Overview
The Information Systems Security Architecture Professional (ISSAP) is a CISSP who specializes in designing security solutions and providing management with risk-based guidance to meet organizational goals. They are skilled in facilitating the alignment of security solutions within the organizational context, such as, vision, mission, strategy, policies, requirements, change and external factors.
This training is a comprehensive and in-depth review of information security architectural concepts and industry best practices in the design, deployment and maintenance of an information security program. The course covers the six specific domains of the CISSP-ISSAP Common Body of Knowledge (CBK), helping participants gain a greater depth of knowledge in information security in the areas of ISSAP. The course trains participants to successfully leverage and deploy architectural frameworks and to design robust, secure systems that meet current and future business needs, configuring and operating secure systems and be a successful architecture professional.
What You'll Learn
- Apply architectural frameworks in an enterprise security program
- Design and implement identity management systems
- Evaluate access control systems
- Support governance and risk management
- Integrate security concepts into application development
- Connect secure networks
- Operate and maintain information processing systems and networks
Curriculum
- Design identity management and lifecycle
- Design access control management and lifecycle
- Determine security operation capability requirements and strategy
- Design continuous security monitoring
- Design continuity, availability and recovery solutions
- Define security operations
- Integrate physical security controls
- Design incident management capabilities
- Secure communications and networks
- Determine infrastructure security capability requirements and strategy
- Design layer 2/3 architecture
- Secure common services
- Architect detective, deterrent, preventative and control systems
- Architect infrastructure monitoring
- Design integrated cryptographic solutions
- Architect for governance and compliance
- Design threat and risk management capabilities
- Architect security solutions for off-site data use and storage
- Operating environment
- Identify security architecture approach
- Verify and validate design
- Review software development lifecycle (SDLC) integration of application security architecture
- Review application security
- Determine application security capability requirements and strategy
- Design application cryptographic solutions
- Evaluate application controls against existing threats and vulnerabilities
- Determine and establish application security approaches for all system components
Who should attend
The course is highly recommended for –
- System architects
- Chief technology officers
- System and network designers
- Business analysts
- Chief security officers
Prerequisites
Interested in this Course?
Certification
This course prepares participants for the certification examination for the CISSP-ISSAP certification. The details of the exam are as below –
| Length of exam | 3 hours |
| Number of questions | 125 |
| Question format | Multiple choice questions |
| Passing grade | 700 out of 1000 |
| Exam availability | English |
The examination evaluates the participant’s skills and knowledge in six specific domains. The weightage of these domains in the examination is as below –
| Domain | Weightage |
| Identity and access management architecture | 19% |
| Security operation architecture | 17% |
| Infrastructure security | 19% |
| Architect for governance, compliance and risk management | 16% |
| Security architecture modeling | 14% |
| Architect for application security | 15% |
| Total | 100% |
