ISC2 ISSAP Learning Path

Provide risk-based guidance and develop, design and analyze security solutions.

12 hours, 12 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    12 hours, 12 minutes

  • Assessment

    questions

About ISC2 ISSAP

This learning path builds on your CISSP knowledge and experience prepares you to pass the prestigious Information Systems Security Architecture Professional (CISSP-ISSAP) exam. As you progress through eight courses, you'll gain a deep understanding of security architecture topics, including approaches and frameworks, the system development lifecycle, concepts and methodologies related to identity and access management, how to design systems for GRC (governance, risk management and compliance), how to design continuous monitoring activities and incident response capabilities, and more. Upon completion, you'll be prepared to earn your CISSP-ISSAP certification and further differentiate yourself as an expert in the security architecture field.

 

Syllabus

Introduction to CISSP-ISSAP

Course - 00:15:00

The CISSP-ISSAP (Information Systems Security Architecture Professional) is a certification geared to a Certified Information Systems Security Professional (CISSP) whose job is to design security solutions as well as manage them and provide risk-related guidance. This course introduces you to ISSAP job functions, the CISSP program and the domains of the certification exam.
Architect for Governance, Compliance & Risk Management

Course - 00:45:00

Security architecture for GRC needs to address the design, implementation and maintenance of specific controls that ensure compliance. This in-depth course discusses how to architect your system for governance and compliance and integrate risk management functions into the design. Additionally, review compliance frameworks such as NIST and PCI-DSS and walk through off-site scenarios like cloud providers.
Security Architecture Modeling

Course - 00:55:00

Security architects can take a variety of different approaches when designing their organization’s security architecture. This course discusses the types and scopes of approaches and explores some of the frameworks, such as SABSA and SOMF, and required configurations for security and network. You’ll also learn about security for industrial control systems and about federal enterprise architecture.
Infrastructure Security Architecture

Course - 01:55:00

Learn about architecting use of security structures within the context of business objectives and activities. You’ll be able to identify security design considerations such as interoperability and remote access, and determine communications and network architecture. Concepts discussed include network topologies, common services security and cryptographic solutions.
Identity and Access Management (IAM) Architecture

Course - 02:01:00

Take an in-depth look at identity and access management architecture concepts, methodologies and techniques, including centralized and decentralized identity and authentication management (IAM) systems, technologies and controls; access controls; authentication methods; and access controls practices. You’ll also learn principles of IAM such as critical requirements for protecting data, systems, physical assets and people.
Architect for Application Security

Course - 01:33:00

Review the system development lifecycle (SDLC) and different SDLC models; factors impacting application development, operation and maintenance; and the typical SDLC phases. This course also discusses the management of the application SDLC; types of application development environments; the requirements traceability matrix; testing considerations; and application threats and security issues.
Security Operations Architecture

Course - 02:35:00

Take a deep dive into determining security operations capability needs, designing continuous monitoring activities and incident response capabilities, determining communication architecture and integrating physical controls. This in-depth course covers concepts such as organizational drivers and constraints, detection and response, and recovery and restoration.

The details

Learning path insights

Related job titles

You need a CISSP certification and two years of cumulative paid work experience in at least one of the domains to earn your CISSP-ISSAP.

This certification path is designed for:

  • System architects
  • Chief technology officers
  • System and network designers
  • Business analysts
  • Chief security officers
  • Anyone with a desire to build their security architecture skills and get certified!

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo