Earn your next certification, guaranteed!

ISSAP Training Boot Camp

Take your CISSP to the next level by earning your ISSAP concentration. The ISSAP builds on your CISSP knowledge and validates your expertise in developing, designing and analyzing security solutions.

Earn your ISSAP, guaranteed!

Boot camp overview

This four-day Information Systems Security Architecture Professional (ISSAP) Boot Camp is focused on teaching you the management of security programs and the ins and outs of security architecture. You’ll learn the technical aspects of security architecture, including identity and access management, security operations, infrastructure, application security, governance and compliance, and security architecture modeling.

This boot camp not only teaches you the nuts and bolts of the security architecture, it prepares you to successfully pass the challenging (ISC)² ISSAP exam, one of three “concentration areas” for CISSP holders extending the CISSP common body of knowledge.

Skill up and get certified, guaranteed

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year.

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Flex Pro or Flex Classroom course.

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

What's included?

93% pass rate — the best in the industry

  • Four full days of instruction with an expert instructor
  • Infosec proprietary digital courseware (physical textbooks available to purchase)
  • ISSAP exam voucher
  • 90-day access to replays of daily lessons (Flex Pro)
  • Curated videos from other top-rated instructors (add-on)
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee (Flex Pro)

Course objectives

This boot camp prepares you to pass the (ISC)² CISSP-ISSAP exam, which covers six domain areas designed to ensure relevancy across all disciplines of information security.

  • Identity and access management architecture
  • Security operations architecture
  • Infrastructure security
  • Architect for governance, compliance and risk management
  • Security architecture modeling
  • Architect for application security

Award-winning training that you can trust

Rising Star

Partner Award

G2 Crowd Leader

Technical Skills Development Software

Gold Winner

Best Cybersecurity Education Provider

Publisher's Choice

Security Training for Infosec Professionals

Top 20 Company

IT Training

Who should attend?

  • System architects
  • Chief technology officers
  • Network designers
  • Business analysts
  • Chief security officers


The CISSP-ISSAP requires a candidate to be a CISSP in good standing and demonstrate two years of professional experience in at least one of the six CISSP-ISSAP domains.

Why choose Infosec

Your flexible learning experience

Infosec Flex makes expert, live instruction convenient with online and in-person formats tailored to how, when and where you learn best.

Public training boot camps held nationwide

  • Pre-study course materials
  • Live instruction
  • Digital courseware
  • Daily reinforcement materials
  • Catered lunches
  • Infosec community forum access
  • 100% Satisfaction Guarantee
  • Knowledge Transfer Guarantee

Most Popular

Immersive, live-streamed instruction

  • Pre-study course materials
  • Live instruction
  • Digital courseware
  • Daily reinforcement materials
  • Detailed performance reporting
  • Video replays
  • 90-day extended access to materials
  • Infosec community forum access
  • Exam Pass Guarantee
  • 100% Satisfaction Guarantee

Tailored team training at your location

  • Pre-study course materials
  • Live, customized instruction at your location
  • Digital courseware
  • Daily reinforcement materials
  • Detailed team performance reporting
  • Video replays
  • 90-day extended access to materials
  • Infosec community forum access
  • Exam Pass Guarantee
  • 100% Satisfaction Guarantee
  • Knowledge Transfer Guarantee

Benefits and goals

Some key advantages of Infosec’s ISSAP Boot Camp:

  • Real security expertise by Information System Security Architects with 10 years or more supporting federal government information assurance needs
  • Proven expertise in meeting certification candidates needs — we go beyond the ISSAP CBK and get at how to prep and successfully pass your exam
  • Courseware materials that help clarify the ISSAP process and ensure that you leave knowing how to implement it

Learn from experts

We don’t just have great instructors, our instructors have years of industry experience and are recognized as experts. Over the past 15 years, we’ve helped tens of thousands of students get certified and advance their careers.

Our industry-leading curriculum and expert instructors have led to the highest pass rates in the industry. More than 93% of Infosec students pass their certification exams on their first attempt.

Can’t get away for a week?

Learn ISSAP on-demand.

Get the cybersecurity training you need at a pace that fits your schedule with a subscription to Infosec Skills. Includes unlimited access to hundreds of additional on-demand courses — plus cloud-hosted cyber ranges where you can practice and apply knowledge in real-world scenarios — all for just $34 a month!

  • 400+ courses
  • 4 cyber range environments
  • 100+ hands-on labs
  • Certification practice exams
  • 50+ learning paths

You're in good company.

"I’ve taken five boot camps with Infosec and all my instructors have been great."

Jeffrey Coa

Information Security Systems Officer

"Comparing Infosec to other vendors is like comparing apples to oranges. My instructor was hands-down the best I’ve had." 

James Coyle

FireEye, Inc.

"I knew Infosec could tell me what to expect on the exam and what topics to focus on most."

Julian Tang

Chief Information Officer

Our clients

Bank of America
Defense Information Systems Agency

Find your boot camp

ISSAP Boot Camp details

Domain 1 – Identity and access management architecture

  • Identity management and lifecycle design
  • Access control management and lifecycle design

Domain 2 – Security operations architecture

  • Security operation capability requirements and strategy determination
  • Continuous security monitoring design (e.g., SIEM, insider threat, enterprise log management, cybercrime, advanced persistent threat)
  • Continuity, availability and recovery solutions design
  • Defining security operations (e.g., interoperability, scalability, availability, supportability)
  • Physical security controls integration
  • Incident management capabilities design
  • Secure communications and networks design

Domain 3 – Infrastructure security

  • Infrastructure security capability requirements and strategy determination
  • Layer 2/3 architecture design (e.g., access control segmentation, out-of-band management, OSI layers)
  • Common services security (e.g., wireless, e-mail, VoIP, unified communications)
  • Detective, deterrent, preventative and control systems architecture
  • Infrastructure monitoring architecture
  • Integrated cryptographic solutions design (e.g., public key infrastructure, identity system integration)

Domain 4 – Architect for governance, compliance and risk management

  • Government and compliance architecture
  • Threat and risk management capabilities design
  • Off-site data use and storage security solutions architecture
  • Operating environment (e.g., virtualization, cloud computing)

Domain 5 – Security architecture modeling

  • Identifying security architecture approach (e.g., reference architectures, build guides, blueprints, patterns)
  • Verify and validate design (e.g., POT, FAT, regression)

Domain 6 – Architect for application security

  • Application security software development life cycle (SDLC) integration review (e.g., requirements traceability matrix, security architecture documentation, secure coding)
  • Application security review (e.g., custom, commercial off-the-shelf, in-house cloud)
  • Application security capability requirements and strategy determination (e.g., open source, cloud service providers, SaaS/IaaS providers)
  • Application cryptographic solutions design (e.g., cryptographic API selection, PRNG selection, software-based key management)
  • Application controls evaluation against existing threats and vulnerabilities
  • Application security approaches establishment and determination for all system components (mobile, web and thick client applications; proxy, application and database services)