Information Security Principles and Practices



Similar documents
Certification and Training

Security Transcends Technology

Information Systems Security Engineering Professional (ISSEP)

Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor

Security Certifications. A Short Survey. Welcome. Stan Reichardt stan2007@sluug.org

Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University

The following chart indicates the Career Academy courses eligible for transfer credit by challenge exam.

Information Security and Privacy. Lynn McNulty, CISSP. Advisory Board November 2008

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP

Information Security Specialist Training on the Basis of ISO/IEC 27002

Forensic Certifications

The Value of Information Security Certifications

State of South Carolina InfoSec and Privacy Career Path Model

CompTIA CASP Pre-approved Training for CompTIA CASP Continuing Education Units (CEUs)

Social Media Security Training and Certifications. Stay Ahead. Get Certified. Ultimate Knowledge Institute. ultimateknowledge.com

The Next Generation of Security Leaders

Diversen Interactief Centrum voor gerichte Training en Studie Edisonweg 14c, 1821 BN Alkmaar T:

ISQ Handbook. Security. Information. Qualifications. An in-depth coverage of vendor and vendor-neutral qualifications

How To Become A Security Professional

Access FedVTE online at: fedvte.usalearning.gov

Protecting Energy s Infrastructure and Beyond: Cybersecurity for the Smart Grid

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Course and Service Portfolio Specialized IT courses for IT professional and organizations willing to take benefit from the competitive advantages

FedVTE Training Catalog SPRING advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Program Drill-Downs National

CompTIA Security+ Pre-approved Training for CompTIA Security+ Continuing Education Units (CEUs)

of Highly Effective Security Professionals By Sondra Schneider CEO Security University

LINUX / INFORMATION SECURITY

FORMULATING AN EFFECTIVE CYBERSECURITY CURRICULUM

Information Systems Security Certificate Program

Bridging the gap between tomorrow s IT job skills and today s workforce

Security Certifications. Presentatie SecCert 101 Jordy Kersten MSc., ISC2 Ass., CEH, OSCP

Kris Madura, MBA, PMP. Security Program Manager

Allegany College of Maryland. 239 Cisco Networking 2 * Offered Fall semester and

Connecting PTE to Careers in Idaho

Tom VAN DEN EYNDE CISSP, CISA, CISM

Certification for Information System Security Professional (CISSP)

Moduli Accreditati (*)

Michigan Technological University. Development of System Administration & Network Security Curriculum

Field of Study Area of Expertise Certification Vendor Course

Information & Telecommunication Technology

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

Hosted by Lunarline: School of Cyber Security

Technology Approved Certifications

Technology Consultant Security Specialist High Profile Organisations Overview and Core Competencies

Renewing CompTIA Certifications With Achieving Other Vendor Certifications

Career Paths in Information Security v6.0

Computer Security and Investigations

Information Technology Credentials

SENIOR SYSTEMS ANALYST

Websense Certified Engineer Web Security Professional Examination Specification

Update on the CSSLP And its Impact on the SDLC Profession. Hart Rossman, CSSLP Member, (ISC) 2 Application Security Advisory Board

IT S A FUNNY THING ABOUT OFFICIAL CERTIFICATES

SECURITY CERTIFICATIONS

SUBJECT: Training Policy-04 (Revised) Defense Finance and Accounting Service Civilian Licenses, Certifications and Related Expenses

Zubair Alexander's Training History (History of classes taught from June 28, 1996 through today)

COMPUTER AND INTERNETWORKING TECHNOLOGIES

InfoSec Academy Application & Secure Code Track

Brandman University. School of CCNA

Guide to information security certifications. SearchSecurity.com's guide to vendor-neutral security certifications

S A N S Results for Calendar Year 2008

Career Analysis into Cyber Security: New & Evolving Occupations

EUCIP Model and Related Services Frank Mockler Programme Development Manager, ECDL Foundation. Placeholder for licensee logo

Work Toward Your Bachelor s Degree

Understanding the Federal IT Security Professional (FITSP) Certification

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY 229 Information Security Fundamentals

LAnet. How Your Enterprise Can Benefit from Our IT Managed Services LA Networks: Managed Services

FedVTE Course Library

FedVTE Course Library

APEC Guide to Information Security Skills Certification. Booklet

Table of Contents EXECUTIVE SUMMARY ACKNOWLEDGEMENT AND DISCLAIMERS ENGAGEMENT SCOPE AND OBJECTIVES EXECUTIVE SUMMARY OF ASSESSMENT RESULTS

WHY YOU SHOULD NOT GET A CISSP. Timmay, with a dose of Jericho

Track 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE

IT Security. Securing Your Business Investments

Transcription:

Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 3: Certification Programs and the Common Body of Knowledge

Certification & Information Security Industry standards, ethics, and certification of information systems professionals and practitioners is critical to ensuring that a high standard of security is achieved Certification benefits both the employer and the employee Oversight and governance of the professional certification process is needed To help maintain its relevance and currency To aid professionals in networking with other professionals To meet that need, the ISC 2 organization was created Principles and Practices 2

Certification & Information Security... International Information Systems Security Certification Consortium (ISC 2 ) Maintaining a CBK for information security Certifying industry professionals and practitioners Administering training and certification examinations Ensuring credentials are maintained Two primary certifications Certified Information Systems Security Professional (CISSP) System Security Certified Practitioner (SSCP) Principles and Practices 3

Information Security Common Body of Knowledge (CBK) The CBK is a compilation and distillation of all security information collected that is relevant to information security professionals CISSP certification includes a working knowledge of all 10 domains (www.isc2.org) Principles and Practices 4

Information Security CBK cont. 10 Domains Security Management Practices (Chap 4) Security Architecture and Models (Chap 5) Business Continuity Planning (Chap 6) Law, Investigations, and Ethics (Chap 7) Physical Security (Chap 8) Operations Security (Chap 9) Access Control Systems and Methodology (Chap 10) Cryptography (Chap 11) Telecommunications, Network, and Internet Security (Chap 12) Applications Development Security (Chap 13) Principles and Practices 5

Other Certificate Programs Certified Information Systems Auditor (CISA) Focuses more on business procedures than technology Certified Information Security Manager (CISM) To assure that information security manager has the required knowledge and ability to provide effective security management and consulting Global Information Assurance Certifications (GIAC) Intended primarily for practitioners or hands-on personnel such as system administrators and network engineers CompTIA Security+ Certification Tests the security knowledge mastery of an individual with two years on-the-job networking security experience Principles and Practices 6

Other Certificate Programs Vendor-Specific Certification Programs Check Point Certified Security Principles Associate Cisco Qualified Specialist Programs Such as Firewall, VPN, Intrusion Protection, etc Cisco Certified Security Professional Cisco Certified Internetwork Expert - Security TracK (CCIE Security Track) INFOSEC Professional Microsoft Certified Systems Engineer Security RSA Certified Systems Engineer Sun Certified Security Administrator for the Solaris Operating System Symantec Technology Architect Principles and Practices 7

Summary The benefits of certification and immersion into the CBK are clear to both employers and professionals who commit to life-long learning and to the betterment of themselves and their careers Principles and Practices 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information