Ended up taking the ISSAP exam after reading through the book and some misc material (NIST).
I thought the test was overall very easy, the technical questions were on the level of a regular CISSP exam however I ended up with a bunch of questions that were very difficult to understand or simply did not make any sense. When I left the exam I was confident that I had enough questions right that the other ones wouldnt drag my score too low. Well I was wrong.
The results of the exam were even more perplexing, the lowest scoring domains are the ones that I have had the most experience in (10+ years) IAM, security architecture. My highest ones were the ones I have relatively little experience (legal/compliance), DR (we have departments that handle a good portion of this).
To be perfectly honest, Im not sure what to do next. The CBK book is terrible, information sucks, written by a 5y/o, really difficult to read etc. In fact I have the CISSP and CISSP-CBK books and I thought those offered more insights than the ISSAP book.
Any thoughts on the official training material just came out?
Any pointers? I read the ISSAP CBK, security engineering book by mr Anderson and a few NIST documents, flash card app from ISC. I have been debating just giving the exam another go in 30days
Results: IAM below, infra security app security near, rest were above.
There are twenty references in that list many of them available to download for free (and not just the NIST ones). Of the ones that aren't available for free, many can be purchased used from Amazon for not a great deal of outlay.