We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byMaya Donovan
Modified over 3 years ago
7-Step Guide to Pass the CISSP Exam Phoenix IEEE Computer Society February 11, 2003 Debbie Christofferson, CISSP, CISM Sapphire-Security Services DebbieChristofferson@earthliink.netDebbieChristofferson@earthliink.net 480-988-4194
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 2www.career-therapy.comDebbieChristofferson@earthlink.net 31 percent of the certificants in a 2002 study received a job promotion within the first year after receiving their primary technical certification. - CertMag.com
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 3www.career-therapy.comDebbieChristofferson@earthlink.net Key Points Defining the value of a CISSP certification Meeting the criteria to become a CISSP Learning exactly what the CISSP exam includes Saving time and stress when preparing to pass the exam Finding out what works and what doesnt Applying methods that work best for you Finding out what to expect after passing the exam
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 4www.career-therapy.comDebbieChristofferson@earthlink.net Certified Information Systems Security Professional Recognized industry credential for security professionals International Information Systems Security Certification Consortium, or ISC(2) administers it
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 5www.career-therapy.comDebbieChristofferson@earthlink.net Certification Value Professions often require it Sets national standards in proficiency Provides career recognition Creates a perception of worth and quality for the profession Confirms a working knowledge of information security
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 6www.career-therapy.comDebbieChristofferson@earthlink.net Certification Value For the individual –Highlights value to a potential employer, recognizes career achievements and provides credentials based on requirements and evaluations. –Enhances career –Opens doors To the employer –Provides effective, meaningful and objective measure to determine qualifications of job candidates. –Guarantees specific skills & knowledge of the field –Raises employee morale for companies paying for certification
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 7www.career-therapy.comDebbieChristofferson@earthlink.net Beachfront Quizzer CISSP Benefits Wide-spread acceptance of certification credentials. Simplified recruiting and hiring - assures a minimum knowledge level in applicants, higher quality candidates, & minimizes applicant screening. Validated technical knowledge without being tied to a particular vendor's products. Gives substantial advantage in the fast- changing technology marketplace. Competitive advantage in highly competitive technology markets, for certificate holder and hiring organization.
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 8www.career-therapy.comDebbieChristofferson@earthlink.net Security Demand Specialized certifications could cinch IT applicant job deal Pay raises and bonuses based on certifications dropped with economy Demand for some coveted certifications has been rising, and the value of those certifications is predicted to increase. Specialty Certifications Carry Clout in 2003, By Ellen O'Brien, News Editor, 20 Dec 2002, SearchDatabase.com
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 9www.career-therapy.comDebbieChristofferson@earthlink.net Security Demand "People are scanning resumes for certifications and tossing aside ones that don't have any. "Employers have to start somewhere." David Foote, president of Foote Partners, a New Canaan, Conn., research firm that specializes in tracking certification. Security topped the list of certifications that increased in value in 2002, according to several surveys. By most accounts, the prestigious Certified Information Security Systems Professional (CISSP) should retain its celebrity status in the coming year. Specialty certifications carry clout in 2003 Ellen O'Brien, News Editor, 20 Dec 2002, SearchDatabase.com
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 10www.career-therapy.comDebbieChristofferson@earthlink.net The average certificant earns $55,577 annually. …37 percent of respondents received a promotion within a year of attaining their primary certification, and 53 percent received an average 19.3 percent salary increase in that same first year. Reported in December 2001 CertMag
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 11www.career-therapy.comDebbieChristofferson@earthlink.net Top Certification Salaries HP/Compaq Master ASE $81,131 (ISC)2 CISSP $80,195 Novell Master CNE $77,568 Oracle DBA $75,941 HP/Compaq Accredited Professional $72,285 HP/Compaq API $71,961 Lotus CLP $69,835 Citrix CCEA $68,578 Novell CNE $68,095 HP/Compaq APS $67,721 http://www.certmag.com/issuhttp://www.certmag.com/issues- /dec02/feature_gabelhous.cfm Average certification provides 3.2-to-1 ROI. For every dollar invested in a certification, the certificant realizes a $3.20 return in the form of a pay raise. Up from 2001 study (2.3-to-1 in 2001). Vendors offering low- cost certifications provide best ROIs. Top quartile with regard to vendors certification ROI also includes (ISC)2, Lotus, Citrix and Cisco.
