This four-day Information Systems Security Architecture Professional (ISSAP) Boot Camp is focused on teaching you the management of security programs and the ins and outs of security architecture. You’ll learn the technical aspects of security architecture, including identity and access management, security operations, infrastructure, application security, governance and compliance, and security architecture modeling.

This boot camp not only teaches you the nuts and bolts of the security architecture, it prepares you to successfully pass the challenging (ISC)² ISSAP exam, one of three “concentration areas” for CISSP holders extending the CISSP common body of knowledge.

• Four full days of instruction with an expert instructor
• Infosec proprietary digital courseware (physical textbooks available to purchase)
• ISSAP exam voucher
• 90-day access to replays of daily lessons (Flex Pro)
• Curated videos from other top-rated instructors (add-on)
• 100% Satisfaction Guarantee
• Exam Pass Guarantee (Flex Pro)

This boot camp prepares you to pass the (ISC)² CISSP-ISSAP exam, which covers six domain areas designed to ensure relevancy across all disciplines of information security.

• Identity and access management architecture
• Security operations architecture
• Infrastructure security
• Architect for governance, compliance and risk management
• Security architecture modeling
• Architect for application security

• System architects
• Chief technology officers
• Network designers
• Business analysts
• Chief security officers

The CISSP-ISSAP requires a candidate to be a CISSP in good standing and demonstrate two years of professional experience in at least one of the six CISSP-ISSAP domains.

Some key advantages of Infosec’s ISSAP Boot Camp:

• Real security expertise by Information System Security Architects with 10 years or more supporting federal government information assurance needs
• Proven expertise in meeting certification candidates needs — we go beyond the ISSAP CBK and get at how to prep and successfully pass your exam
• Courseware materials that help clarify the ISSAP process and ensure that you leave knowing how to implement it

We don’t just have great instructors, our instructors have years of industry experience and are recognized as experts. Over the past 15 years, we’ve helped tens of thousands of students get certified and advance their careers.

Our industry-leading curriculum and expert instructors have led to the highest pass rates in the industry. More than 93% of Infosec students pass their certification exams on their first attempt.

Domain 1 – Identity and access management architecture

• Identity management and lifecycle design
• Access control management and lifecycle design

Domain 2 – Security operations architecture

• Security operation capability requirements and strategy determination
• Continuous security monitoring design (e.g., SIEM, insider threat, enterprise log management, cybercrime, advanced persistent threat)
• Continuity, availability and recovery solutions design
• Defining security operations (e.g., interoperability, scalability, availability, supportability)
• Physical security controls integration
• Incident management capabilities design
• Secure communications and networks design

Domain 3 – Infrastructure security

• Infrastructure security capability requirements and strategy determination
• Layer 2/3 architecture design (e.g., access control segmentation, out-of-band management, OSI layers)
• Common services security (e.g., wireless, e-mail, VoIP, unified communications)
• Detective, deterrent, preventative and control systems architecture
• Infrastructure monitoring architecture
• Integrated cryptographic solutions design (e.g., public key infrastructure, identity system integration)

Domain 4 – Architect for governance, compliance and risk management

• Government and compliance architecture
• Threat and risk management capabilities design
• Off-site data use and storage security solutions architecture
• Operating environment (e.g., virtualization, cloud computing)

Domain 5 – Security architecture modeling

• Identifying security architecture approach (e.g., reference architectures, build guides, blueprints, patterns)
• Verify and validate design (e.g., POT, FAT, regression)

Domain 6 – Architect for application security

• Application security software development life cycle (SDLC) integration review (e.g., requirements traceability matrix, security architecture documentation, secure coding)
• Application security review (e.g., custom, commercial off-the-shelf, in-house cloud)
• Application security capability requirements and strategy determination (e.g., open source, cloud service providers, SaaS/IaaS providers)
• Application cryptographic solutions design (e.g., cryptographic API selection, PRNG selection, software-based key management)
• Application controls evaluation against existing threats and vulnerabilities
• Application security approaches establishment and determination for all system components (mobile, web and thick client applications; proxy, application and database services)