cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
maniayappa
Viewer II

Which book to refer for CISSP-ISSAP

I have purchased the self-pace learning for CISSP-ISSAP apart from this which book is best to refer. Is CISSP-ISSAP CBK recommended 

 

Thanks

Manikandan

18 Replies
Early_Adopter
Community Champion

Get the CBK, it’s old augment it with titles from this list - https://www.isc2.org/Certifications/References#accordion-204b5a1dc3534ba2b24f703df5e067ea

There are more complete replies elsewhere on this site.

Steve-Wilme
Advocate II

I used the official CBK book.  The reality is that you need to follow up quite a few of the references from the chapters so you won't find all the answers in the text itself.  

 

As I was the only one sitting the exam at the FireBrand centre on the day I was asked what I thought of it, to which I said, hmmm, many of the answers aren't in the CBK, they're in the references, so not entirely what I expected.

 

So I guess what I'm saying it prepare thoroughly and don't imagine that there are short cuts.

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
Early_Adopter
Community Champion

“There can be only one!”

 

l’m not sure I’d ever need to do this certification concentration, or if I did what I might use it for but I’d probably do TOGAF & SABSA as part of my prep, especially as in Europe and Asia, can’t speak so much there are loads of earnest EA proponents recommending these.

 

Side question @Steve-Wilme , as you have two already are you going to complete the trinity with Engineering? 😛

Steve-Wilme
Advocate II

Probably not Michael, I think retirement will come before I get around to that.
-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
Early_Adopter
Community Champion

Not keen on one more round of Paper Pokémon? 😛

SpoonMan
Viewer II

The recommended reading list seems quite 'robust'. Do you know if the official training has the same recommended reading list, or do they cover everything you need to know in the training course itself?

Early_Adopter
Community Champion

Never sat the exam I’m afraid so… don’t know.

 

I think you should look heavily at the exam outline:

 

https://www.isc2.org//-/media/ISC2/Certifications/Exam-Outlines/CISSP-ISSAP-Exam-Outline-v0120.ashx

 

From:

 

https://www.isc2.org/Certifications/CISSP-Concentrations 

 

if you are a master of most of the information there, with quite some US centricity then probably you are  

in striking range.

 

I think that the other thing to understand is that this is a niche certification, so it’s worth getting a 1:1 with a holder:

 

https://www.isc2.org/About/Member-Counts


Anyhow, CBK, exam outline, reference list, online/in person training … should probably be enough but YMMV especially with the rarified certifications. One chap on here wasn’t happy after sitting the exam, as he clearly felt the CBK was old.

 

Delvauhn
Newcomer I

- Failed on first attempt just using CBK

- Failed on second attempt with the self-pace course from ISC2 but did well in 4/6 domains

- Now I've invested more time going through list of references beginning with Enterprise Security Architecture by Sherwood, since that was my weakest domain.

 

The exam has severely outpaced the CBK, the ISC2 training was good but not like the ISSEP's, and should be complimented with additional reading. 

George991
Newcomer I

Hi,

 

What I find very frustrating is that the exam outline it talking about the following six domains:

 

• Architect for Governance, Compliance, and Risk Management
• Security Architecture Modeling
• Infrastructure Security
• Identity and Access Management Architecture
• Architect for Application Security
• Security Operations Architecture

 

I've bought the CBK book, second edition and they are talking about the following domains:

 

1- Access Control Systems&Methodology

2- Communication & Network Security

3- Cryptography

4- Security Archtecture Analysis

5- Technology Related BCP & DRP

6- Physical Security Considerations

 

So why is the book so much different then the exam outline? Is it even worth the read the book aspreperation for the exam? I want to prepare for this exam but its impossible to buy good study materials for this....