Login     Signup
   info@zetlantechnologies.com        +91-8680961847

  /   ISC2 Certification   /   ISSAP Certification

CGRC - Governance, Risk and Compliance Certification




Become an ISSAP Security Architecture Professional

The ISSAP is an ideal credential for a chief security architect, analyst or professionals with similar responsibilities. As the architect, you play a key role in information security. Your responsibilities fall between the C-suite and the implementation of your security program.

This security architect certification proves your expertise developing, designing and analyzing security solutions. It also shows you excel at giving risk-based guidance to senior management in pursuit of organizational goals.


Further Distinguish Yourself with ISSAP

Here are just a few reasons to challenge yourself with the security architect certification:


You’re a great fit for the ISSAP if you:


The ISSAP is ideal for those working in roles such as:



Course Details

1. Architect for Governance, Compliance and Risk Management

  • Determine legal, regulatory, organizational and industry requirements
    • Determine applicable information security standards and guidelines
    • Identify third-party and contractual obligations (e.g., supply chain, outsourcing, partners)
    • Determine applicable sensitive/personal data standards, guidelines and privacy regulations
    • Design for auditability (e.g., determine regulatory, legislative, forensic requirements, segregation, high assurance systems)
    • Coordinate with external entities (e.g., law enforcement, public relations, independent assessor)
  • Manage Risk
    • Identify and classify risks
    • Assess risk
    • Recommend risk treatment (e.g., mitigate, transfer, accept, avoid)
    • Risk monitoring and reporting

  • Identify security architecture approach
    • Types and scope
      • Enterprise network
      • Service-Oriented Architecture (SOA)
      • cloud
      • Internet of Things (IoT)
      • Industrial Control Systems (ICS)/Supervisory Control and Data Acquisition (SCADA)
    • Frameworks (e.g., Sherwood Applied Business Security Architecture (SABSA), Service-Oriented Modeling Framework (SOMF))
    • Reference architectures and blueprints
    • Security configuration (e.g., baselines, benchmarks, profiles)
    • Network configuration (e.g., physical, logical, high availability, segmentation, zones)
  • Verify and validate design (e.g., Functional Acceptance Testing (FAT), regression)
    • Validate results of threat modeling (e.g., threat vectors, impact, probability)
    • Identify gaps and alternative solutions
    • Independent Verification and Validation (IV&V) (e.g., tabletop exercises, modeling and simulation, manual review of functions)

  • Develop infrastructure security requirements
    • On-premise, cloud-based, hybrid
    • Internet of Things (IoT), zero trust
  • Design defense-in-depth architecture
    • Management networks
    • Industrial Control Systems (ICS) security
    • Network security
    • Operating systems (OS) security
    • Database security
    • Container security
    • Cloud workload security
    • Firmware security
    • User security awareness considerations
  • Secure shared services
    • Wireless
    • e-mail
    • Voice over Internet Protocol (VoIP)
    • Unified Communications (UC)
    • Domain Name System (DNS)
    • Network Time Protocol (NTP)
  • Integrate technical security controls
    • Design boundary protection
      • Firewalls
      • Virtual Private Network (VPN)
      • Airgaps
      • Software defined perimeters
      • Wireless
      • Cloud-native
      • Secure device management
        • Bring Your Own Device (BYOD)
        • Mobile
        • Server
        • Endpoint
        • Cloud instance
        • Storage
    • Design and integrate infrastructure monitoring
      • Network visibility
        • Sensor Placement
        • Time Reconciliation
        • Span of Control
        • Record compatibility
      • Active/Passive collection solutions (e.g., span port, port mirroring, tap, inline, flow logs)
      • Security analytics
        • Security Information and Event Management (SIEM)
        • Log Collection
        • Machine Learning
        • User Behavior Analytics (UBA)

  • Design infrastructure cryptographic solutions
    • Determine cryptographic design considerations and constraints
    • Determine cryptographic implementation (e.g., in-transit, in-use, at-rest)
    • Plan key management lifecycle (e.g., generation, storage, distribution)
  • Design secure network and communication infrastructure
    • Virtual Private Network (VPN)
    • Internet Protocol Security (IPsec)
    • Transport Layer Security (TLS)
  • Evaluate physical and environmental security requirements
    • Map physical security requirements to organizational needs (e.g., perimeter protection and internal zoning, fire suppression)
    • Validate physical security controls

