CISSP - Certified Information Systems Security Professional Certification
18 August 2006The International Information Systems Security Certifications Consortium [(ISC)2] offers Certified Information Systems Security Professional Certification (CISSP) which is a high level certification program for IT professionals in security field. CISSP Certification was designed to recognize mastery of an international standard for information security and understanding of a Common Body of Knowledge (CBK).
CISSP Certification can enhance a professional’s career and provide added IS credibility. Obtaining CISSP certification is a matter of both personal and professional commitment, and on-going dedication to excellence in the information security [IS] industry. Since there is a growing demand on security professionals, there are many reasons to achieve a CISSP certification:
- Become an expert in the hottest field in IT industry.
- Enhance your knowledge of security concepts and practices.
- Increase you marketability and competitive advantage.
- Secure your current job by offering security expertise.
- Increase salary in current job or in new opportunities.
CISSP Exam
The CISSP Certification examination consists of 250 multiple-choice questions. Candidates have up to 6 hours to complete the examination. Ten CISSP information systems security test domains are covered in the examination pertaining to the Common Body of Knowledge (CBK):
Access Control Systems & Methodology
Controlling access to critical system resources that require protection from unauthorized modificaton or disclosure. Topics include two factor authenticaiton, single sign-on, biometrics, etc.
Applications & Systems Development
The integration and unity of the controls within the application design, databse security models, implementation of multi-level security.
Business Continuity Planning
Planning issues used to address catastrophic system failure, natural disasters, and other severe network service interruptions.
Cryptography
Mathematics, techniques, and infrastructure required to provide confidentiality, data integrity, non-repudiation, and other cryptographic functions.
Law, Investigation & Ethics
Legal issues surrounding computer security. Topics include computer forensics, chain of evidence, computer surveillance, privacy, anonymity, netiquette.
Operations Security
Protection issues that occur during the operation of the networked systems. Covers Java and mobile code security issurs, hacker threats, penetration testing.
Physical Security
The real world security issues that sites must address to be secure. Topics includes facility issues, fences, guards, lighting, etc.
Security Architecture & Models
Topics concerning desktop and network security issues. Covers desktop security policies, physical security of desktop and laptop systems, desktop and network data backup security issues, viruses, secure remote access.
Security Management Practices
People and organization issues. Security awareness, enterprise security architecture, risk assessment.
Telecommunications, Network & Internet Security
Communications protocols, network services, and their vulnerabilities. Covers firewalls perimeter security, extranet access control, Internet based attack, application layer, network layer, and transport layer security, security of communication protocols.
To qualify to take the CISSP exam, you must have three years of direct work experience in one or more of the ten domains that make up the CBK.
The CISSP exam is made up of 250 multiple-choice questions and you are given up to six hours to complete it. Each question has four choices with only one right answer.
Recertification is also required every 3 years, with on-going requirements for maintaining your credentials in good standing.
The exam registration fee is $450.
Resources
(ISC)2 and CISSP’s offical home page
https://www.isc2.org/
CISSP and SSCP open study guides website
http://www.cccure.org/
The web portal for CISSP
http://www.cissps.com/
Computer Security Instutite CISSP page
http://www.gocsi.com/cissp.htm
Boson’s Practice Tests for CISSP exams
http://www.boson.com/tests/secure.htm
Yahoo! Groups HIPAA-CISSP
http://groups.yahoo.com/group/HIPAA-CISSP/
No comments yet
![[Valid RSS]](http://www.itcareersuccess.com/wp-content/themes/andyblue-ver-1/images/valid-rss.png "Validate my RSS feed")