The ISC2 ISSAP Exam is challenging and thorough preparation is essential for success. This exam study guide is designed to help you prepare for the CISSP-ISSAP certification exam. It contains a detailed list of the topics covered on the Professional exam, as well as a detailed list of preparation resources. These study guide for the CISSP-ISSAP will help guide you through the study process for your certification.

ISSAPISC2 Information Systems Security Architecture Professional Exam Summary

Exam Name: ISC2 Information Systems Security Architecture Professional (CISSP-ISSAP)

Exam Code: ISSAP

Exam Price: $339 (USD)

Duration: 180 mins

Number of Questions: 125

Passing Score: 700/1000

Schedule Exam: Pearson VUE

Sample Questions: ISC2 CISSP-ISSAP Sample Questions

Recommended Practice: ISC2 CISSP-ISSAP Certification Practice Exam

Exam Syllabus: ISSAP ISC2 Information Systems Security Architecture Professional (CISSP-ISSAP)

1. Identity and Access Management Architecture (19%)

- Design identity management and lifecycle

- Design access control management and lifecycle

2. Security Operations Architecture (17%)

- Determine security operation capability requirements and strategy

- Design continuous security monitoring (e.g., SIEM, insider threat, enterprise log management, cyber crime, advanced persistent threat)

- Design continuity, availability and recovery solutions

- Design security operations (e.g., interoperability, scalability, availability, supportability)

- Integrate physical security controls

- Design incident management capabilities

- Security communications and networks

3. Infrastructure Security (19%)

- Determine infrastructure security capability requirements and strategy

- Design layer 2/3 architecture (e.g., access control segmentation, out-of-band management, OSI layers)

- Secure common services (e.g., wireless, email, VoIP, unified communications)

- Architect detective, deterrent, preventative and control systems

- Architect infrastructure monitoring

- Design integrated cryptographic solutions (e.g., Public Key Infrastructure (PKI), identity system integration)

4. Architect for Governance, Compliance and Risk Management (16%)

- Architect for governance and compliance

- Design threat and risk management capabilities

- Architect security solutions for off-site data use and storage

- Operating environment (e.g., virtualization, cloud computing)

5. Security Architecture Modeling (14%)

- Identify security architecture approach (e.g., reference architectures, build guides, blueprints, patterns)

- Verify and validate design (e.g., POT, FAT, regression)

6. Architect for Application Security (15%)

- Review software development lifecycle (SDLC) integration of application security architecture (e.g., requirements traceability matrix, security architecture documentation, secure coding)

- Review application security (e.g., custom, commercial off-the-shelf (COTS), in-house cloud)

- Determine application security capability requirements and strategy (e.g., open source, cloud service providers, SaaS/IaaS providers)

- Design application cryptographic solutions (e.g., cryptographic API selection, PRNG selection, software-based key management)

- Evaluate application controls against existing threats and vulnerabilities

- Determine and establish application security approaches for all system components (mobile, web and thick client applications; proxy, application and database services)

ISC2 ISSAP Certification Sample Questions and Answers

To make you familiar with ISC2 Information Systems Security Architecture Professional (ISSAP) certification exam structure, we have prepared this sample question set. We suggest you to try our Sample Questions for ISSAP Certification to test your understanding of ISC2 ISSAP process with real ISC2 certification exam environment.

ISSAPISC2 Information Systems Security Architecture Professional Sample Questions:-

01. Which of the following protocols uses public-key cryptography to authenticate the remote computer?

a) SSH

b) Telnet

c) SCP

d) SSL

02. You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem. Which of the following utilities will you use to diagnose the problem?

a) TRACERT

b) PING

c) IPCONFIG

d) NSLOOKUP

03. Which of the following describes the acceptable amount of data loss measured in time?

a) Recovery Consistency Objective (RCO)

b) Recovery Time Objective (RTO)

c) Recovery Point Objective (RPO)

d) Recovery Time Actual (RTA)

04. Which of the following statements about Discretionary Access Control List (DACL) is true?

a) It specifies whether an audit activity should be performed when an object attempts to access a resource.

b) It is a unique number that identifies a user, group, and computer account.

c) It is a list containing user accounts, groups, and computers that are allowed (or denied) access to the object.

d) It is a rule list containing access control entries.

05. In which of the following access control models, owner of an object decides who is allowed to access the object and what privileges they have?

a) Access Control List (ACL)

b) Mandatory Access Control (MAC)

c) Role Based Access Control (RBAC)

d) Discretionary Access Control (DAC)

06. Which of the following attacks can be overcome by applying cryptography?

a) Web ripping

b) DoS

c) Sniffing

d) Buffer overflow

07. Which of the following types of firewall functions at the Session layer of OSI model?

a) Circuit-level firewall

b) Application-level firewall

c) Packet filtering firewall

d) Switch-level firewall

08. The network you administer allows owners of objects to manage the access to those objects via access control lists. This is an example of what type of access control?

a) RBAC

b) MAC

c) CIA

d) DAC

09. Which of the following are examples of physical controls used to prevent unauthorized access to sensitive materials?

a) Thermal alarm systems

b) Security Guards

c) Closed circuit cameras

d) Encryption

10. In which of the following network topologies does the data travel around a loop in a single direction and pass through each device?

a) Ring topology

b) Tree topology

c) Star topology

d) Mesh topology

Answers:-

Answer 1:- a

Answer 2:- d

Answer 3:- c

Answer 4:- c

Answer 5:- d

Answer 6:- c

Answer 7:- a

Answer 8:- d

Answer 9:- a, b, c

Answer 10:- a