  • Design identity management and lifecycle
    • Establish and verify identity
    • Assign identifiers (e.g., to users, services, processes, devices)
    • Identity provisioning and de-provisioning
    • Define trust relationships (e.g., federated, stand-alone)
  • Design access control management and lifecycle
    • Access control concepts and principles
      • Discretionary/mandatory
      • Segregation/Separation of Duties (SoD)
      • Least privilege
    • Access control configurations (e.g., physical, logical, administrative)
    • Authorization process and workflow (e.g., governance, issuance, periodic review, revocation)
  • Design identity and access solutions
    • Access control protocols and technologies
      • eXtensible Access Control Markup Language (XACML)
      • Lightweight Directory Access Protocol (LDAP)
    • Credential management Technologies
      • Password Management
      • Certificates
      • smart cards
    • Centralized Identity and Access Management (IAM) architecture
      • Cloud-based
      • On-Premise
      • Hybrid
    • Define authentication methods
      • Multi-Factor Authentication (MFA)
      • Risk-based
        • Location-based
        • Knowledge-based
        • Object-based
        • Characteristics- based
      • Authentication Protocols and Technologies
        • Security Assertion Markup Language (SAML)
        • Remote Authentication Dial-In User Service (RADIUS)
        • Kerberos
      • Roles, rights, and responsibilities related to system, application, and data access control
        • Groups
        • Digital Rights Management (DRM)
        • Trust Relationships
      • Management of privileged accounts
      • Authorization
        • Single Sign-On (SSO)
        • Rule-based
        • Role-based
        • Attribute- based
      • Decentralized Identity and Access Management (IAM) architecture
        • Cloud-based
        • On-Premise
        • Hybrid
      • Privileged Access Management (PAM) implementation (for users with elevated privileges)
      • Accounting (e.g., logging, tracking, auditing)

  • Integrate SDLC with application security Architect
    • Assess code review methodology (e.g., dynamic, manual, static)
    • Assess the need for application protection
      • Web Application Firewall (WAF)
      • Anti-malware
      • Secure Application Programming Interface (API)
      • Secure Security Assertion Markup Language (SAML)
    • Determine encryption requirements (e.g., at-rest, in-transit, in-use)
    • Assess the need for secure communications between applications and databases or other endpoints
    • Leverage secure code repository
  • Determine application security capability requirements and strategy
    • Review security of applications (e.g., custom, Commercial Off-the-Shelf (COTS), in-house, cloud)
    • Determine application cryptographic solutions
      • Cryptographic Application Programming Interface (API)
      • Pseudo Random Number Generator (PRNG)
      • Key management
    • Evaluate applicability of security controls for system components
      • Mobile and web client applications
      • Proxy application
      • Database Services
    • Identify common proactive controls for applications (e.g., Open Web Application Security Project (OWASP))

  • Gather security operations
    • Legal
    • Compliance
    • Organizational
    • Business Requirements
  • Design information security monitoring
    • Security Information and Event Management (SIEM)
    • Insider threat
    • Threat Intelligence
    • User behaviour analytics
    • Incident Response (IR) procedures
    • Detection and analysis
    • Proactive and automated security monitoring and remediation
      • Vulnerability Management
      • Compliance Audit
      • Penetration Testing
  • Design Business Continuity (BC) and resiliency solutions
    • Incorporate Business Impact Analysis (BIA)
    • Determine recovery and survivability strategy
    • Identify continuity and availability solutions (e.g., cold, warm, hot, cloud backup)
    • Define processing agreement requirements (e.g., provider, reciprocal, mutual, cloud, virtualization)
    • Establish Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO)
    • Design secure contingency communication for operations (e.g., backup communication channels, Out-of-Band (OOB))
  • Validate Business Continuity Plan (BCP)/Disaster Recovery Plan (DRP) architecture
  • Design Incident Response (IR) management
    • Preparation (e.g., communication plan, Incident Response Plan (IRP), training)
    • Identification
    • Containment
    • Eradication
    • Recovery
    • Review lessons learned


Fees Structure : 15500 INR / 185 USD
Total No of Class : 75 Video Class
Class Duration : 70:00 Working Hours
Download Feature : Download Avalable
Technical Support : Call / Whatsapp : +91 8680961847
Working Hours : Monday to Firday 9 AM to 6 PM
Payment Mode : Credit Card / Debit Card / NetBanking / Wallet (Gpay/Phonepay/Paytm/WhatsApp Pay)

Brochure       Buy Now       Sample Demo

Fees Structure : 30000 INR / 355 USD
Class Duration : 60 Days
Class Recording : Live Class Recording available
Class Time : Monday to Firday 1.5 hours per day / Weekend 3 Hours per day
Technical Support : Call / Whatsapp : +91 8680961847
Working Hours : Monday to Firday 9 AM to 6 PM
Payment Mode : Credit Card / Debit Card / NetBanking / Wallet (Gpay/Phonepay/Paytm/WhatsApp Pay)

Download Brochure       Pay Online

Information Technologies

Why People Like us!

For over a decade, we have been on a mission: helping everyone grow up in IT Industry. Today, we are asking that you join us.

Read More

More Info

About Us Contact Us Privacy Policy Terms & Condition Refund Policy FAQs & Help

Account

My Account Course Details Shopping Cart Wishlist Order History Payment Details

Contact

Address: Chennai, Tamilnadu, India

Email: info@zetlantechnologies.com

Phone: +91 8680961847

Payment Accepted

Zetlan Technologies, All right reserved.