Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Certifications

Published byBernice Bruce Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Certifications"— Presentation transcript:

1 Security Certifications
NEbraskaCERT by Aaron Grothe/CISSP/Security+ & Bob McCoy/CISSP/Security+

2 Introduction Disclaimers General Points Certifications Summary
General Purpose Security Specialization E.g. Computer Forensics Vendor Other Summary Resources

3 Disclaimers All opinions are mine/Bob's
NEbraskaCERT does offer CISSP training not affiliated with ISC2 NebraskaCERT will be offering a chance to sit for the CISSP exam this August 2 at our conference NebraskaCERT may also be offering another training/certification program this year such as NSA IAM All values listed are subject to change

4 General Points Certifications are not a substitute for experience
Certifications vary widely in their quality Be wary of most certifications that are bundled with training Bootcamps with exams at the end might get you a certification, but how much will you retain You probably won't find out which problems you got wrong – in some cases such as CISSP you won't even get a score

5 General Points Slides will be on the website ( in the next couple of days

6 General Certifications
Check Point Certified Security Principles Associate CompTIA Security+ ISC2 CISSP ISC2 SSCP ISC2 area of concentrations

7 General Certifications (Cont)
ISACA CISA ISACA CISM SANS GIAC Security Engineer TruSecure TICSA

8 Check Point Certified Security Principles Associate (CSPA)
Vendor Checkpoint Exam Format Multiple Choice Recertification Requirements N/A Vendor Specific No Cost $150

9 Check Point Certified Security Principles Associate (CSPA)
Value (Subjective) Medium Pros Entry level certification for Check Point Emphasizes Basics Might Supplement other certifications Known Name Cons Potential confusion “what do you mean you don't know how to configure a firewall”

10 CompTIA Security+ Vendor Exam Format Recertification requirements
Multiple Choice Exam 100 questions Recertification requirements None Vendor Specific No Cost $225

11 CompTIA Security+ Value (subjective) Pros Cons Low
Can be taken through Prometric/VUE centers Good entry level certification Can be used to cross certify for some other certifications such as Microsoft Lots of study material available Cons Entry level certification

12 ISC2 Certified System Security Professional (CISSP)
Vendor ISC2 Exam Format 1 Exam 250 questions 6 Hours Recertification requirements Continuing Education Credits & annual fee Vendor Specific No Cost $499 Early Registration, $85 Recert fee

13 ISC2 Certified System Security Professional (CISSP)
Value (Subjective) Very High Pros Gold standard Wide breadth of topics Cons Not as rare as it used to be :-) Limited exam availability Need professional Experience No scores

14 ISC2 System Security Certified Practitioner (SSCP)
Vendor ISC2 Exam Format 1 Exam 125 multiple choice questions 3 hours Recertification Requirements Continuing education requirements & Annual Fee Vendor Specific No Cost $369 Early Registration, $?? Annual Fee

15 ISC2 System Security Certified Practitioner (SSCP)
Value (Subjective) High Pros More easily attained than CISSP Lower requirements Cons Exam availibility restricted as CISSP Considered by some as a junior CISSP

16 ISC2 Area of Concentrations
ISC2 offers the following 3 areas of concentrations Information System Security Engineering Professional (ISSEP) – Developed with NSA ISSMP stands for Information System Security Management Professional (ISSMP) - Management ISSAP stands for Information System Security Architecture Professional (ISSAP) - Architecture

17 ISC2 Area of Concentrations
Exam Format 1 Additional Exam – 100 questions Recertification requirements Continuing education credits & Annual Fee Vendor specific No Cost ~$300

18 ISC2 Area of Concentrations
Value (subjective) Probably High Pros Build upon CISSP Buzz word worth Cons Market hasn't set value yet Lack of study materials

