Security Certification - PowerPoint PPT Presentation

1 / 26
About This Presentation
Title:

Security Certification

Description:

Malicious Code Fundamentals. Law, Ethics, and Policy. Authentication Fundamentals ... Malicious Code/Malware. Security Certifications. Intermediate level: ... – PowerPoint PPT presentation

Number of Views:23
Avg rating:3.0/5.0
Slides: 27
Provided by: david561
Category:

less

Transcript and Presenter's Notes

Title: Security Certification


1
Security Certification
  • David Cass, CISSP, NSA-IAM

2
Why Security Certification
  • Professional validation of skills
  • exposure to industry standards
  • best practices
  • baseline skills for a specific role

3
Why Security Certification
  • Internal External Value
  • Credible advice support
  • Quality of work productivity
  • Differentiation of your organization or group
  • Culture of excellence

4
Why Security Certification
  • Certification
  • Not a substitute for years of experience

5
Which certifications are right for my
organization?
  • Organizational Needs Assessment
  • Roles Responsibilities
  • Experience
  • Types of Infrastructure equipment supported

6
Security Certifications
  • Classifications
  • Benchmark
  • Wide recognition by professionals in all sectors
  • Advanced level
  • Prerequisite for many senior jobs
  • Foundation
  • Introductory certifications
  • One to four years of experience

7
Security Certifications
  • Classifications
  • Intermediate
  • 3 to 4 years of networking experience
  • 2 years of IT Security experience
  • Advanced
  • Expert level
  • Minimum of 4 years of IT Security experience

8
Security Certifications
  • Vendor and Product Specific
  • Hardware/ software dependent
  • Range from intro to expert or advanced levels
  • Examples include Cisco, Check Point, Symantec,
    Tivoli, Microsoft, and others

9
Security Certifications
  • Benchmark certifications
  • CISSP
  • isc2.org
  • Common Body of Knowledge
  • Access Control Systems and Methodology
  • Applications Systems Development
  • Business Continuity Planning
  • Cryptography
  • Law, Investigation Ethics

10
Security Certifications
  • Benchmark
  • CISSP
  • Common Body of Knowledge
  • Operations Security
  • Physical Security
  • Security Architecture Models
  • Security Management Practices
  • Telecommunications, Network Internet Security

11
Security Certifications
  • Benchmark
  • Certified Information Systems Auditor (CISA)
  • isaca.org
  • IT audit community
  • Covers
  • Management, planning and organization of IS
  • Technical infrastructure and operational
    practices
  • Protection of Information Assets
  • Disaster Recovery and Business Continuity

12
Security Certifications
  • Benchmark
  • Certified Information Systems Auditor (CISA)
  • Covers
  • Business Application Systems Development,
    Acquisition, Implementation and Maintenance
  • Business Process Evaluation and Risk Management
  • IS Audit Process

13
Security Certifications
  • Foundation level
  • Security
  • CompTIA
  • Focus on basic architecture, business, and
    products
  • Covers
  • General Security Concepts
  • Communications Security
  • Infrastructure Security
  • Basics of Cryptography
  • Operational/Organizational Security

14
Security Certifications
  • Foundation level
  • TICSA Certified Security Associate by Trusecure
  • Network admins, and entry level audit personnel
  • Focus on architecture and products
  • Covers
  • Security Practices and Procedures
  • Security Fundamentals
  • TCP/IP Networking Fundamentals
  • Firewall Management Fundamentals
  • Detection, Response Recovery

15
Security Certifications
  • Foundation level
  • TICSA Certified Security Associate by Trusecure
  • Covers
  • Administration Maintenance Fundamentals
  • Design Configuration Basics
  • Malicious Code Fundamentals
  • Law, Ethics, and Policy
  • Authentication Fundamentals
  • Cryptography Basics

16
Security Certifications
  • Foundation level
  • SANS
  • GIAC Security Essentials (GSEC)
  • Basic understanding of the CBK
  • Basic skills to incorporate good infosec
    practices
  • GIAC IT Security Audit Essentials
  • Developing audit checklists
  • Perform limited risk assessment

17
Security Certifications
  • Foundation level
  • SSCP (Systems Security Certified Practitioner)
  • isc2
  • Covers
  • Access Controls
  • Administration
  • Audit and Monitoring
  • Risk, Response, and Recovery
  • Cryptography
  • Data Communications
  • Malicious Code/Malware

18
Security Certifications
  • Intermediate level
  • National Security Agency Infosec Assessment
    Methodology
  • NSA-IAM
  • NSA process for identifying and correcting
    security weaknesses in information systems and
    networks
  • GIAC Systems and Network Auditor (GSNA)
  • Apply risk analysis techniques
  • Conduct technical audits

19
Security Certifications
  • Intermediate level
  • CIW Security Analyst Certification
  • Deployment of e-business transaction and payment
    security solutions
  • Implementing e-business security policies
  • GIAC Certified Windows Security Administrator
    (GCWN)
  • Secure and audit Windows systems
  • GIAC Certified UNIX Security Administrator (GCUX)
  • Secure and audit UNIX and Linux systems

20
Security Certifications
  • Intermediate level
  • GIAC Specializations
  • Firewall Analyst
  • Forensic Analyst
  • Incident Handler

21
Security Certifications
  • Advanced level
  • Certified Information Systems Security
    Professional (CISSP)
  • isc2 CBK
  • Additional concentrations
  • Information Systems Security Engineering
    Professional
  • Information Systems Security Management
    Professional
  • Information Systems Security Architecture
    Professional

22
Security Certifications
  • Advanced level
  • Certified Information Systems Auditor
  • Information Systems Audit and Control Association
  • Globally accepted standard IS Audit and Control

23
Security Certifications
  • Vendor Specific
  • Cisco
  • Cisco Certified Security Professional
    (Intermediate)
  • Cisco Certified Internetwork Expert Security
    (Advanced)
  • Check Point
  • Check Point Certified Security Administrator
    (Foundation)
  • Check Point Certified Security Expert (Advanced)

24
References Resources
  • (isc)2 International Information Systems
    Security Certifications Consortium, Inc.
  • https//www.isc2.org
  • Information Systems Audit and Control Association
  • http//www.isaca.org
  • SANS Global Information Assurance Certification
  • http//www.giac.org/subject_certs.php
  • Certification Magazine
  • http//certmag.com

25
References Resources
  • CIW Certified
  • http//www.ciwcertified.com
  • Cisco
  • http//cisco.com
  • Check Point
  • http//checkpoint.com
  • CSO Magazine
  • http//csoonline.com

26
The End
  • For Additional Information
  • David.Cass.wt06_at_wharton.upenn.edu
Write a Comment
User Comments (0)
About PowerShow.com