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 12www.career-therapy.comDebbieChristofferson@earthlink.net CISSP Price/Value High Price/value of a certification is one of the most important factors candidates consider when choosing a program IBMs certifications rated as providing best price/value Overall and against all attributes of vendors certification programs, (ISC)2 was rated the highest *The more years a certificant has been in IT, the more money he or she makes Source: Certification Magazine, December 2002, Certification, Salaries & the IT Market By Gary Gabelhouse
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 13www.career-therapy.comDebbieChristofferson@earthlink.net CISSP Application Criteria 3-4 years direct IS experience in these or other related fields –Practitioner –Auditor –Consultant –Vendor –Investigator –Instructor ISC)2) Code of Ethics College degree or equivalent life experience Pass the CISSP exam Renewed in 3-year increments –Annual maintenance fee –Continuous education
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 14www.career-therapy.comDebbieChristofferson@earthlink.net CISSP Exam Structure 250 Multiple choice questions 6 hours to complete Ten domainsyou must pass them all Exam questions based on ISC(2) Common Body of Knowledge (CBK) –The foundation for an experienced security professional
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 15www.career-therapy.comDebbieChristofferson@earthlink.net 10 Test Domains 1. Access Control 2. Applications & Systems Development 3. Business Continuity Planning 4. Cryptography 5. Law, Investigation & Ethics 6. Operations Security 7. Physical Security 8. Security Architecture 9. Security Management Practices 10. Telecommunications, Network & Internet Security
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 16www.career-therapy.comDebbieChristofferson@earthlink.net Exam Preparation Strategies That Work Practice tests Self-study Study groups Review seminar or course
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 17www.career-therapy.comDebbieChristofferson@earthlink.net Study Methods Certification Magazine, Tim Sosbe Certification Training: Real Results, Real Value
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 18www.career-therapy.comDebbieChristofferson@earthlink.net CISSP Review Seminar (ISC)² CISSP CBK Register online at –https://www.isc2.orghttps://www.isc2.org Investment discounted for early registration and professional security group members ($2245-$2695) Offered at some industry conferences in condensed format and reduced cost Government rates available
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 19www.career-therapy.comDebbieChristofferson@earthlink.net What Doesnt Work Reading a big stack of books Studying in groups Taking the test cold turkey
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 20www.career-therapy.comDebbieChristofferson@earthlink.net After the Exam Receive written test results Complete and submit CISSP application –CISSP application endorsement by qualified third party before credential is awarded –Candidates employer –Any licensed, certified or commissioned professional may endorse a CISSP candidate Annual maintenance fee $85
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 21www.career-therapy.comDebbieChristofferson@earthlink.net After Passing the Exam Receive certificate and ID with CISSP designation & # Optional –CISSP directory listing –Speakers Bureau participation –Serve on committees –Participate in annual ISC(2) elections
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 22www.career-therapy.comDebbieChristofferson@earthlink.net Re-Certification Every 3 Years Earn 120 hours continuing professional education (CPE) credit over 3 year period –80-120 A-Credit hours. 80 must be earned in activities directly related to profession –40 B-Credit hours. Up to 40 CPEs may be earned in other educational activities that enhance the CISSPs overall professional skills, knowledge, and competency. –Some carry-over permitted if you earn more than 120 hours in a 3-year period OR retake and pass the exam every three years Random audits