19 ISACA Certified Information System Auditor (CISA)
Vendor ISACA Exam Format 1 Multiple choice exam 200 questions 4 hours Recertification requirements Continuing education credits and annual fee Vendor Specific No Cost $465 Exam Fee, $85 Annual Fee

20 ISACA Certified Information System Auditor (CISA)
Value (subjective) Very high Pros Good name recognition outside of Computer Security Folk Not particularly technical Cons Only offered once a year Experience requirements

21 ISACA Certified Information System Manager (CISM)
Vendor Information System Audit and Control Association Exam Format 1 Multiple choice exam 200 questions 4 hours Recertification requirements Continuing education credits and an annual fee Cost $465 exam fee and $85 annual fee

22 ISACA Certified Information System Manager (CISM)
Value (Subjective) Moderate Pros Complements CISA Cons Not as well known as CISA Confused with CISSP by many Offered only once a year in June Lot of people offered chance to get CISM without taking exam

23 SANS GIAC Security Engineer
Vendor SANS Exam format Multiple choice exams Recertification Requirements Continuing education credits Vendor Specific No Cost 7 Exams at $250, $1250

24 SANS GIAC Security Engineer
Value (Subjective) Very High Pros The “other” security certification Areas of specialization Is more than just an exam Cons Almost a way of life

25 TruSecure ICSA Certified Security Associate (TICSA)
Vendor TruSecure Exam Format 70 question format, multiple choice Recertification requirements Valid for 2 years, Recert plan being developed Vendor Specific No Cost $295.00

26 TruSecure ICSA Certified Security Associate (TICSA)
Value (subjective) Medium Pros Alternative to Security+ for first security certification Appears to have more technical content TruSecure/ICSA has some recognition Cons None, really

27 Specialized Certifications
Certified Wireless Security Professional (CWSP) Certified Ethical Hacker Certified Computer Examiner Certification

28 Certified Wireless Security Professional (CWSP)
Vendor Planet 3 Wireless Prereqs CWNA (Certified Wireless Network Administrator) Exam Format 1 CWNA, 1 CWSP Multiple choice, 60 questions Recertification requirements N/A Cost $150 per exam

29 Certified Wireless Security Professional (CWSP)
Value (subjective) High Pros Wireless is hot area right now Some room for growth in certification path Cons Planet 3 Wireless??? How does this compare to Cisco's

30 Certified Ethical Hacker
Vendor EC-Council (E-Commerce Consultants) Exam Format 125 questions multiple choice Recertification requirements N/A Vendor Specific No Cost ~$250

31 Certified Ethical Hacker
Value (subjective) N/A Pros “Ethical Hacker” title is cool Can take test online Tool based Cons EC-Council Market has yet to place any value on it

32 Certified Computer Examiner Certification
Vendor Certified Computer Examiner.com Exam Format Multiple choice exam Hands on testing Recertification requirements N/A Cost $345, plus potential fees for media

33 Certified Computer Examiner Certification
Value Subjective Relatively High Pros Forensics are hot right now Actually have to recover data off a drive Cons Vendor is not well established yet

34 Vendor Vendors offer security certifications for their products
Checkpoint Cisco HP Microsoft Network Associates (Sniffer Pro) Novell Sun Symantec

35 Other These are a few other certifications which might be encountered
Brainbench offers a variety of certifications including HIPPA and Internet Security Security Certified Program offers several certifications such as Security Certified Network Professional (SCNP) IEEE was working on a certification program

36 Other CIW offers the CIW Security Analyst certification
Ideahamster has several Open Source certification programs, most are tied to training – they make a lot of great information available on their site

37 Summary Possible Certification Paths
Security+ -> TruSecure -> CISSP Vendor Specific Area of specilization Brainbench offers free online sign up and some older exams for free Good chance to get back in habit of taking tests

38 Summary How to get Continuing Education Credits CSFs qualify
Give a talk Attend a security conference Write an article for a security magazine or an article about security

