ISC2 CISSP-ISSEP Exam Syllabus

CISSP-ISSEP PDF, CISSP-ISSEP Dumps, CISSP-ISSEP PDF, CISSP-ISSEP VCE, CISSP-ISSEP Questions PDF, ISC2 CISSP-ISSEP VCE, ISC2 ISSEP Dumps, ISC2 ISSEP PDFUse this quick start guide to collect all the information about ISC2 CISSP-ISSEP Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the CISSP-ISSEP ISC2 Information Systems Security Engineering Professional exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual ISC2 ISSEP certification exam.

The ISC2 CISSP-ISSEP certification is mainly targeted to those candidates who want to build their career in Cybersecurity domain. The ISC2 Information Systems Security Engineering Professional (CISSP-ISSEP) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of ISC2 ISSEP.

ISC2 CISSP-ISSEP Exam Summary:

Exam Name ISC2 Information Systems Security Engineering Professional (CISSP-ISSEP)
Exam Code CISSP-ISSEP
Exam Price $599 (USD)
Duration 180 mins
Number of Questions 125
Passing Score 700/1000
Schedule Exam Pearson VUE
Sample Questions ISC2 CISSP-ISSEP Sample Questions
Practice Exam ISC2 CISSP-ISSEP Certification Practice Exam

ISC2 ISSEP Exam Syllabus Topics:

Topic Details

Systems Security Engineering Foundations - 25%

Apply systems security engineering fundamentals - Understand systems security engineering trust concepts and hierarchies
- Identify the relationships between systems and security engineering processes
- Apply structural security design principles
Execute systems security engineering processes - Identify organizational security authority
- Identify system security policy elements
- Integrate design concepts (e.g., open, proprietary, modular)
Integrate with applicable system development methodology - Integrate security tasks and activities
- Verify security requirements throughout the process
- Integrate software assurance method
Perform technical management - Perform project planning processes
- Perform project assessment and control processes
- Perform decision management processes
- Perform risk management processes
- Perform configuration management processes
- Perform information management processes
- Perform measurement processes
- Perform Quality Assurance (QA) processes
- Identify opportunities for security process automation
Participate in the acquisition process - Prepare security requirements for acquisitions
- Participate in selection process
- Participate in Supply Chain Risk Management (SCRM)
- Participate in the development and review of contractual documentation
Design Trusted Systems and Networks (TSN)  

Risk Management - 14%

Apply security risk management principles - Align security risk management with Enterprise Risk Management (ERM)
- Integrate risk management throughout the lifecycle
Address risk to system - Establish risk context
- Identify system security risks
- Perform risk analysis
- Perform risk evaluation
- Recommend risk treatment options
- Document risk findings and decisions
Manage risk to operations - Determine stakeholder risk tolerance
- Identify remediation needs and other system changes
- Determine risk treatment options
- Assess proposed risk treatment options
- Recommend risk treatment options

Security Planning and Design - 30%

Analyze organizational and operational environment - Capture stakeholder requirements
- Identify relevant constraints and assumptions
- Assess and document threats
- Determine system protection needs
- Develop Security Test Plans (STP)
Apply system security principles - Incorporate resiliency methods to address threats
- Apply defense-in-depth concepts
- Identify fail-safe defaults
- Reduce Single Points of Failure (SPOF)
- Incorporate least privilege concept
- Understand economy of mechanism
- Understand Separation of Duties (SoD) concept
Develop system requirements - Develop system security context
- Identify functions within the system and security Concept of Operations (CONOPS)
- Document system security requirements baseline
- Analyze system security requirements
Create system security architecture and design - Develop functional analysis and allocation
- Maintain traceability between specified design and system requirements
- Develop system security design components
- Perform trade-off studies
- Assess protection effectiveness

Systems Implementation, Verification and Validation - 14%

Implement, integrate and deploy security solutions - Perform system security implementation and integration
- Perform system security deployment activities
Verify and validate security solutions - Perform system security verification
- Perform security validation to demonstrate security controls meet stakeholder security requirements

Secure Operations, Change Management and Disposal - 17%

Develop secure operations strategy - Specify requirements for personnel conducting operations
- Contribute to the continuous communication with stakeholders for security relevant aspects of the system
Participate in secure operations - Develop continuous monitoring solutions and processes
- Support the Incident Response (IR) process
- Develop secure maintenance strategy
Participate in change management - Participate in change reviews
- Determine change impact
- Perform verification and validation of changes
- Update risk assessment documentation
Participate in the disposal process - Identify disposal security requirements
- Develop secure disposal strategy
- Develop decommissioning and disposal procedures
- Audit results of the decommissioning and disposal process

To ensure success in ISC2 ISSEP certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for ISC2 Information Systems Security Engineering Professional (CISSP-ISSEP) exam.

Rating: 4.8 / 5 (108 votes)