Information Security Principles and Practices



Similar documents
Certification and Training

Security Transcends Technology

Information Systems Security Engineering Professional (ISSEP)

Career Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88

Kevin Savoy, CPA, CISA, CISSP Director of Information Technology Audits Brian Daniels, CISA, GCFA Senior IT Auditor

Security Certifications. A Short Survey. Welcome. Stan Reichardt stan2007@sluug.org

Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University

The following chart indicates the Career Academy courses eligible for transfer credit by challenge exam.

Information Security and Privacy. Lynn McNulty, CISSP. Advisory Board November 2008

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP

THE SANS INFORMATION SECURITY SALARY & CAREER ADVANCEMENT SURVEY

Information Security Specialist Training on the Basis of ISO/IEC 27002

Forensic Certifications

The Value of Information Security Certifications

State of South Carolina InfoSec and Privacy Career Path Model

CompTIA CASP Pre-approved Training for CompTIA CASP Continuing Education Units (CEUs)

CLOUD SECURITY CERTIFICATIONS: HOW IMPORTANT ARE THEY?

Social Media Security Training and Certifications. Stay Ahead. Get Certified. Ultimate Knowledge Institute. ultimateknowledge.com

The Next Generation of Security Leaders

Diversen Interactief Centrum voor gerichte Training en Studie Edisonweg 14c, 1821 BN Alkmaar T:

ISQ Handbook. Security. Information. Qualifications. An in-depth coverage of vendor and vendor-neutral qualifications

How To Become A Security Professional

Access FedVTE online at: fedvte.usalearning.gov

Protecting Energy s Infrastructure and Beyond: Cybersecurity for the Smart Grid

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Course and Service Portfolio Specialized IT courses for IT professional and organizations willing to take benefit from the competitive advantages

Vendor/Industry Certifications and a College Degree: A proposed concentration for network infrastructure

FedVTE Training Catalog SPRING advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Program Drill-Downs National

CompTIA Security+ Pre-approved Training for CompTIA Security+ Continuing Education Units (CEUs)

of Highly Effective Security Professionals By Sondra Schneider CEO Security University

LINUX / INFORMATION SECURITY

IT Professional Certifications. By Dana Chaput ACC 626

Securing the Organization: Creating a Partnership Between HR and Information Security

FORMULATING AN EFFECTIVE CYBERSECURITY CURRICULUM

Greg Gleghorn Capella University. Jean Gordon Capella University

Stacey Cumberbatch Commissi oner

Information Systems Security Certificate Program

Bridging the gap between tomorrow s IT job skills and today s workforce

Security Certifications. Presentatie SecCert 101 Jordy Kersten MSc., ISC2 Ass., CEH, OSCP

Kris Madura, MBA, PMP. Security Program Manager

Allegany College of Maryland. 239 Cisco Networking 2 * Offered Fall semester and

Connecting PTE to Careers in Idaho

Tom VAN DEN EYNDE CISSP, CISA, CISM

Certification for Information System Security Professional (CISSP)

Moduli Accreditati (*)

Michigan Technological University. Development of System Administration & Network Security Curriculum

A CBK for Information Security and Critical Infrastructure Protection

Field of Study Area of Expertise Certification Vendor Course

Information & Telecommunication Technology

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

Individual Certification of Security Proficiency for Software Professionals: Where Are We? Where Are We Going?

Choosing Ascentor as your cyber security partner. Secure your information Strengthen your business

Hosted by Lunarline: School of Cyber Security

Technology Approved Certifications

Technology Consultant Security Specialist High Profile Organisations Overview and Core Competencies

Information Assurance Curricula and Certifications

Safeguarding U.S. Cyber Assets with Well-Balanced, Proven Information Security Professionals

Renewing CompTIA Certifications With Achieving Other Vendor Certifications

Career Paths in Information Security v6.0

Computer Security and Investigations

Information Technology Credentials

(ISC) Career Impact Survey Executive Summary. The Double Edged Sword: Security Career Opportunities Spike While Hiring Challenges Grow

SENIOR SYSTEMS ANALYST

Websense Certified Engineer Web Security Professional Examination Specification

Expert Reference Series of White Papers. Planning a Career Path in Cybersecurity

Integrating web application security control in the system development lifecycle

Editor Stacy Simpson, SAFECode. Contributors

Update on the CSSLP And its Impact on the SDLC Profession. Hart Rossman, CSSLP Member, (ISC) 2 Application Security Advisory Board

A Draft Model Curriculum for Programs of Study in Information Security and Assurance

