I have purchased the self-pace learning for CISSP-ISSAP apart from this which book is best to refer. Is CISSP-ISSAP CBK recommended
Get the CBK, it’s old augment it with titles from this list - https://www.isc2.org/Certifications/References#accordion-204b5a1dc3534ba2b24f703df5e067ea
There are more complete replies elsewhere on this site.
I used the official CBK book. The reality is that you need to follow up quite a few of the references from the chapters so you won't find all the answers in the text itself.
As I was the only one sitting the exam at the FireBrand centre on the day I was asked what I thought of it, to which I said, hmmm, many of the answers aren't in the CBK, they're in the references, so not entirely what I expected.
So I guess what I'm saying it prepare thoroughly and don't imagine that there are short cuts.
“There can be only one!”
l’m not sure I’d ever need to do this certification concentration, or if I did what I might use it for but I’d probably do TOGAF & SABSA as part of my prep, especially as in Europe and Asia, can’t speak so much there are loads of earnest EA proponents recommending these.
Side question @Steve-Wilme , as you have two already are you going to complete the trinity with Engineering? 😛
Not keen on one more round of Paper Pokémon? 😛
The recommended reading list seems quite 'robust'. Do you know if the official training has the same recommended reading list, or do they cover everything you need to know in the training course itself?
Never sat the exam I’m afraid so… don’t know.
I think you should look heavily at the exam outline:
if you are a master of most of the information there, with quite some US centricity then probably you are
in striking range.
I think that the other thing to understand is that this is a niche certification, so it’s worth getting a 1:1 with a holder:
Anyhow, CBK, exam outline, reference list, online/in person training … should probably be enough but YMMV especially with the rarified certifications. One chap on here wasn’t happy after sitting the exam, as he clearly felt the CBK was old.
- Failed on first attempt just using CBK
- Failed on second attempt with the self-pace course from ISC2 but did well in 4/6 domains
- Now I've invested more time going through list of references beginning with Enterprise Security Architecture by Sherwood, since that was my weakest domain.
The exam has severely outpaced the CBK, the ISC2 training was good but not like the ISSEP's, and should be complimented with additional reading.