Certified Information Security Professional ISSAP Architecture
CISSP-ISSAP requires a candidate to demonstrate two years of professional experience in the area of architecture and is an appropriate credential for Chief Security Architects and Analysts who may typically work as independent consultants or in similar capacities. The architect plays a key role within the information security department with responsibilities that functionally fit between the C-suite and upper managerial level and the implementation of the security program. He/she would generally develop, design, or analyze the overall security plan. Although this role may typically be tied closely to technology this is not necessarily the case, and is fundamentally the consultative and analytical process of information security.
Q.1 Where can I get the CISSP ISSAP exam outline?
OR
Q. 2 Which book should I refer for CISSP ISSAP?
- Official (ISC)²® Guide to the ISSAP® CBK®, Second Edition
- Security Engineering Second Edition by Ross Andreson
- ALL CISSP Books
Q 3. How to book CISSP ISSAP Exam?
Pearson VUE http://www.pearsonvue.com/isc2/
Q 4. What is the requirement for CISSP ISSAP?
The CISSP-ISSAP requires a candidate to demonstrate two years of professional experience in the area of systems architecture.
Q.5 What are the different domains in CISSP ISSAP?
· Access Control Systems and Methodology - details the critical requirements to establish adequate and effective access control restrictions for an organization. Access control protects systems, data, physical infrastructure and personnel in order to maintain their integrity, availability and confidentiality.
· Communications and Network Security - addresses the security concerns related to the critical role of telecommunications and networks in today’s distributed computing environments. The security professional understands the risks to communications networks across data, voice and multimedia.
· Cryptography - requires the security professional to understand cryptographic methodologies and the use of cryptography to protect an organization’s data storage and communications from compromise and misuse.
· Security Architecture Analysis - requires the evaluation and choice of different architectures, and understanding risks associated with each type of design System Architect o Chief Technology Officer, Business Analyst o System and Network Designer and Chief Security Officer
· Technology Related Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) - involves the identification of adverse events that could threaten the ability of the organization to continue normal operations. Once identified, the security professional will implement countermeasures to reduce the risk of such incidents from reoccurring.
· Physical Security Considerations - recognizes the importance of physical security and personnel controls in a complete information systems security model.
No comments:
Post a Comment