ISSEP Preparation & Training?

htebazile

I may be going to trainingcamp.com's ISSEP training in October. It's a five day course and on the last day, you take the ISSEP exam.

Has anyone else here attended this training and/or taken the ISSEP exam? Given the lack of study materials available, there doesn't seem much opportunity for studying before the training. Is the class alone enough to pass the exam?

Thanks.

kalkan999

Best of luck to you, Elizabeth. Let us know how you do.

Falasi

Try concentration webcast:

http://education.isc2.org/concentrate/

(They will send you a link for a webcast and if you dont wanna wait, just change the number on the that link...).

I do believe that the training should be more then enough , both ISSMP/ISSEP focus on managerial way of thinking. (correct me if i'm wrong for ISSEP), so understanding that should help you pass the exam. I feel that concentrations are kinda easier then CISSP exam as its focused and the chance of facing almost the same question is really high.

Good luck with the exam. if ISC2 updated their study guide I may attempt it. well be cool to have all 3 concentrations one day....

htebazile

Thanks Falasi! I hadn't seen this before, I appreciate it. I will definitely check this out.

gwhitney

The ISSEP is the engineering branch of the CISSP family. So, not sure what was meant by managerial way of thinking but the ISSEP is going to be quite a bit more technical than the ISSMP. The official CBK book is not going to be enough to cover the material on the exam. Not familiar with the training you are taking but if you pair it with practical experience such as network engineering then you should be fine. Know your strengths and weaknesses and brush up on the weak areas.

I will say the ISSAP was a somewhat difficult exam and I assume the ISSEP is fairly grueling due to its technical nature as well.

Falasi

for ISSEP the following are the domains:

• Systems Security Engineering

understand relationship between security engineering and system engineering
descover information protection needs
define system security Requirements.
Design system security architecture
develop detailed security design
Implement system security.

• Technical Management

understand and support acquisition process
initiate the technical efforts.
Plan technical efforts.
Implement and manage the technical effort.
Close the technical effort.

• Certification and Accreditation

understand US gov C&A Process to be applied.
understand roles and responsibilities
integrate C&A process with system security engineering

• Information Assurance Regulations:

Understand national laws and policies.
understand civil agency policy and guidelines.
understand DoD policies and guidelines.
understand applicable international standards.

Now correct me if I'm wrong but I dont see much techincal , not to the limits of ISSAP at least and more within the lines of ISSMP.

gwhitney

I can't really speak factually as I've not read the CBK or taking the test. However, Systems Security Engineering alone is technical. The rest looks like it's providing knowledge on why the technical aspects are applied. I could be wrong but why would they have two management tracks and an architecture tack? I know there were quite a few technical questions on the architecture exam. So, that speaks to me that there is much more technical on the engineering tack.

Falasi

hmm you have a point there , I still need to check the official guide to better understand the actual scope of the exam. the existing guide is 7 years old and I'm not sure if its ganna be applicable anymore with the changes done last March. hopefully they will release something before the end of the year....

beads

If your looking at the ISC2's ISSEP book, I'd pay a great deal of attention to the references or footnotes section of the book. Small print and fewer pages mean your not going to see much in relation to what is going to be on the test without digging deep. Also go over your base knowledge and quiz books to reinforce those things "you already know" or at least were tested on from the CISSP, itself. Much of the initial material will probably feel easy to repetitive but that's going to be your base. Everything else is going to be more of the same just more in depth.

Haven't taken the Engineering exam yet and perhaps I will after recently taking the architecture exam to compare. Oh what fun! Suspect the Architecture exam is a bit more difficult and certainly less US Government orientated in nature.

- beads

JDMurray

When investigating the possibility of taking any (ISC)2 exam, the first step is to review the Candidate Information Bulletin for that exam. This is where you will find most of the information that you need to take the exam, including study references.

CISSP-ISSEP Candidate Information Bulletin

gwhitney

My specific architecture exam ranged from how policy should be implemented to what specific design criteria was for solutions depending on requirements. I had a lot of PKI questions which the study guide didn't cover. Less encryption than I thought there would be. More questions like here is the scenario, what would the the appropriate approach, step or recommendation for this scenario? There were some management style questions but also application of technical approaches. I did not have any questions about specific technology details but rather how to apply the technology.