Any current ISSEP material?

yeah yeahyeah yeah Member Posts: 77 ■■□□□□□□□□
in SSCP
Looking to take the ISSEP this year. Can anyone recommend any study material for this? I thought the 2nd edition of the ISC2 ISSEP book was supposed to come out a couple of months ago, but nothing ever came out. I do work in the DoD doing C&A (DIACAP) and real familiar with NIST 800 publications, but looking for more specific material. What do you guys recommend?
· Share on FacebookShare on Twitter

Comments

  • dijital1dijital1 Member Posts: 64 ■■□□□□□□□□
    If you already work with DIACAP then you have a bit of a leg up on someone that doesn't work in the System Authorization space. You'll have to be very familiar with the Risk Management Framework (SP 800-37 Rev1) and all of the supporting documents. You'll need to know how to categorize an information system based on it's type (Federal, DoD, National Security) and which documents apply in each case.

    I can't stress enough how important it is to know and understand the documents. The ISSEP is the only ISC2 exam that I've taken where literally 2 questions in, I was wondering if I was taking the correct exam. Very challenging. I'd look over the current CIB for study material. Know the RMF, know the RMF and know the RMF.

    To give you a head start, following is a list of documents that I studied and understood in preparation for the exam:

    dijital1@katana:~/ISSEP/ISSEPRefs$ ls -1
    CJCSI-6510.01E.pdf
    CMMI for Acq v1.2.pdf
    CMMI for Dev v1.2.pdf
    CMMI for SVC v1.2.pdf
    CNSSD_500-1.pdf
    CNSSD-502.pdf
    CNSSI_1253.pdf
    cnssi_4009.pdf
    cnssi_4012.pdf
    cnssi_4013.pdf
    cnssi_4014.pdf
    CNSSI_4016.pdf
    cnssp_14.pdf
    cnssp_15.pdf
    CNSSP_22.pdf
    CNSSP_24.pdf
    CNSSP_25.pdf
    CNSSP_6.pdf
    CommonCriteria PART1V3.1R3.pdf
    CommonCriteria PART2V3.1R3.pdf
    CommonCriteria PART3V3.1R3.pdf
    DAG_03-18-11.pdf
    DoD 522022m.pdf
    DoD 832002g.pdf
    DoD 857001m.pdf
    DoDAF V2 - Volume 1.pdf
    DoDAF V2 - Volume 2.pdf
    DoDAF V2 - Volume 3.pdf
    DoDD 500001p.pdf
    DoDD 514401p.pdf
    DoDD 810002p.pdf
    DoDD 81001p.pdf
    DoDD 85001p.pdf
    DoDI 500002p.pdf
    DoDI 85002p.pdf
    DoDI 851001p.pdf
    DoDI 855101p.pdf
    DoD PMBOK--June 03.pdf
    Engineering for SA-Guidebook-v1-Oct2008.pdf
    ISSEP_IATF
    NIST SP 800-100-Mar07-2007.pdf
    NIST SP 800-115.pdf
    nist sp 800-12.pdf
    nist sp 800-14.pdf
    Nist sp 800-18-Rev1-final.pdf
    Nist sp 800-23.pdf
    nist sp 800-25.pdf
    Nist SP 800-27-RevA.pdf
    NIST SP 800-30.pdf
    Nist sp 800-34-rev1_errata-Nov11-2010.pdf
    NIST SP 800-35.pdf
    NIST SP 800-36.pdf
    Nist sp 800-37-rev1-final.pdf
    NIST sp 800-47.pdf
    NIST sp 800-53A-rev1-final.pdf
    NIST sp 800-53-rev3-Annex1_updated_may-01-2010.pdf
    NIST SP 800-53-rev3-Annex2_updated_may-01-2010.pdf
    NIST SP 800-53-rev3-Annex3_updated_may-01-2010.pdf
    Nist sp 800-53-rev3-final_updated-errata_05-01-2010.pdf
    NIST SP 800-59.pdf
    NIST SP 800-60_Vol1-Rev1.pdf
    NIST SP 800-60_Vol2-Rev1.pdf
    NIST SP 800-64-Revision2.pdf
    NIST SP 800-65-Final.pdf
    NSTISSAM COMPUSEC 1-98.pdf
    NSTISSAM infosec_1-00.pdf
    nstissam_infosec_2-00.pdf
    nstissi_1000.pdf
    nstissi_4011.pdf
    nstissi_4015.pdf
    nstissi_7003.pdf
    NSTISSP 101.pdf
    nstissp-11-faqs.pdf
    nstissp-11_fs.pdf
    OMB CIRCULAR NO_ A-130 Revised The White House.mht
    omb encryption-guidance.pdf
    OMB M-03-22.mht
    Public Law 100-235.pdf
    Risk Management Guide for DoD Acquisition 6Ed Aug06.pdf
    Section 3541 title 44-FISMA-final.pdf
    ssecmmv3final.pdf


    Hope this helps.
    · Share on FacebookShare on Twitter
  • Joel GoldsteinJoel Goldstein Banned Posts: 32 ■■□□□□□□□□
    yeah yeah wrote: »
    Looking to take the ISSEP this year. Can anyone recommend any study material for this? I thought the 2nd edition of the ISC2 ISSEP book was supposed to come out a couple of months ago, but nothing ever came out. I do work in the DoD doing C&A (DIACAP) and real familiar with NIST 800 publications, but looking for more specific material. What do you guys recommend?

    Unfortunately, there is no time frame for when the ISSEP textbook will have a new edition published. There are several reasons for this. The most notable reason is because there may be some changes coming to the ISSEP curriculum in 2014. Due to this possibility, ISC2 does not want to publish a textbook that has a short shelf life in being helpful to candidates. The other notable reason is the DOD’s transition from DIACAP to NIST guidelines.

    If you are looking to pursue the ISSEP certification immediately, the first option would be to go through the references in the CIB (aka the Exam Outline). The second option would be to attend training from ISC2.
    · Share on FacebookShare on Twitter
  • dijital1dijital1 Member Posts: 64 ■■□□□□□□□□
    DoD's changes primarily mean they're going to be adopting the RMF (800-37 Rev1) (DIARMF anyone? icon_lol.gif) so there's not really a ton of reason to hold of preparing for and sitting this exam. If your plan is to take the exam within the next 3 months, I would go for it based on the current CIB. If you have the money your best option would be to take the Live Online training from ISC2.

    If you do opt for the LoL training, try to get the class that Kevin Henry or the other Kevin (I forget his last name) is teaching. They're both top notch instructors.

    The big change to the ISSEP happened a few revisions back when the primary process for accrediting non-DoD or NS systems moved to 800-37 Rev 1.

    If you study the current CIB and know the material and who it applies to, you should be fine. If you're prepared well enough to be able to pass the current version of the exam, chances are good that you'll also do well in spite of the changes (if any) that happen over the next couple of months. Also, be sure to check ISC2's website for any videos they've posted for the credential that you're interested in. The set that was put online for the CAP was very helpful.

    Hope this helps.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.