CISSP-ISSAP Study Guides Recommendations

muellmkmuellmk Member Posts: 2 ■□□□□□□□□□
I plan to take the CISSP-ISSAP exam this year. Has anyone taken the exam that can recommend good study materials? I am looking for one good book (ideally) for each of the domains covered by the ISSAP. I have found a few book recommendations, but these are mainly "possible" sources and none were confirmed as used in preparation for the actual exam.

Additionally, if anyone can share their exam experience, that would also be helpful. Specifically, does the ISSAP exam cover the same content as the CISSP exam, but in greater detail?




  • Fugazi1000Fugazi1000 Member Posts: 145
    Hi Marc,

    I am also taking the exam this year (Feb infact!).

    As you know the domains are:

    Access Control Systems and Methodology
    Physical Security Integration
    Requirements Analysis and Security Standards, Guidelines, Criteria
    Technology Related Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
    Telecommunications and Network Security

    and the only single book (resource) I have seen that takes an architectural view of these is SABSA (google it). ISC2 provide a study list, with much overlap.

    I'm really not sure of the depth of knowledge required, so would appreciate feedback from anybody that has taken the exam. I considered grandfathering this in 2004 when they just asked for a summary of 2 projects/personal experience from any of the domains. I didn't have the time to produce these before the deadline icon_cry.gif
  • muellmkmuellmk Member Posts: 2 ■□□□□□□□□□

    Good luck with the exam and thanks for the book recommendation.

    Would happen to have a copy of the study guide? I have reqesting it over and over from ISC2, but I never receive the email directing me to the download page nor the document key. I can get you my email address...

  • keatronkeatron Security Tinkerer Member Posts: 1,213 ■■■■■■□□□□
    Hi. Guys, I took the official ISC2 prep for this certification (Hal Tipton was the instructor). I haven't had time to take the exam yet, but PM me and I'll be glad to email you copies of the notes I took in class. I'll probably be sitting it early spring myself.

    Good luck.
  • HomerKhanHomerKhan Member Posts: 1 ■□□□□□□□□□

    I am a budding ISSAP candidate from Pakistan!

    It would be much appreciated if you could refer me to any recommended book for this
    certification or share any contextual material that any of you might have-

    Your assistance will be highly appreciated!

    Looking forward to hearing from you all soon.

  • edmund2000edmund2000 Member Posts: 1 ■□□□□□□□□□
    Dear all,

    I am also planning to take the ISSAP, but seems that I can not find the good books, resource, it seems that there are not many people who had taken the exam and reference material is very limted.

    I am appreciated if someone can share e.g notes etc .

  • Tom41Tom41 Member Posts: 2 ■□□□□□□□□□
    I found out 30% of my UK colleagues were certified in July 2008, wasted some time and money looking for study/guide, got serious in 8/2008; 80 hours of preparation over one month using only Free practice exams for the CISSP, CISA, SSCP, GSEC- - Bringing Education to the World. I passed CISSP in 9/2008 and ISSAP in 10/2008 and wrote my passage in a booklet. Just read the preview/Look inside. EXAM GUIDE FOR CISSP® AND ISSAP®: Thomas Chen: Books
  • j_a_s_o_nj_a_s_o_n Member Posts: 75 ■■□□□□□□□□
    There will be an official cbk book out from ISC2 for it, but not until July of next year, last I heard.
  • RTmarcRTmarc Member Posts: 1,082 ■■■□□□□□□□
    That's more than I've heard. I talked with the Education group last week and they said they still didn't have an ETA on the book.
  • j_a_s_o_nj_a_s_o_n Member Posts: 75 ■■□□□□□□□□
    I'm really surprised that there's not something out yet. It seems like they're pushing the ISSEP, but that's about it.
  • down77down77 Member Posts: 1,009
    There was a post about study materials for the ISSAP on CCCure a little while back. When I get home from work later tonight I'll post my reading list that I plan to use as I study to attempt the ISSAP later this year or early 2010.
    CCIE Sec: Starting Nov 11
  • SuzeSuze Member Posts: 7 ■□□□□□□□□□
    I don't know how much help this will be but is what I found.

    The Krutz & Vines CISSP and CAP Prep Guide (Platinum Edition) has a section on ISSAP. But it is SHORT, only 5 pages! It is listed as a concentration of CISSP and here is a summation of what it says (summation)

    Study the Access Control CBK of CISSP
    Study the Telecommunication CBK of CISSP
    There is about one page on Requirements Analysis and Security Standards and Guidelines.
    About 2/3 page on Design Architecture
    Study the Technology related Business Continuity Planning and Disaster Recovery Planning sections in the CBK CISSP
    Study the Information System Security Standards and Guideliness in the CBK CISSP
    And Study the Physical Security Integration in the CBK CISSP.

    The only NEW thing was the Assessment and Effectiveness of Security and Information Systems Design. This is a 60+ page chapter on the System Authorization Process.

    Not much help, eh?
  • j_a_s_o_nj_a_s_o_n Member Posts: 75 ■■□□□□□□□□
    It looks like there are a handfull or so of books coming out Aprilish of 2010 now. There's an exam in town in october, I'll be shooting for that so they won't do me much good. I've managed to clap eyeballs on the official review materials from ISC2, which look like they'll be helpful.
  • joepaujoepau Member Posts: 1 ■□□□□□□□□□
    Hi Keatron I´m planning to study for the CISSP ISSAP examination it is possible you send me copies of the study notes?.

