Security CertificationDavid Cass, CISSP, NSA-IAM
Why Security Certification
Professional validation of skills
• exposure to industry standards
• best practices
• baseline skills for a specific role
Why Security Certification
Internal & External Value
• Credible advice & support
• Quality of work & productivity
• Differentiation of your organization or group
• Culture of excellence
Why Security Certification
Certification:
• Not a substitute for years of experience
Which certifications are right for my organization?
Organizational Needs Assessment:
• Roles & Responsibilities
• Experience
• Types of Infrastructure equipment supported
Security Certifications
Classifications:
• Benchmark– Wide recognition by professionals in all sectors– Advanced level– Prerequisite for many senior jobs
• Foundation– Introductory certifications– One to four years of experience
Security Certifications
Classifications:
• Intermediate– 3 to 4 years of networking experience– 2 years of IT Security experience
• Advanced– Expert level – Minimum of 4 years of IT Security experience
Security Certifications
•Vendor and Product Specific– Hardware/ software dependent– Range from intro to expert or advanced levels– Examples include: Cisco, Check Point, Symantec, Tivoli,
Microsoft, and others
Security Certifications
Benchmark certifications:
• CISSP– isc2.org– Common Body of Knowledge
– Access Control Systems and Methodology
– Applications & Systems Development
– Business Continuity Planning
– Cryptography
– Law, Investigation & Ethics
Security Certifications
Benchmark:
•CISSP– Common Body of Knowledge
– Operations Security
– Physical Security
– Security Architecture & Models
– Security Management Practices
– Telecommunications, Network & Internet Security
Security Certifications
Benchmark:
• Certified Information Systems Auditor (CISA)– isaca.org– IT audit community– Covers:
– Management, planning and organization of IS
– Technical infrastructure and operational practices
– Protection of Information Assets
– Disaster Recovery and Business Continuity
Security Certifications
Benchmark:
• Certified Information Systems Auditor (CISA)– Covers:
– Business Application Systems Development, Acquisition, Implementation and Maintenance
– Business Process Evaluation and Risk Management
– IS Audit Process
Security Certifications
Foundation level:
• Security+– CompTIA– Focus on basic architecture, business, and products– Covers:
– General Security Concepts
– Communications Security
– Infrastructure Security
– Basics of Cryptography
– Operational/Organizational Security
Security Certifications
Foundation level:
• TICSA Certified Security Associate by Trusecure– Network admins, and entry level audit personnel– Focus on architecture and products– Covers:
– Security Practices and Procedures
– Security Fundamentals
– TCP/IP Networking Fundamentals
– Firewall Management Fundamentals
– Detection, Response & Recovery
Security Certifications
Foundation level:
• TICSA Certified Security Associate by Trusecure– Covers:
– Administration & Maintenance Fundamentals
– Design & Configuration Basics
– Malicious Code Fundamentals
– Law, Ethics, and Policy
– Authentication Fundamentals
– Cryptography Basics
Security Certifications
Foundation level:
SANS
• GIAC Security Essentials (GSEC)– Basic understanding of the CBK– Basic skills to incorporate good infosec practices
• GIAC IT Security Audit Essentials– Developing audit checklists– Perform limited risk assessment
Security Certifications
Foundation level:
• SSCP (Systems Security Certified Practitioner)– isc2– Covers:
– Access Controls
– Administration
– Audit and Monitoring
– Risk, Response, and Recovery
– Cryptography
– Data Communications
– Malicious Code/Malware
Security Certifications
Intermediate level:
• National Security Agency Infosec Assessment Methodology– NSA-IAM– NSA process for identifying and correcting security
weaknesses in information systems and networks
• GIAC Systems and Network Auditor (GSNA)– Apply risk analysis techniques– Conduct technical audits
Security Certifications
Intermediate level:
• CIW Security Analyst Certification– Deployment of e-business transaction and payment security
solutions– Implementing e-business security policies
• GIAC Certified Windows Security Administrator (GCWN)– Secure and audit Windows systems
• GIAC Certified UNIX Security Administrator (GCUX)– Secure and audit UNIX and Linux systems
Security Certifications
Intermediate level:
GIAC Specializations
• Firewall Analyst
• Forensic Analyst
• Incident Handler
Security Certifications
Advanced level:
• Certified Information Systems Security Professional (CISSP)– isc2: CBK– Additional concentrations:
– Information Systems Security Engineering Professional
– Information Systems Security Management Professional
– Information Systems Security Architecture Professional
Security Certifications
Advanced level:
• Certified Information Systems Auditor– Information Systems Audit and Control Association– Globally accepted standard IS Audit and Control
Security Certifications
Vendor Specific:
Cisco:
• Cisco Certified Security Professional (Intermediate)
• Cisco Certified Internetwork Expert Security (Advanced)
Check Point:
• Check Point Certified Security Administrator (Foundation)
• Check Point Certified Security Expert (Advanced)
References & Resources
• (isc)2 = International Information Systems Security Certifications Consortium, Inc.
– https://www.isc2.org
• Information Systems Audit and Control Association– http://www.isaca.org
• SANS & Global Information Assurance Certification– http://www.giac.org/subject_certs.php
• Certification Magazine– http://certmag.com
References & Resources
• CIW Certified– http://www.ciwcertified.com
• Cisco– http://cisco.com
• Check Point– http://checkpoint.com
• CSO Magazine– http://csoonline.com