Earn your next certification, guaranteed!

ISSAP Training Boot Camp

This four-day training is an immersion into the Information Systems Security Architecture Process, complete with targeted prep leading to guaranteed ISSAP certification success!

Earn your ISSAP, guaranteed!

Boot camp overview

Infosec’s four-day accelerated Information Systems Security Architecture Professional (ISSAP) Certification Boot Camp focuses on the key role within the information security department that functionally fits between the upper-managerial level and the implementation of the security program. This training is heavily focused on the technical aspects of security architecture and managing security programs.

You will not only learn the nuts and bolts of the security architecture, you will learn the specifics required to successfully pass the challenging ISSAP Certification exam offered by (ISC)². The ISSAP is a key component in the selection process for management-level information security positions.

Skill up and get certified, guaranteed

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year.

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Flex Pro or Flex Classroom course.

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

What's included?

93% pass rate — the best in the industry

  • Four days of intense ISSAP training
  • Infosec proprietary digital courseware
  • ISSAP exam voucher
  • 90-day access to replays of daily lessons (Flex Pro)
  • Curated videos from other top-rated instructors (add-on)
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee (Flex Pro)

Benefits and goals

Some key advantages of Infosec’s ISSAP Boot Camp:

  • Real security expertise by Information System Security Engineers with 10 years or more supporting federal government information assurance needs
  • Proven expertise in meeting certification candidates needs: we go beyond the ISSAP CBK and get at how to prep and succeed at the exam
  • Courseware materials that help clarify the ISSAP process and ensure that you leave knowing how to implement it

Award-winning training that you can trust

G2 Crowd High Performer

Technical Skills Development Software

Outstanding Partnership Award

Gold Winner

Best Cybersecurity Education Provider

Publisher's Choice

Security Training for Infosec Professionals

Top 20 Company

IT Training

Who should attend?

This training is intended for security architecture professionals or those needing security architecture training and certification.


The ISSAP certification is a “concentration area” for CISSP holders. Candidates must be a CISSP in good standing and have two years cumulative paid work experience in one or more of the six domains of the CISSP-ISSAP in order to qualify for certification.

Why choose Infosec

Your flexible learning experience

Infosec Flex makes expert, live instruction convenient with online and in-person formats tailored to how, when and where you learn best.

Public training boot camps held nationwide

  • Pre-study course materials
  • Live instruction
  • Digital courseware
  • Daily reinforcement materials
  • Catered lunches
  • Infosec community forum access
  • 100% Satisfaction Guarantee
  • Knowledge Transfer Guarantee

Most Popular

Immersive, live-streamed instruction

  • Pre-study course materials
  • Live instruction
  • Digital courseware
  • Daily reinforcement materials
  • Detailed performance reporting
  • Video replays
  • 90-day extended access to materials
  • Infosec community forum access
  • Exam Pass Guarantee
  • 100% Satisfaction Guarantee

Tailored team training at your location

  • Pre-study course materials
  • Live, customized instruction at your location
  • Digital courseware
  • Daily reinforcement materials
  • Detailed team performance reporting
  • Video replays
  • 90-day extended access to materials
  • Infosec community forum access
  • Exam Pass Guarantee
  • 100% Satisfaction Guarantee
  • Knowledge Transfer Guarantee

ISSAP certification details

The ISSAP certification is a “concentration area” for CISSPs and extends upon the CISSP Common Body of knowledge by focusing on the following areas:

  • Identity and access management architecture
  • Security operations architecture
  • Infrastructure security
  • Architect for governance, compliance and risk management
  • Security architecture modeling
  • Architect for application security

Industry-leading exam pass rates

Infosec’s ISSAP courseware materials are always up to date and synchronized with the latest (ISC)² exam objectives. Our industry-leading curriculum and expert instructors have led to the highest pass rates in the industry. More than 93% of Infosec students pass their certification exams on their first attempt.

Can’t get away for a week?

Learn ISSAP on-demand.

Get the cybersecurity training you need at a pace that fits your schedule with a subscription to Infosec Skills. Includes unlimited access to hundreds of additional on-demand courses — plus cloud-hosted cyber ranges where you can practice and apply knowledge in real-world scenarios — all for just $34 a month!

  • 300+ courses
  • 4 cyber range environments
  • 100+ hands-on labs
  • Certification practice exams
  • 40+ learning paths

You're in good company.

"I’ve taken five boot camps with Infosec and all my instructors have been great."

Jeffrey Coa

Information Security Systems Officer

"The course not only met my expectations, but exceeded them. It was the most engaging online training I’ve ever had."

Val Vask

Commercial Technical Lead

"I knew Infosec could tell me what to expect on the exam and what topics to focus on most."

Julian Tang

Chief Information Officer

Our clients

Bank of America
Defense Information Systems Agency

Find your boot camp

ISSAP Boot Camp details

Domain 1 – Identity and access management architecture

  • Identity management and lifecycle design
  • Access control management and lifecycle design

Domain 2 – Security operations architecture

  • Security operation capability requirements and strategy determination
  • Continuous security monitoring design (e.g., SIEM, insider threat, enterprise log management, cybercrime, advanced persistent threat)
  • Continuity, availability and recovery solutions design
  • Defining security operations (e.g., interoperability, scalability, availability, supportability)
  • Physical security controls integration
  • Incident management capabilities design
  • Secure communications and networks design

Domain 3 – Infrastructure security

  • Infrastructure security capability requirements and strategy determination
  • Layer 2/3 architecture design (e.g., access control segmentation, out-of-band management, OSI layers)
  • Common services security (e.g., wireless, e-mail, VoIP, unified communications)
  • Detective, deterrent, preventative and control systems architecture
  • Infrastructure monitoring architecture
  • Integrated cryptographic solutions design (e.g., public key infrastructure, identity system integration)

Domain 4 – Architect for governance, compliance and risk management

  • Government and compliance architecture
  • Threat and risk management capabilities design
  • Off-site data use and storage security solutions architecture
  • Operating environment (e.g., virtualization, cloud computing)

Domain 5 – Security architecture modeling

  • Identifying security architecture approach (e.g., reference architectures, build guides, blueprints, patterns)
  • Verify and validate design (e.g., POT, FAT, regression)

Domain 6 – Architect for application security

  • Application security software development life cycle (SDLC) integration review (e.g., requirements traceability matrix, security architecture documentation, secure coding)
  • Application security review (e.g., custom, commercial off-the-shelf, in-house cloud)
  • Application security capability requirements and strategy determination (e.g., open source, cloud service providers, SaaS/IaaS providers)
  • Application cryptographic solutions design (e.g., cryptographic API selection, PRNG selection, software-based key management)
  • Application controls evaluation against existing threats and vulnerabilities
  • Application security approaches establishment and determination for all system components (mobile, web and thick client applications; proxy, application and database services)