    Best regards Hector
  • uajesusfreak99uajesusfreak99 Registered Users Posts: 4 ■□□□□□□□□□
    j_a_s_o_n wrote: »
    There will be an official cbk book out from ISC2 for it, but not until July of next year, last I heard.
    See the below link on Amazon to pre-order the OFFICIAL ISC2 ISSAP CBK Guide: Official (ISC)2® Guide to the ISSAP® CBK ((ISC)2 Press) (9781439800935): Harold F.…

    The actual release date is set for July 26, 2010, so it's just around the corner. icon_cheers.gif
  • cristian.tatoiucristian.tatoiu Member Posts: 1 ■□□□□□□□□□
    keatron wrote: »
    Hi. Guys, I took the official ISC2 prep for this certification (Hal Tipton was the instructor). I haven't had time to take the exam yet, but PM me and I'll be glad to email you copies of the notes I took in class. I'll probably be sitting it early spring myself.

    Good luck.
    Hi Keatron!

    I am also interested in the notes you took at the ISSAP training.

    Kind regards!
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    He's pretty busy and hasn't been active here for awhile.

    However, the official guide is due out next month (if it doesn't get pushed back any more): Official (ISC)2® Guide to the ISSAP® CBK ((ISC)2 Press) (9781439800935): Harold F.…
  • RTmarcRTmarc Member Posts: 1,082 ■■■□□□□□□□
    I can't believe it was taken this long to get that book printed. Are we going to make any bets as to whether or not this book sees the light of day before 2011?
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
  • j_a_s_o_nj_a_s_o_n Member Posts: 75 ■■□□□□□□□□
    ISC2 now says November for the release on the official book.
  • Fugazi1000Fugazi1000 Member Posts: 145
    The ISC2 ISSAP book is now published! It has a copyright date of 2011!! My copy from Amazon UK arrived last week (on back order for months with quite a few emails from Amazon pushing delivery dates back a few weeks at a time).

    As for the book itself. I must say I'm quite disappointed on first glance. My impression is that it's old material rehashed. There might be some new stuff - but nothing obvious.

    The pictures that support the text all seem to be from the '80s! I guess they're just library pictures, and they do their job - but it detracts from the book.

    If I get time - I might do a fuller review when I've read it properly. I might even claim CPEs!!
  • sandeepgupta80sandeepgupta80 Registered Users Posts: 3 ■□□□□□□□□□
    Hi Fugazi1000,

    Did you take the exam? How did you find the official ISC2 guide for ISSAP? Would you recommend any other book to prepare for the exam.

    Any assistance is greatly appreciated.

    Thank you!
  • wmackeywmackey Member Posts: 17 ■□□□□□□□□□
    I'm signed up to take the ISSAP on May 7th. So far I'm using the official study guide (about 3/4 of the way thru so far). Seems to be a lot of filler unrelated to what I would expect in an exam (or the end of chpater questions for that matter). Reminds of some college text books that needed to meet the page and weight miniumums.
  • wmackeywmackey Member Posts: 17 ■□□□□□□□□□
    Well, sat for the exam last Saturday. The official guide was helpful, but not great. Without breaking the rules, I will say that the time I spent going over Common Criteria definitely helped. Also, should have spent more time studying Biometrics. Now the wait starts to see if I squeaked by.
  • tikipmtikipm Registered Users Posts: 1 ■□□□□□□□□□

    can you assist me with insights on the exam. I'm scheduled for the 21th May, which is this saturday. I will appreciate some practice exams and materials referrals. Some tips on the exam, which domain was dominating? Also whether i should go through the CISSP material or the ISSAP is sufficient?

  • wmackeywmackey Member Posts: 17 ■□□□□□□□□□
    Probably too late now, but i'd look a common criteria and biometrics.
  • VaryagVaryag Member Posts: 6 ■□□□□□□□□□
    Official Guide + books in reference CIB.
  • HumbeHumbe Member Posts: 202
    Reviving a 2008 thread...

  • beadsbeads Senior Member Member Posts: 1,523 ■■■■■■■■■□
    To the best of my knowledge, or as far as I know, the ISSAP green book is the only after market book/material specifically related to the exam. Hardly perfect but I can say after reading the book and going through most of the bibliographies at the end of each chapter - its really all there, to include cryptography. Its a matter of weeding through all the bibliography references that will really prepare you for the test.

    Warning! The test is much more difficult than the CISSP and took me about as long if not longer to do 125 questions as it did to complete the full CISSP. You get no other hints other than to look at the number of folks who have or still have this certification. Its a low number and having completed the exam the first time. I fully understand why. ;)

    - Beads, CISSP-ISSAP
  • mikeysgmikeysg Member Posts: 41 ■■□□□□□□□□
    Passed the exam in Singapore yesterday. Now awaiting approval for the certification after submitting the resume/CV.

    Self reflection without breaking the NDA:

    1) Official Guide was useful but should have other books for referencing too such as Enterprise Architecture
    2) Experience definitely helps when answering some questions
    3) Latest trends in IT Security should be aware of

    Now onto taking CRISC in December 2015.
Sign In or Register to comment.