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 23www.career-therapy.comDebbieChristofferson@earthlink.net Earning Certification Credit –Educate others on security –Write on security –Author CISSP exam questions –Participate in security forums –Serve on professional security group boards and committees –Attend security training
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 24www.career-therapy.comDebbieChristofferson@earthlink.net SSCP System Security Certified Practitioner International standard for practitioners of information security and understanding of a Common Body of Knowledge (CBK). Sponsored and administered by ISC(2) Covers seven domains Focuses on practices, roles and responsibilities as defined by experts from major IS industries. Includes 125 multiple-choice questions, on exam with up to 3 hours given for completion
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 25www.career-therapy.comDebbieChristofferson@earthlink.net SSCP Seven domains: 1.Access Controls 2.Administration 3.Audit and Monitoring 4.Risk, Response and Recovery 5.Cryptography 6.Data Communications 7.Malicious Code/Malware
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 26www.career-therapy.comDebbieChristofferson@earthlink.net Other Security Certifications ISACA CISM - Certified Information Security Manager ITAA ISA – Information Security Awareness CWSP – Certified Wireless Security Professional (secure your wireless LAN) –http://www.certz.com/certztop50/index.htmlhttp://www.certz.com/certztop50/index.html
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 27www.career-therapy.comDebbieChristofferson@earthlink.net ISACA CISA - Certified Information System Auditor ISACA lists 29,000 worldwide Geared to information assurance and business processes. Beginning of competence in auditing and IT auditing Auditing is biggest component Common in IT auditing with audit firms, banking, and finance
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 28www.career-therapy.comDebbieChristofferson@earthlink.net SANS Security Institute Global Information Assurance Certification (GIAC) –GIAC Certified Intrusion Analyst (GCIA) –GIAC Certified Firewall Analyst (GCFW) –GIAC Security Essentials Certification (GSEC) Additional certifications will follow shortly, with the GIAC Certified UNIX Security Administrator (GCUX) next on the list for release
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 29www.career-therapy.comDebbieChristofferson@earthlink.net CISCO Security Certifications CCSP - Cisco® Certified Security Professional –For network professionals who design and implement secure CISCO networks. MCNS - Managing Cisco Network Security CSPFA - Cisco Secure PIX Firewall Advanced CSIDS - Secure Intrusion Detection System CSVPN - Cisco Secure VPN CSI - Cisco SAFE Implementation
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 30www.career-therapy.comDebbieChristofferson@earthlink.net NSA ISSEP Certification ISC2 selected by the NSA to develop new ISSEP (Information Systems Security Engineering Professional) certification Likely to become a best practice for people who want to do highly sophisticated information security work within the national security sector, and throughout government and private sector. (ISC)2 plans to offer the new certification to all federal agencies and private-sector companies that do business with the federal government
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 31www.career-therapy.comDebbieChristofferson@earthlink.net "The U.S. government has a unique set of standards for information security," said Patricia Moreno, chief of staff for NSA's Information Assurance Directorate. "We believe (ISC)2's longtime international expertise in professional certification best suits our training needs within NSA."
