CISSP then ISSAP

tjaynes87tjaynes87 Registered Users Posts: 6 ■□□□□□□□□□
Quite new here but reading posts on here helped me prep and pass for my CISSP roughly a month ago (just received my endorsement confirmation and full certification last week). ISSAP is in my sights now.

Looking for any and all docs and tips for ISSAP that haven't already been mentioned in other posts here (particularly anything related to CBK ("focus on crypto!!!") and Security Engineering by Ross Anderson):

Notes
Flashcards
Additional books (that differ greatly from the CBK and SEbyRA)
Training Material
Video links

To prepare you for my next question, I studied for CISSP with the exact content/material in a 2 week time span:

- Shon Harris AIO - read about ~2 chapters (aka: the first 2 domains)
- 3/5's of Eric Conrad's Eleventh Hour
- about ~350 practice questions from CCCure's freepracticetests.org
- roughly 2/5 of CBT Nuggets videos CISSP prep by Keith Barker

Took me a little over 5 hours to complete the CISSP, granted I have about 8-9 years exp in IT, and 80-90% of that is within IT Security. Yes, I too believe that study list is weak sauce, but I was dumb and under the gun to meet employer expectations.

How important is the material from CISSP going to be during ISSAP? More specifically, will there be specific CISSP related questions that I won't be able to answer unless I "know my ****" for CISSP? (to note, I will be re-reading my AIO Access Control and Crypto domains)

Comments

  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    Also preparing, have it scheduled for late September.

    I'm not good with books, so I managed to get through only 2 chapters of "Security Engineering". Not sure if I can make it before exam. I also bought Transcender CISSP questions (not impressed, do average 75% on them), listen to Cybrary and Shon's audio.

    On top of 20 years experience in IT and 15 in security.
  • tjaynes87tjaynes87 Registered Users Posts: 6 ■□□□□□□□□□
    Thanks gespenstern. Good luck on your exam, you'll have to let us know how you do.

    Are you only reviewing CISSP material for your ISSAP Exam? Does Cybrary offer an ISSAP course (I'm unable to find it). What CISSP material are you reviewing that you believe is most relevant and why?
  • beadsbeads Member Posts: 1,531 ■■■■■■■■■□
    Sorry Conrad hasn't written a brain **** for this exam as well. The ISSAP is very much centered on crypto and the other four domains. I did it all from the green CBK and alot of reading from the footnotes.

    Obviously, a super easy exam.

    - b/eads
  • tjaynes87tjaynes87 Registered Users Posts: 6 ■□□□□□□□□□
    Thanks beads. Picked up most of your tips from other threads. Appreciate the post. Footnotes and links from CIB's were also noted for my upcoming study.
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    CISSP only. AFAIK there's no ISSAP prep materials out there with obvious exception of official CBK.
  • zxbanezxbane Member Posts: 740 ■■■■□□□□□□
    Good luck to those pursuing the ISSAP and be sure to let us know how it goes. This is something I've tossed around considering for a while but I just haven't been able to bring myself to commit to it because it seems to have a low ROI and not very well known outside the CISSP circle.
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    Major players are certainly aware. Last week saw a pretty good position with Mandiant asking for it.
  • tjaynes87tjaynes87 Registered Users Posts: 6 ■□□□□□□□□□
    In the IT Sec realm I'm in I too don't hear much but am starting to see these concentrations added to job descriptions. Mostly as "a plus" and not required. I have however seen it required for certain gov positions within certain groups. That said, the concentration certs themselves, I believe to be a beneficial piece when bidding on this type of work (gov).
  • tjaynes87tjaynes87 Registered Users Posts: 6 ■□□□□□□□□□
    Seeing several on indeed.com already: Issap Jobs, Employment | Indeed.com
  • TP2010TP2010 Registered Users Posts: 1 ■□□□□□□□□□
    Hi tjaynes87,

    How did it go with your ISSAP exam? Did you manage to write it yet.

    I completed CISSP in January 2015 and will write ISSAP early next year. It is very concerning that there is little guidance out there for the exam. What is even more concerning is that the official text book was published in 2012. In IT Architecture terms, that is ages ago especially if you deal with the Everything-as-a-Service models that we face today.

    Did anyone actually buy this book: Official (ISC)² Guide to the ISSAP CBK, Second Edition

    regards,
Sign In or Register to comment.