https://www.isc2.org/certifications/References#ISSAP
https://www.isc2.org/certifications/issap/issap-self-study-resources
https://www.isc2.org/landing/issap-study-questions-ebook
-Enterprise Security Architecture: A Business-Driven Approach
-Practical Cybersecurity Architecture: A guide to creating and implementing robust designs for cybersecurity architects
-Agile Application Security: Enabling Security in a Continuous Delivery Pipeline
-Federated Identity Primer
-Identity and Access Management: Fundamentals
-Consumer Identity & Access Management: Design Fundamentals
-Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0
-Practical Cloud Security: A Guide for Secure Design and Deployment
-Threat Modeling: A Practical Guide for Development Teams
-CCSP Official Study Guide
-CISSP Official Study Guide (domains 3, 4, 5, 7. If you have time, read the whole thing, I didn't because I got sick and missed 5 days of studying)
Reddit上刷到ISSAP的备考经验,包括以下参考资料
CISSP Domain 3,4,5,7
CCSP Domain 1,3,5
ISSAP CBK
CISSP AIO + OSG
ISSAP ISC2 Reference (Agile Application Security, PCI, NIST 800-34/40/53/57pt1/61/63-3/63a/63b/63c/64/95/115/125/162
Enterprise Security Architecture-SABSA Chapter)
All CISSP PT+FREE CISSP of certpreps.com
ISSAP考完之后,同CISSP一样,有9个月的时间申请会员,但它要CISSP再加2年工作经验,所以是否也可以先考试,再给个几年攒这2年的经验呢?如果可以,明年可以申请一个带2次重考的试试看。
更新:
通过向官方求证,确认了ISSAP没有准会员这一个阶段,考生必须是CISSP持证2年后才能考,我最快2025年年底审查通过,2026年1月份开始变成CISSP正式会员,也就是说我最快要2028年1月才能报考ISSAP。
所以2026和2027年可以冲一下OSCP,CGRC或者其他证书(SC?)。