**这是本文档旧的修订版!**
https://www.isc2.org/certifications/References#ISSAP
https://www.isc2.org/certifications/issap/issap-self-study-resources
https://www.isc2.org/landing/issap-study-questions-ebook
-Enterprise Security Architecture: A Business-Driven Approach
-Practical Cybersecurity Architecture: A guide to creating and implementing robust designs for cybersecurity architects
-Agile Application Security: Enabling Security in a Continuous Delivery Pipeline
-Federated Identity Primer
-Identity and Access Management: Fundamentals
-Consumer Identity & Access Management: Design Fundamentals
-Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0
-Practical Cloud Security: A Guide for Secure Design and Deployment
-Threat Modeling: A Practical Guide for Development Teams
-CCSP Official Study Guide
-CISSP Official Study Guide (domains 3, 4, 5, 7. If you have time, read the whole thing, I didn't because I got sick and missed 5 days of studying)
Reddit上刷到ISSAP的备考经验,包括以下参考资料
CISSP Domain 3,4,5,7
CCSP Domain 1,3,5
ISSAP CBK
CISSP AIO + OSG
ISSAP ISC2 Reference (Agile Application Security, PCI, NIST 800-34/40/53/57pt1/61/63-3/63a/63b/63c/64/95/115/125/162
Enterprise Security Architecture-SABSA Chapter)
All CISSP PT+FREE CISSP of certpreps.com