The ISSEP Certification is defined by (ISC)2 as the CISSP concentration area that is designed to denote competence and expertise in information security engineering.
To qualify for and obtain the ISSEP certification, the candidate must possess the CISSP credential, sit for and pass the ISSEP examination, and maintain the ISSEP credential in good standing.
The ISSEP examination is similar in format to that of the CISSP examination. The questions are multiple choice, with the examinee being asked to select the best answer of four possible answers. The examination comprises 150 questions, 25 of which are experimental questions that are not counted. The candidate is allotted three hours to complete the examination.
The ISSEP certification and examination cover the following four primary areas:
Systems security engineering—Focuses on applying the processes of the Information Assurance Technical Framework (IATF) to determine the information assurance needs of an organization, and then to design the corresponding systems in a manner consistent with those needs. Systems security engineering also includes understanding the system life cycle and the related information assurance requirements, defense in depth, and risk assessment methods.
Technical management—Concerned with system development models and associated security mechanisms.
Certification and accreditation—Details the Certification and Accreditation ...