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 32www.career-therapy.comDebbieChristofferson@earthlink.net ISSEP Certification Domains Certification and accreditation Government policy and regulation Systems security engineering process Protection needs determination
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 33www.career-therapy.comDebbieChristofferson@earthlink.net Security Certifications CISA (ISACA) CISSP® (ISC)² GIAC (SANS) CISM (ISACA) ISEB (ISMC) ISSAP (ISC)² ISSEP (ISC)² ISSMP (ISC)² ITPC (UK Gov't) SSCP® (ISC)² Security + (CompTIA) TICSA (TruSecure) Vendor Specific Certification: i.e. MCSE –Listed by Reed Surveys Feb/04
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 34www.career-therapy.comDebbieChristofferson@earthlink.net ITAA Survey on Certifications & Hiring Seventy-three percent said Certified Information Security Systems Professional (CISSP) certifications carry the most weight. September 15, 2003 Press Release at www.itaa.org/news www.itaa.org/news
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 35www.career-therapy.comDebbieChristofferson@earthlink.net Summary Beef up your resume and career Complete practice tests by domain Study only the domains below 85% Complete a review course for best rate of passing Allocate study time based on experience and practice test results
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 36www.career-therapy.comDebbieChristofferson@earthlink.net Appendix
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 37www.career-therapy.comDebbieChristofferson@earthlink.net Terms & Definitions CBK – Common Body of Knowledge CISA - Certified Information Systems Auditor CISM – Certified Information Security Manager CISSP - Certified Information Security System Professional SANS Institute - SysAdmin, Audit, Network, Security SSCP – System Security Certified Practitioner
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 38www.career-therapy.comDebbieChristofferson@earthlink.net Resources - CISSP www.isc2.org –Certifying body for CISSP, SSCP, and NSAs ISSEP –Test & review seminar schedule, resources, jobs CISSP Review Course schedule –https://www.isc2.org/cgi/course_schedule.cgihttps://www.isc2.org/cgi/course_schedule.cgi www.cissp.com –Books, seminar & exam schedules, resources, jobs
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 39www.career-therapy.comDebbieChristofferson@earthlink.net Computer Security Institute 30 th Annual Security Conference Sponsored by (ISC)2 Review Seminar –November 5-6, 8:30 AM - 5:00 PM CISSP Exam: –Friday, November 7, 8:00 AM to 3:00 PM CISSP Networking Reception –Tuesday, November 4, 6:30 - 7:30 PM http://www.gocsi.com/events/cissp-exam.jhtml
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 40www.career-therapy.comDebbieChristofferson@earthlink.net Official (ISC)2 Guide to the CISSP Exam Created by the exam's certifying organization (ISC)2. Based on the CISSP course Reviewed by past ISSA President and ISSA/(ISC)2 and Hal Tipton Retail Price: $69.95 –Discounted at www.cissp.com to $60 USDwww.cissp.com Rating at www.cissp.comwww.cissp.com
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 41www.career-therapy.comDebbieChristofferson@earthlink.net CISSP Exam Guide Books The CISSP Prep Guide: Mastering the Ten Domains of Computer Security –by Ronald L. Krutz, Russell Dean Vines and Edward M. Stroz CISSP Exam Cram –by Mandy Andress CISSP All-in-One Exam Guide –by Shon Harris, for practice exams Security Engineering: A Guide to Building Dependable Distributed Systems –by Ross J. Anderson. Covers most exam topics
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 42www.career-therapy.comDebbieChristofferson@earthlink.net CISSP Exam Guide Books CISSP All-in-One Exam Guide –by Shon Harris. DVD training class also available. The Total CISSP Exam Prep Book: Practice Questions, Answers, and Test Taking Tips and Techniques –by Thomas Peltier, Patrick D. Howard CISSP for Dummies –by Lawrence C. Miller Mike Meyers CISSP Certification Passport –by Shon Harris
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 43www.career-therapy.comDebbieChristofferson@earthlink.net CISSP Practice Tests www.cissp.com –Exam Preparation Software –FlashCard for the CISSP exam www.boson.com www.cccure.org www.srvbooks.com www.bfq.com
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 44www.career-therapy.comDebbieChristofferson@earthlink.net Certification Resources Books –www.amazon.comwww.amazon.com –Information Security Management Handbook, 4th Edition, Vol I and IIInformation Security Management Handbook, 4th Edition, Vol I and II –by Harold F. Tipton & Micki Krause SANS Institute www.sans.orgwww.sans.org ISACA www.isaca.orgwww.isaca.org –CISA & CISM Certification exam practice –http://www.freepractice.com/default.htmhttp://www.freepractice.com/default.htm –http://www.skilldrill.com/http://www.skilldrill.com/ –http://www.certificationzone.comhttp://www.certificationzone.com
©2004 www.career-therapy.com DebbieChristofferson@earthlink.net Page 45www.career-therapy.comDebbieChristofferson@earthlink.net Bio Debbie Christofferson, CISSP, CISM Practiced leading edge Fortune 500 security management and consulting for 14 years, with 20 overall years in the technology field. Consultant, speaker, and published author www.Sapphire-Security.com www.Career-Therapy.com DebbieChristofferson@earthlink.net
Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.
