CISSP-ISSAP Study Materials

In looking at the job market, I realized my years of building data centers could be used to work in the design on security systems since that was/is a large part of my job. The CISSP-ISSAP looks like a great cert to layer on the CISSP for that role. It seems that study material is lacking though. For those that have taken the exam, what did you use to prepare? Just the CISSP-ISSAP PBOK? Or is there another book/material that is better suited for study material? Also, how did you feel the test fared in complexity as compared to the CISSP?

Many Thanks!

Find more posts tagged with

Comments

Eagle75799

I used the official study guide, I thought it was good. I then took notes based off of the exam objectives. Lastly, I used Ross Anderson's "Security Engineering: A Guide to Building Dependable Distributed Systems, Second Edition" off of Safari. That, combined with experience, was sufficient for me to pass the exam.

matt18e

I just passed the ISSAP on May 4th. I used the Second Edition of the Official ISC2 CISSP-ISSAP CBK (2013), and I also read most of the relevant NIST documents, i.e. FIPS 199, 200, NIST SP 800-30,34,37,39,57,57A,60,61,64,137,144-146,160, and 181. I also reviewed the pertinent information in the Sixth Edition of the CISSP Exam Guide by Schon Harris, since that is the book I used for my original CISSP studies. All in all, I'd say I probably studied too much. I personally found the exam much easier than the CISSP, and the material I mentioned is more than enough to pass the exam if you are familiar with it.

Z0sickx

matt18e wrote: »

I just passed the ISSAP on May 4th. I used the Second Edition of the Official ISC2 CISSP-ISSAP CBK (2013), and I also read most of the relevant NIST documents, i.e. FIPS 199, 200, NIST SP 800-30,34,37,39,57,57A,60,61,64,137,144-146,160, and 181. I also reviewed the pertinent information in the Sixth Edition of the CISSP Exam Guide by Schon Harris, since that is the book I used for my original CISSP studies. All in all, I'd say I probably studied too much. I personally found the exam much easier than the CISSP, and the material I mentioned is more than enough to pass the exam if you are familiar with it.

would yo usay studying the NIST documents was overkill? i was told the ISC2 official book for ISSAP was more then enough then reference the material back to the syllabus to find weak/insufficient areas

matt18e

Z0sickx wrote: »

would yo usay studying the NIST documents was overkill? i was told the ISC2 official book for ISSAP was more then enough then reference the material back to the syllabus to find weak/insufficient areas

Yes, I believe the ISC2 official book is enough. Reading through all of the NIST documents really was overkill, perhaps with the exception of 800-34, which goes in to quite a bit more detail for DRP, and is probably worthwhile. Also, I think looking over 800-144, 145, and 146 is of value to better understand cloud issues. The Official ISC guide touches on it, but the NIST documents go into a bit more depth, and they are actually not that long of a read, especially if you only read the content and don't worry about appendices. I also forgot to mention someone did a good ISSAP mind map that will help to make sure you are covering all of the relevant topics. Here's the link: CISSP-ISSAP MindMap | SIMPLIFYING SECURITY

Good luck with your studies!