IT S A FUNNY THING ABOUT OFFICIAL CERTIFICATES

SECURITY CERTIFICATIONS

SUBJECT: Training Policy-04 (Revised) Defense Finance and Accounting Service Civilian Licenses, Certifications and Related Expenses

Crafting an Undergraduate Information Security Emphasis Within Information Technology

Zubair Alexander's Training History (History of classes taught from June 28, 1996 through today)

Program Drill-Downs Western New York

COMPUTER AND INTERNETWORKING TECHNOLOGIES

InfoSec Academy Application & Secure Code Track

How To Get A Top Paying Certification

Brandman University. School of CCNA

Guide to information security certifications. SearchSecurity.com's guide to vendor-neutral security certifications

S A N S Results for Calendar Year 2008

The current IT market shows great demands for qualified applicants with at least one certification in their given field, Spieth said.

The 10 best IT certifications: 2012

Career Analysis into Cyber Security: New & Evolving Occupations

EUCIP Model and Related Services Frank Mockler Programme Development Manager, ECDL Foundation. Placeholder for licensee logo

Careers and Training in Computers

Work Toward Your Bachelor s Degree

THE SANS 2005 INFORMATION SECURITY SALARY & CAREER ADVANCEMENT SURVEY

Understanding the Federal IT Security Professional (FITSP) Certification

RARITAN VALLEY COMMUNITY COLLEGE COURSE OUTLINE. CISY 229 Information Security Fundamentals

LAnet. How Your Enterprise Can Benefit from Our IT Managed Services LA Networks: Managed Services

FedVTE Course Library

FedVTE Course Library

APEC Guide to Information Security Skills Certification. Booklet

Table of Contents EXECUTIVE SUMMARY ACKNOWLEDGEMENT AND DISCLAIMERS ENGAGEMENT SCOPE AND OBJECTIVES EXECUTIVE SUMMARY OF ASSESSMENT RESULTS

WHY YOU SHOULD NOT GET A CISSP. Timmay, with a dose of Jericho

Track 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE

E M P I R E C O L L E G E

IT Security. Securing Your Business Investments

Transcription:

Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 3: Certification Programs and the Common Body of Knowledge

Certification & Information Security Industry standards, ethics, and certification of information systems professionals and practitioners is critical to ensuring that a high standard of security is achieved Certification benefits both the employer and the employee Oversight and governance of the professional certification process is needed To help maintain its relevance and currency To aid professionals in networking with other professionals To meet that need, the ISC 2 organization was created Principles and Practices 2

Certification & Information Security... International Information Systems Security Certification Consortium (ISC 2 ) Maintaining a CBK for information security Certifying industry professionals and practitioners Administering training and certification examinations Ensuring credentials are maintained Two primary certifications Certified Information Systems Security Professional (CISSP) System Security Certified Practitioner (SSCP) Principles and Practices 3

Information Security Common Body of Knowledge (CBK) The CBK is a compilation and distillation of all security information collected that is relevant to information security professionals CISSP certification includes a working knowledge of all 10 domains (www.isc2.org) Principles and Practices 4

Information Security CBK cont. 10 Domains Security Management Practices (Chap 4) Security Architecture and Models (Chap 5) Business Continuity Planning (Chap 6) Law, Investigations, and Ethics (Chap 7) Physical Security (Chap 8) Operations Security (Chap 9) Access Control Systems and Methodology (Chap 10) Cryptography (Chap 11) Telecommunications, Network, and Internet Security (Chap 12) Applications Development Security (Chap 13) Principles and Practices 5

Other Certificate Programs Certified Information Systems Auditor (CISA) Focuses more on business procedures than technology Certified Information Security Manager (CISM) To assure that information security manager has the required knowledge and ability to provide effective security management and consulting Global Information Assurance Certifications (GIAC) Intended primarily for practitioners or hands-on personnel such as system administrators and network engineers CompTIA Security+ Certification Tests the security knowledge mastery of an individual with two years on-the-job networking security experience Principles and Practices 6

Other Certificate Programs Vendor-Specific Certification Programs Check Point Certified Security Principles Associate Cisco Qualified Specialist Programs Such as Firewall, VPN, Intrusion Protection, etc Cisco Certified Security Professional Cisco Certified Internetwork Expert - Security TracK (CCIE Security Track) INFOSEC Professional Microsoft Certified Systems Engineer Security RSA Certified Systems Engineer Sun Certified Security Administrator for the Solaris Operating System Symantec Technology Architect Principles and Practices 7

Summary The benefits of certification and immersion into the CBK are clear to both employers and professionals who commit to life-long learning and to the betterment of themselves and their careers Principles and Practices 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information