American Society for Quality Certification Programs Presented 21 July 2009 by Diane G. Kulisek
Certification and Training Presented by Sam Jeyandran.
CIT 694 Introduction. CISSP Certified Information Systems Security Professional “The credential for professionals who develop policies and procedures.
2 Information System Security Association ISSA Buffalo Niagara Introduction to CISSP Study Sessions.
Time for a BREAK! You have 45 Minutes.
Presented to: By: Date: Federal Aviation Administration FAA Safety Team FAASafety.gov AMT Awards Program Sun ‘n Fun Bryan Neville, FAASTeam April 21, 2009.
Peterson’s Practice AP Exam
CISSP Thomas Moore. Thomas Moore, Ph.D., EMBA BCSA BCSP LCNAD CISM CISSP LMNOP (Licensed Microsoft Network Operations Professional) B.S. No, really, in.
What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT.
Essential Cell Biology
10 Reasons to Become a PROFESSIONAL ENGINEER
Solving the Faculty Shortage in Allied Health 9 th Congress of Health Professions Educators 4 June 2002 Ronald H. Winters, Ph.D. Dean College of Health.
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Development of renewable energy sources in Germany in 2011
Add Governors Discretionary (1G) Grants Chapter 6.
2004 District 12 Leadership Conference Hotel Westminster – Nice (France) Education resources and opportunities Charlotta Johnsson District Education Chair.
Page 1 BUILDING A SUCCESSFUL CONSULTING PRACTICE Amy Holloway, Chief Sherpa Avalanche Consulting February 22, 2012.
MaK_Full ahead loaded 1 Alarm Page Directory (F11)
GEtServices Services Training For Suppliers Requests/Proposals.
Welcome to the Dive Crew of The Dive Academy Welcome to the Dive Crew of The Dive Academy.
PP Test Review Sections 6-1 to 6-6
40 Tips Leveraging the New APICS.org to the Benefit of Your Organization, Members, and Customers! 1.
1 RA III - Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Buenos Aires, Argentina, 25 – 27 October 2006 Status of observing programmes in RA.
1 Roadmap for Investing Wisely for a Lifetime Leslie Lum Bellevue Community College.
Security and Personnel
Resistência dos Materiais, 5ª ed.
1 Presenter: Josh Stuckey, Manager Harris County Permits Northwest Freeway Suite 120 Houston, Texas
Licensure IEEE-USAB Licensure and Registration Committee 1 10 Reasons to Become a PROFESSIONAL ENGINEER Supported and Presented by the Professional Engineers.
Promoting Regulatory Excellence Self Assessment & Physiotherapy: the Ontario Model Jan Robinson, Registrar & CEO, College of Physiotherapists of Ontario.
Subtraction: Adding UP
2011年上半年 我院团学工作活动图片展播 2011年8月28日.
Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Juniper.
Energy Generation in Mitochondria and Chlorplasts
TCCI Barometer March “Establishing a reliable tool for monitoring the financial, business and social activity in the Prefecture of Thessaloniki”
AP STUDY SESSION 2.
Standards Certification Education & Training Publishing Conferences & Exhibits ISA Certified Automation Professional ® (CAP ® ) Program.
Copyright © 2012, Elsevier Inc. All rights Reserved. 1 Chapter 7 Modeling Structure with Blocks.
Custom Statutory Programs Chapter 3. Customary Statutory Programs and Titles 3-2 Objectives Add Local Statutory Programs Create Customer Application For.
1 RA I Sub-Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Casablanca, Morocco, 20 – 22 December 2005 Status of observing programmes in RA I.
TCCI Barometer September “Establishing a reliable tool for monitoring the financial, business and social activity in the Prefecture of Thessaloniki”
© 2017 SlidePlayer.com Inc. All rights reserved.