Level: Advanced

CISSP - Information Systems Security Engineering Professional (ISSEP)

5 Day | Instructor Led

This course is designed to prepare (ISC)2 CISSP-certification holders for the Information Systems Security Engineering Professional (ISSEP) exam. (ISC)2 created the CISSP-ISSEP engineering-specific concentration in conjunction with the U.S. National Security Agency (NSA) providing an invaluable tool for any systems security engineering professional. CISSPR-ISSEP is the guide for incorporating security into projects, applications, business processes, and all information systems. The course guides students to understand the CISSP-ISSEP Common Body of Knowledge (CBK) by comparing it to a traditional Systems Engineering model, enabling you to see the correlation of how security fits into the design and development process for information systems. The course also introduces key points of more than 50 U.S. government policies and procedures that need to be understood in order to understand the CBK and protect U.S. government information.

Inquire About:
CISSP - Information Systems Security Engineering Professional (ISSEP)

Ideal Candidates for CISSP - Information Systems Security Engineering Professional (ISSEP) Class

Cyber architects
Information assurance engineers
Individuals pursuing CISSP-ISSEP® certification

CISSP - Information Systems Security Engineering Professional (ISSEP) Prerequisites

While there are no prerequisites to attend the ISSEP Course, students must posses a valid CISSP certification to sit for the ISSEP exam

What You'll Get in CISSP - Information Systems Security Engineering Professional (ISSEP)

Expert Level Instruction

Official (ISC)2 Guide to the CISSP-ISSEP CBK

Ultimate Knowledge Institute Award Winning ISSEP Student Workbook

Daily Homework Questions (Over 600 Questions)

Daily Quiz Questions (Over 600 Questions)

Handy Reference Charts and Tables

Flash Cards

Course Related Readings (Reinforcement)

Daily Exercises to Reinforce Memory Recall - Cognitive Core

What You'll Learn in CISSP - Information Systems Security Engineering Professional (ISSEP)

Identify the four domains that are required to cover the Common Body of Knowledge for ISSEP certification

Recognize the components of the SE and ISSE processes

Recognize the activities that comprise the ISSE process

Identify the function and procedures of the PNE process

Identify SE and ISSE activities

Define Certification and Accreditation and its relationship to SE and ISSE

Recognize the concepts and elements of Defense-in-depth

Recognize the elements of risk management

Identify risk assessment activities

CISSP - Information Systems Security Engineering Professional (ISSEP) Certification

Information Systems Security Engineering Professional (ISSEP) Concentration

CISSP - Information Systems Security Engineering Professional (ISSEP) Outline

1. Domain 1: U.S. Government Information Assurance (IA)-Related Policies and Issuances

  • Welcome to the U.S. Government IA-Related Policies and Issuances Domain
  • Applicable National Laws and Policies
  • Department of Defense (DoD) Regulations
  • National Security Systems: Committee on National Security Systems (CNSS)/ National Security Telecommunications and Information Systems Security Policy (NSTISSP) Regulations
  • Regulations for Everyone: Public Laws, FIPS, and Special Publications
  • IA Regulations
  • Definitions and Self-Study Materials

2. Domain 2: Certification and Accreditation (C&A)/Risk Management Framework (RMF)

  • Welcome to the C&A/RMF Domain
  • Integrating C&A/RMF Processes Into Systems Security Engineering
  • U.S. Government Certification and Accreditation Process
  • Managing Security and Risk in Information Systems
  • Definitions and Self-Study Materials

3. Domain 3: Technical Management

  • Welcome to the Technical Management Domain
  • The Support and Acquisition Process
  • Technical Effort Project Initiation
  • Project Planning
  • Technical Effort Implementation and Management
  • Closing the Technical Effort
  • Definitions and Self-Study Materials

4. Domain 4: ISSE-Systems Security Engineering

  • Welcome to the ISSEP-Systems Security Engineering Domain
  • Security Engineering vs. Systems Engineering
  • Discover Information Protection Needs/Conduct a Mission Needs Analysis: Activity 1
  • Define System Security Requirements: Activity 2
  • Define System Security Architecture: Activity 3
  • Develop Detailed Security Systems Design: Activity 4
  • Implement System Security: Activity 5
  • Definitions and Self-Study Materials


A. Erlich


I just wanted to say your presentation on Social Media Technology and Security was the finest I have ever attended.

Wilder Guerra

US Navy Reserve

This course is definitely an eye opener. With how much social media has taken over, it is important to be fully aware of the capabilities along with all the risks it brings. It is important to get this course because social media is the new norm.

Rebekah Coughlin


The Social Media and Security Training course offered by UKI is a great and beneficial course combining technical training to fully understand TCP IP networking, DNS, and the harms of malware and cross-site scripting; as well as practical training that allowed attendees to play with open source social intelligence gathering solutions. This is the perfect class for those involved in IT security and interested in social media and identity theft.

Top Related Courses

The Ransomware exercise is a customized, six-hour, live fire Cyber Range training exercise hosted on ACRE. This exercise is led by expert cyber security engineers and can be executed in a classroom as well as remotely. In this exercise, a ransomware-based attack (i.e., “WannaKry”) is launched via a malicious spear phishing originated compromise. This exercise includes a hands-on keyboard interface, which creates realistic technical training and management interaction opportunities. This exercise is not simulated – it is real malware, detonated in representative network enviroment. Participants are encouraged to view the attack as if it were happening to their institutions in real time, and asked to share what they have done or would do based on the facts provided. Such “range-based” exercises help institutions better understand the impact of an attack and prompt them to improve the ways in which their network defenders respond, communicate, request assistance, and recover from real-world cyber attacks. Institutions that have participated in this exercise have benefited directly by building greater interaction with their security community, as well as increasing capability maturity levels and resiliency across their specific customer sector.

The Cloud Leak exercise is a customized, six-hour, Cyber Range exercise hosted on ManTech’s ACRE® cyber range. This exercise is led by technical instructors and expert cybersecurity engineers and can accommodate 10 to 50 participants in a classroom or remotely. In this exercise, an attack on a cloud-hosted storage service is simulated. Participants are given the following scenario: A major media outlet has contacted bank.com media relations asking for a statement about the discovery that thousands of bank.com customer credit card numbers were obtained through a breach of a cloud storage service. Bank.com is unaware of any such breach. The CEO has requested an immediate investigation into the breach. Participants must determine how the cloud storage site was compromised and the extent of the intrusion, including the types of data exposed and any further infiltration of bank.com’s network. This exercise uses a hands-on keyboard approach to create realistic technical training and management interaction opportunities where participants respond to and report events as identified. Participants are encouraged to view the attack as if it were happening to their institutions in real time. Participants are asked to share what they have done or would do based on the facts provided.

CompTIA's Cybersecurity Analyst (CSA+) training from UKI teaches students to apply behavioral analytics to improve the overall state of IT security, providing critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.

© 2019 Ultimate Knowledge Insitute | All Rights Reserved
GSA# GS-35F-0469W