39 Resources (High Level)
CertCities GoCertify

40 Resources (General Certs)
Certified Computer Examiner CompTIA CWSP ISC2

41 Resources (General Certs)
ISACA Sans TruSecure

42 Resources (Vendors) Check Point Cisco HP Microsoft
Cisco HP Microsoft

43 Resources (Vendors) Network Associates Novell Symantec
Novell Symantec

44 Resources (Other) Brainbench Security Certified Program CIW IEEE
Security Certified Program CIW IEEE Idea Hamster

45 Contact Info addresses

Download ppt "Security Certifications"

Similar presentations

Perspectives 2008 Canadian Live Learning Overview Ronda Warrick | Product Marketing November 6, 2008.

Perspectives 2008 Canadian Live Learning Overview Ronda Warrick | Product Marketing November 6, 2008.
Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.
DoD Information Assurance Certification

DoD Information Assurance Certification
1 Presented by Mark D’Ermes Director of Recruiting Wednesday May 16 th, 2012 Managing Your InfoSec Career An Employers Perspective This document is confidential.

1 Presented by Mark D’Ermes Director of Recruiting Wednesday May 16 th, 2012 Managing Your InfoSec Career An Employers Perspective This document is confidential.
Security and Personnel

Security and Personnel
Role of Vendor Technologies in the Development of Network Professionals Mak Sharma and Sharon Cox School of Computing, Telecommunications and Networks.

Role of Vendor Technologies in the Development of Network Professionals Mak Sharma and Sharon Cox School of Computing, Telecommunications and Networks.
StanSource Inc. is Information Technology services and solutions providing organization engaged in providing a full range of solutions and services to.

StanSource Inc. is Information Technology services and solutions providing organization engaged in providing a full range of solutions and services to.
EC-Council | Press The Security Books You Have Been Waiting For!

EC-Council | Press The Security Books You Have Been Waiting For!
IEEE Computer Society Name Title, IEEE Computer Society The community for technology leaders.

IEEE Computer Society Name Title, IEEE Computer Society The community for technology leaders.
IT Security Learning Path March 2013. IT Security Learning Path 0-1 years2-3 years5-10 years IT Security Beginner IT Security Intermediate IT Security.

IT Security Learning Path March IT Security Learning Path 0-1 years2-3 years5-10 years IT Security Beginner IT Security Intermediate IT Security.
UMBC TRAINING CENTERS © 2010, Paladin Group, LLC Certified Information System Security Professional (CISSP)

UMBC TRAINING CENTERS © 2010, Paladin Group, LLC Certified Information System Security Professional (CISSP)
CIT 694 Introduction. CISSP Certified Information Systems Security Professional “The credential for professionals who develop policies and procedures.

CIT 694 Introduction. CISSP Certified Information Systems Security Professional “The credential for professionals who develop policies and procedures.
(c) 2004 Allan Berg Building the Security Workforce of Tomorrow Allan Berg University of Dallas Graduate School of Management.

(c) 2004 Allan Berg Building the Security Workforce of Tomorrow Allan Berg University of Dallas Graduate School of Management.
Security Certification

Security Certification
Slides copyright 2010 by Paladin Group, LLC used with permission by UMBC Training Centers, LLC.

Slides copyright 2010 by Paladin Group, LLC used with permission by UMBC Training Centers, LLC.
What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT.

What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT.
The Road to the Microsoft MCITP Certifications and Other Topics Networking Curriculum.

The Road to the Microsoft MCITP Certifications and Other Topics Networking Curriculum.
Certified Information System Security Professional (CISSP)

Certified Information System Security Professional (CISSP)
The Top Ten of Security. Ten best practices for securing your network. Ten best security web sites. Eight certifications.

The Top Ten of Security. Ten best practices for securing your network. Ten best security web sites. Eight certifications.
Certification and Training Presented by Sam Jeyandran.

Certification and Training Presented by Sam Jeyandran.

Similar presentations

Ads by Google