workflow (e.g., governance, issuance,
  • periodic review, revocation)
  • Roles, rights, and responsibilities related to system, application, and
  • data access control (e.g., groups, Digital Rights Management (DRM), trust
  • relationships)
  • Management of privileged accounts
  • Authorization (e.g., Single Sign-On (SSO), rule based, role-based,
  • attribute- based)

4.3 Design identity and access solutions

  • Access control protocols and technologies (e.g., eXtensible Access
  • Control Markup Language (XACML), Lightweight Directory Access Protocol
  • (LDAP))
  • Credential management technologies (e.g., password management,
  • certificates, smart cards)
  • Centralized Identity and Access Management (IAM) architecture (e.g.,
  • cloud-based, on-premise, hybrid)
  • Decentralized Identity and Access Management (IAM) architecture (e.g.,
  • cloud-based, on-premise, hybrid)
  • Privileged Access Management (PAM) implementation (for users with
  • elevated privileges)
  • Accounting (e.g., logging, tracking, auditing)

5.1 Integrate Software Development Life Cycle (SDLC) with application

security architecture (e.g., Requirements Traceability Matrix (RTM),

security architecture documentation, secure coding)

  • Assess code review methodology (e.g., dynamic, manual, static)
  • Assess the need for application protection (e.g., Web Application
  • Firewall (WAF), anti-malware, secure Application Programming Interface
  • (API), secure Security Assertion Markup Language (SAML))
  • Determine encryption requirements (e.g., at-rest, in-transit, in-use)
  • Assess the need for secure communications between applications
  • and databases or other endpoints
  • Leverage secure code repository

5.2 Determine application security capability requirements and

strategy (e.g., open source, Cloud Service Providers (CSP),

Software as a Service (SaaS)/Infrastructure as a Service (IaaS)/

Platform as a Service (PaaS) environments)

5.3 Identify common proactive controls for applications (e.g., Open

Web Application Security Project (OWASP))

  • Review security of applications (e.g., custom, Commercial
  • Off-the-Shelf (COTS), in-house, cloud)
  • Determine application cryptographic solutions (e.g., cryptographic
  • Application Programming Interface (API), Pseudo Random Number
  • Generator (PRNG), key management)
  • Evaluate applicability of security controls for system components
  • (e.g., mobile and web client applications; proxy, application, and database
  • services)

6.1 Gather security operations requirements (e.g., legal, compliance,

organizational, and business requirements)

6.2 Design information security monitoring (e.g., Security Information

and Event Management (SIEM), insider threat, threat intelligence,

user behavior analytics, Incident Response (IR) procedures)

6.4 Validate Business Continuity Plan (BCP)/Disaster Recovery Plan

(DRP) architecture

6.5 Design Incident Response (IR) management

6.3 Design Business Continuity (BC) and resiliency solutions

  • Detection and analysis
  • Proactive and automated security monitoring and remediation (e.g.,
  • vulnerability management, compliance audit, penetration testing)
  • Preparation (e.g., communication
  • plan, Incident Response Plan (IRP),
  • training)
  • Identification
  • Containment
  • Eradication
  • Recovery
  • Review lessons learned
  • Incorporate Business Impact Analysis (BIA)
  • Determine recovery and survivability strategy
  • Identify continuity and availability solutions (e.g., cold, warm, hot, cloud
  • backup)
  • Define processing agreement requirements (e.g., provider, reciprocal,
  • mutual, cloud, virtualization)
  • Establish Recovery Time Objectives (RTO) and Recovery Point Objectives
  • (RPO)
  • Design secure contingency communication for operations (e.g., backup
  • communication channels, Out-of-Band (OOB)

Certification

The CISSP-ISSAP certification from (ISC)² validates the knowledge and skills required to design and implement security solutions at the architectural level. The training covers security architecture concepts, design requirements, documentation, controls, and testing. Candidates must have at least two years of experience in one of the six domains covered in the exam and hold the CISSP certification. Earning the CISSP-ISSAP certification can enhance a professional’s skills in security architecture and potentially lead to increased career opportunities in the field of information security architecture.

Online Training FAQs

The CISSP-ISSAP certification is a specialized certification offered by (ISC)² that focuses on information security architecture.

In order to obtain the CISSP-ISSAP certification, candidates must first hold a CISSP certification and have at least two years of professional experience in the field of information security architecture.

The CISSP-ISSAP training and certification course covers a wide range of topics, including security architecture analysis, security capabilities assessment, risk management, security technology architecture, and emerging trends in information security.

The duration of the CISSP-ISSAP training and certification course varies depending on the individual’s pace of learning. The course is self-paced and can be completed in as little as a few months, but candidates are given up to 12 months to complete it.

The benefits of obtaining the CISSP-ISSAP certification include enhanced career prospects, increased earning potential, a comprehensive understanding of information security architecture, and recognition as an expert in the field.

The CISSP-ISSAP certification exam is a computer-based test administered at Pearson VUE test centers worldwide. The exam consists of 125 multiple-choice questions and must be completed within three hours.

The passing score for the CISSP-ISSAP certification exam is 700 out of 1,000 points

The CISSP-ISSAP certification is valid for three years, after which it must be renewed through continuing education credits or retaking the exam.

Course Description

As an expert who sits between the C-suite and upper management, the information security architect is critical in implementing a solid security programmer in organizations. This role as an information security architect or analyst entails carrying out various information security consultative and analytical processes. The CISSP-ISSAP is a comprehensive certification that confirms your technical abilities in security architecture and provides you with the globally recognized credentials of chief security architect or analyst. This comprehensive certification assesses your ability to conceive, implement, and analyze diverse security solutions, as well as give risk-based advice to upper management in fulfilling various organizational goals.

The CISSP-ISSAP certification training course assists you in gaining global recognition as a certified security architecture professional, advancing your career, and gaining a competitive edge in:

  • Creating security architecture to ensure the highest level of information system design protection across the organization
  • Installing and managing physical access restrictions in order to detect, prevent, and respond to suspicious activity through the use of an effective information security model.
  • Using encryption to safeguard organizational data and information from possible internal and external threats
  • Choosing and installing communication solutions in accordance with organizational rules and standards, as well as executing and measuring their performance
  • Detecting undesirable events that may jeopardize organizational functioning

CISSP-ISSAP training aids in the advancement of the technical abilities of:

  • System Designers
  • Analysts of Business
  • Designers of systems and networks
  • Chief Security Officers (CSOs)
  • Chief Information Officers

A minimum of two years of full-time, paid job experience in at least one of the six CISSP-ISSAP CBK domains is required.

The CISSP-ISSAP certification test assists you in gaining a comprehensive grasp of:

  • Access control system fundamentals, methodologies, and access management architecture
  • Communications and network architecture, security design concerns, and related hazards
  • Cryptography fundamentals, design concerns, and integrated cryptography solutions such as Public Key Infrastructure (PKI), API choices, and more are covered.
  • Approach and analysis of security architecture, design verification and validations
  • Business Continuity Planning (BCP), Disaster Recovery Planning (DRP), and Business Impact Analysis (BIA)
  • Security measures and recovery options
  • Considerations for physical security, requirement assessment, and solution evaluation