ISSAP Passed

SkyBlueSkyBlue Member Posts: 73 ■■□□□□□□□□
I passed ISSAP today, 2nd attempt though, big relief!

I used a lot of study materials but as you know those are only for buidling your basic:

Official (ISC)² CISSP-ISSAP CBK Live Online Training
Official (ISC)2® Guide to the ISSAP CBK, Second Edition
Security Engineering A Guide to Building Dependable Distributed Systems - Ross Anderson

In addition, resourses from CISSP:

CISSP For Dummies - 4th Edition - Miller, Gregory, Peter
CISSP Study Guide - - Eric Conrad
CISSP All-in-One Exam Guide, 7th Edition
CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide - Seventh Edition - Sybex
CISSP Official (ISC)2 Practice Tests

Several NIST documents.
and Google



  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■□□□
    Congrats! What were your weak areas the first time? What's next?
  • SkyBlueSkyBlue Member Posts: 73 ■■□□□□□□□□
    Congrats! What were your weak areas the first time?


    I scored 650 in my first attempt on November 5, 2016. Here are the top 2 weak domains reported:

    Physical Security Considerations
    Communications & Network Security

  • JoJoCal19JoJoCal19 California Kid Mod Posts: 2,829 Mod
    Congrats on the pass! As well I'd like to know what's next?
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • E Double UE Double U Member Posts: 1,873 ■■■■■■■■■□
    Congratulations! What study material did you use?
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, and more.

    2021 goals: AZ-303, AZ-304, maybe TOGAF and more ISACA

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • SkyBlueSkyBlue Member Posts: 73 ■■□□□□□□□□
    JoJoCal19 wrote: »
    Congrats on the pass! As well I'd like to know what's next?


    I will go for ISC2 CCSP - Certified Cloud Security Professional if my company pay for it.

  • chrisonechrisone Senior Member Member Posts: 2,205 ■■■■■■■■■□
    Congrats! Hard to believe there are only under 1,200 ISSAP certified pros in the USA. I hope to be one in 2017 :)

    What material did you use?
    Certs: CISSP, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2021 Goals
    Courses: eLearnSecurity - PTXv2 (complete), SANS 699: Purple Team Tactics (completed), PentesterLabs Pro (ongoing)
    Certs: eCPTXv2, AZ-500, SC-200 (fail 1st attempt), EnCE, Splunk Core Power User
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■□□□
    SkyBlue wrote: »
    Here are the top 2 weak domains reported:

    Physical Security Considerations
    Communications & Network Security


    LOL, these would be my strongest!
  • 5ekurity5ekurity Member Posts: 346 ■■■□□□□□□□
    Congrats! Interested to know what material you used as well.
  • SkyBlueSkyBlue Member Posts: 73 ■■□□□□□□□□
    I updated my main post with study material used.

  • corpseccorpsec Member Posts: 73 ■■□□□□□□□□
    Was the ISSAP focused on encryption/algorithms and BCP/DR?
  • SkyBlueSkyBlue Member Posts: 73 ■■□□□□□□□□
    corpsec wrote: »
    Was the ISSAP focused on encryption/algorithms and BCP/DR?

    I found fairly distributed questions as it supposed to be:

    The ISSAP examination domains and weights are:


    1. Access Control Systems & Methodology


    2. Communications & Network Security

    3. Cryptography

    4. Security Architecture Analysis

    5. Technology Related Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)

    6. Physical Security Considerations

  • sameojsameoj Member Posts: 366 ■■■□□□□□□□
  • jazz_01jazz_01 Member Posts: 65 ■■■□□□□□□□
    Congratulations on you pass. So, what's the next certification you are going to take?
  • Blade3DBlade3D Member Posts: 107 ■■■□□□□□□□
    Curious as to the usefulness of this, I had never noticed these concentrations on the website before.

    I am currently studying for the CISSP, is it possible to take this a couple of months after? I didn't see anything under the requirements that said otherwise. It listed needing 2 years experience and the CISSP. Wondering if that's 2 years experience while having the CISSP during that time or just 2 years experience with a current CISSP?

    Also, wondering if it's relevant to my job as a Systems Designer. I hope to be looking for a more security related role once I get the CISSP.
    Title: Systems Designer
    Degree: B.S. in Computing Science, emphasis Information Assurance
    Certifications: CISSP, Network+, Security+, CySA+, OSWP
  • denjindenjin Member Posts: 6 ■□□□□□□□□□
    Congratulations! I passed it recently myself. I found it harder than the CISSP but more technical. It was an interesting test and covered very new technology - know your stuff. :)
  • AtlantaBobAtlantaBob Registered Users Posts: 1 ■□□□□□□□□□
    Is it passable with just CISSP knowledge? I just passed CISSP after a 5 day bootcamp and no other study. I don't have time to be reading all these books, LOL. How much harder is it?
  • cyberzhawkcyberzhawk Registered Users Posts: 1 ■□□□□□□□□□
    Congrats SB on passing the ISSAP! I'm beginning to study for ISC2 CAP. Got the recommend material from ISC2's website. Do you recommend or know of any other materials/websites/resources for studying? Thanks.
  • denjindenjin Member Posts: 6 ■□□□□□□□□□
    You need 2 years of security architecture experience and the application (after you pass the test) has you state which domains you have experience in. You also will have to provide your CV and references.

    It is different than the CISSP exam as it does go into more depth in terms of technology. I think CISSP was a bit more high level and sort of management-focused.

    In terms of what to use to study, the CIB (exam guide for ISSAP) lists a lot of other resources. I read quite a few of those.
Sign In or Register to comment.