Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 3: Certification Programs and the Common Body of Knowledge.

Published byEmmeline Carpenter Modified over 8 years ago

Similar presentations

Presentation on theme: "Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 3: Certification Programs and the Common Body of Knowledge."— Presentation transcript:

1 Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 3: Certification Programs and the Common Body of Knowledge

2 Chapter 3: Certification Programs and the Common Body of Knowledge © Pearson Education Information Security: Principles and Practices 2

3 3 Objectives Analyze the Certified Information Systems Security Professional (CISSP) certificate program Define and describe the role of the International Information Systems Security Certifications Consortium Distinguish the contents of the 10 domains of the Common Body of Knowledge (CBK) Distinguish the CISSP from other certifications programs

4 © Pearson Education Information Security: Principles and Practices 4 Certification and Information Security Industry standards, ethics, and certification of information systems professionals and practitioners is critical to ensuring that a high standard of security is achieved Certification benefits both the employer and the employee Oversight and governance of the professional certification process is needed  To help maintain its relevance and currency  To aid professionals in networking with other professionals To meet that need, the ISC 2 organization was created

5 © Pearson Education Information Security: Principles and Practices 5 Certification and Information Security cont. International Information Systems Security Certification Consortium (ISC 2 )  Maintaining a CBK for information security  Certifying industry professionals and practitioners  Administering training and certification examinations  Ensuring credentials are maintained Two primary certifications  Certified Information Systems Security Professional (CISSP)  System Security Certified Practitioner (SSCP)

6 © Pearson Education Information Security: Principles and Practices 6 Information Security CBK The CBK is a compilation and distillation of all security information collected that is relevant to information security professionals  CISSP certification includes a working knowledge of all 10 domains (www.isc2.org)www.isc2.org

7 © Pearson Education Information Security: Principles and Practices 7 Information Security CBK cont. Security Management Practices (Chap 4) Security Architecture and Models (Chap 5) Business Continuity Planning (Chap 6) Law, Investigations, and Ethics (Chap 7) Physical Security (Chap 8) Operations Security (Chap 9) Access Control Systems and Methodology (Chap 10) Cryptography (Chap 11) Telecommunications, Network, and Internet Security (Chap 12) Applications Development Security (Chap 13) 10 Domains

8 © Pearson Education Information Security: Principles and Practices 8 Other Certificate Programs Certified Information Systems Auditor (CISA)  Focuses more on business procedures than technology Certified Information Security Manager (CISM)  To assure that information security manager has the required knowledge and ability to provide effective security management and consulting Global Information Assurance Certifications (GIAC)  Intended primarily for practitioners or hands-on personnel such as system administrators and network engineers CompTIA Security+ Certification  Tests the security knowledge mastery of an individual with two years on-the-job networking security experience

9 © Pearson Education Information Security: Principles and Practices 9 Other Certificate Programs cont. Vendor-Specific Certification Programs  Check Point Certified Security Principles Associate  Cisco Qualified Specialist Program  INFOSEC Professional  Microsoft Certified Systems Engineer Security Specializations  RSA Certified Systems Engineer  Sun Certified Security Administrator for the Solaris Operating System  Symantec Technology Architect  Tivoli Certified Consultant  Windows Server 2003 Security Certified Professional

10 © Pearson Education Information Security: Principles and Practices 10 Summary The benefits of certification and immersion into the CBK are clear to both employers and professionals who commit to life-long learning and to the betterment of themselves and their careers

Download ppt "Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 3: Certification Programs and the Common Body of Knowledge."

Similar presentations

Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.
IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
Information Technology as a Profession

Information Technology as a Profession
1 Presented by Mark D’Ermes Director of Recruiting Wednesday May 16 th, 2012 Managing Your InfoSec Career An Employers Perspective This document is confidential.

1 Presented by Mark D’Ermes Director of Recruiting Wednesday May 16 th, 2012 Managing Your InfoSec Career An Employers Perspective This document is confidential.
Security and Personnel

Security and Personnel
INFORMATION SECURITY MANAGEMENT L ECTURE 10: P ERSONNEL & S ECURITY You got to be careful if you don’t know where you’re going, because you might not get.

INFORMATION SECURITY MANAGEMENT L ECTURE 10: P ERSONNEL & S ECURITY You got to be careful if you don’t know where you’re going, because you might not get.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
IT Security Learning Path March 2013. IT Security Learning Path 0-1 years2-3 years5-10 years IT Security Beginner IT Security Intermediate IT Security.

IT Security Learning Path March IT Security Learning Path 0-1 years2-3 years5-10 years IT Security Beginner IT Security Intermediate IT Security.
Hands-On Ethical Hacking and Network Defense

Hands-On Ethical Hacking and Network Defense
SFO ® Certification Program Copyright 2015 ASBO International.

SFO ® Certification Program Copyright 2015 ASBO International.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
CIT 694 Introduction. CISSP Certified Information Systems Security Professional “The credential for professionals who develop policies and procedures.

CIT 694 Introduction. CISSP Certified Information Systems Security Professional “The credential for professionals who develop policies and procedures.
Personnel and Security

Personnel and Security
(c) 2004 Allan Berg Building the Security Workforce of Tomorrow Allan Berg University of Dallas Graduate School of Management.

(c) 2004 Allan Berg Building the Security Workforce of Tomorrow Allan Berg University of Dallas Graduate School of Management.
Security Certification

Security Certification
Security Certifications

Security Certifications
What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT.

What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT.
The Road to the Microsoft MCITP Certifications and Other Topics Networking Curriculum.

The Road to the Microsoft MCITP Certifications and Other Topics Networking Curriculum.
Certified Information System Security Professional (CISSP)

Certified Information System Security Professional (CISSP)
The Top Ten of Security. Ten best practices for securing your network. Ten best security web sites. Eight certifications.

The Top Ten of Security. Ten best practices for securing your network. Ten best security web sites. Eight certifications.

Similar presentations

Ads by Google