1 / 32

Information System Security Association ISSA Buffalo Niagara

Information System Security Association ISSA Buffalo Niagara. Introduction to CISSP Study Sessions. ISSA Overview. Information Systems Security Association (ISSA) is the largest international, not-for-profit association specifically for security professionals.

jimbo
Download Presentation

Information System Security Association ISSA Buffalo Niagara

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. www.issa.org

  2. Information System Security AssociationISSA Buffalo Niagara Introduction to CISSP Study Sessions www.issa.org

  3. ISSA Overview Information Systems Security Association (ISSA) is the largest international, not-for-profit association specifically for security professionals. The association and chapter provide educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of their members. www.issa.org

  4. ISSA Buffalo Niagara History and Background • First meeting April 11, 2003 • 25 dues paying members and growing • Not yet officially recognized as chapter, but acting like one anyway • Six months of regular meetings • Already held first full day event, 2 more scheduled www.issa.org

  5. Introductions • Name • Organization • Why achieving the CISSP certification is important to you www.issa.org

  6. CISSP Study Group • Study the Common Body of Knowledge (CBK) domains • Review for Exam • Achieve certification through testing www.issa.org

  7. Questions? www.issa.org

  8. Overview of ISC2, CISSP • Certification was discussed for many years among computer security practitioner • Certification was viewed as the way to upgrade the profession. • Certification would enhance the credibility of the computer security profession. • Creation of the International Information Systems Security Certification Consortium, or (ISC)2, was established in mid-1989 www.issa.org

  9. Overview (continued) • ISC2 as an independent, nonprofit corporation whose sole charter is to develop and administer a certification program for information security practitioners. • Now firmly established in North America, the program is quickly gaining international acceptance. • The Certified Information Systems Security Professional (CISSP) designation is a highly respected certification. www.issa.org

  10. Overview (continued) • CISSP Certification was designed to recognize mastery of an international standard for information security and understanding of a Common Body of Knowledge (CBK). • It demonstrates the ability to understand a broad range of security issues in many areas. • CISSP examination consists of 250 multiple-choice questions, each having four possible answers (only one of the answers is most correct). www.issa.org

  11. Overview (continued) • Candidates have up to six-hours to complete the examination. • The level of knowledge required in order to pass the exam is high. • Pass rates are higher for those that attend a CBK review seminar compared to those that study on their own www.issa.org

  12. Questions? www.issa.org

  13. Exam Content • The CBK domains / outline • Not arranged into CBK sequence • Not specific to vendor or platform www.issa.org

  14. Exam Content (cont) • CBK Domains: • Access Control Systems and Methodology • Telecommunications and Networking Security • Security Management Practices • Application and Systems Development Security • Cryptography • Security Architecture and Models • Operations Security • Business Continuity and Disaster Recovery Planning • Law, Investigation and Ethics • Physical Security www.issa.org

  15. FAQ 1 • How is the CISSP examination structured?The CISSP exam is a 250 question English language examination. Candidates are given 6 hours to complete the exam although most complete it in about 4 hours. www.issa.org

  16. FAQ 2 • What are the questions like?All test questions are multiple choice with four possible answers. They are designed to test a candidate's knowledge of information security facts and concepts and their application. www.issa.org

  17. FAQ 3 • How hard is the examination?The examination tests the expected knowledge a 3-5 year practitioner should have. It is designed to test for the minimum level of competency acceptable for someone to be certified as an information systems security professional. A knowledgeable candidate should not find the examination difficult. www.issa.org

  18. FAQ 4 • If the examination isn't particularly difficult, why don't more people pass it?What makes the examination difficult is the expansive knowledge base it covers. It's difficult to develop expertise in all ten domains. www.issa.org

  19. FAQ 5 • Are the questions in the Study Guide really representative of examination questions?The study guide questions are good examples of the format and type of questions you would see on the exam but are not necessarily representative of the difficulty. www.issa.org

  20. FAQ 6 • Which domains are the hardest?The domains that you have the least experience with. For many people these are often cryptography, system architecture, and physical security – these usually score the lowest. www.issa.org

  21. FAQ 7 • Are there questions on NT or UNIX?The CISSP examination is not vendor or commercial product specific. There are questions on the security models and methodologies used by these systems but only security products that are commonly used and freely available (i.e., SATAN) are acceptable for examination questions. www.issa.org

  22. FAQ 8 • What's the passing score?There is no fixed passing score for the examination. The cut score for each examination is calculated by equating the scoring values associated with each question. Passing rates estimated to be in the 70% to 80% range. Less than 8% of those tested achieve scores higher than 85%. www.issa.org

  23. FAQ 9 • How detailed are the questions, what depth of knowledge is being tested? The CISSP examination is designed to evaluate the ability of a security manager, engineer or architect to properly evaluate, select, deploy and assess security measures. A candidate should have a detailed enough knowledge of security designs, measures, vulnerabilities, etc. to successfully accomplish these tasks. www.issa.org

  24. Web Sites • International Information Systems Security Certification Consortium (ISC)2 http://www.isc2.org/ • The CISSP Open Study Guide http://www.cccure.org/ • Web portal for the CISSP http://www.cissp.com • The SANS (System Administration, Networking, and Security) Institute http://www.sans.org/newlook/home.php www.issa.org

  25. Books • CISSP All-in-One Certification Exam Guide • Shon Harris / McGraw Hill • SRV-Publications: CISSP Exam Study and Practice Books • https://www.srvbooks.com/ www.issa.org

  26. Books (cont) • Information Security Management Handbook (multiple editions, volumes) • Editors: Micki Krause, Harold F. Tipton • Advanced CISSP Prep Guide: Exam Q&A - Ronald L. Krutz, Russell Dean Vines www.issa.org

  27. Questions? www.issa.org

  28. Logistics – Times • Time? • 6:00 • 6:30 • 7:00 • Duration? • 1 hour • 1.5 hours • As long as needed www.issa.org

  29. Logistics - Dates • Consider • December 22 • December 29 www.issa.org

  30. ISSA Buffalo Niagara Chapter Activities • Monthly meetings • - Presentations based on chapter members needs • Workshops • - HIPAA was in early August • - Network Attacks and Countermeasures – Th. Oct 30 • - Digital Forensics – Th. Nov 20 • - All based on members needs via member survey • – Rotate management and technical subjects • Certification Test Prep • - Starting today! www.issa.org

  31. ISSA Buffalo Niagara www.issabuffaloniagara.org www.issa.org

More Related