Security Certification

Security Certification David Cass, CISSP, NSA-IAM

Why Security Certification • Professional validation of skills • exposure to industry standards • best practices • baseline skills for a specific role

Why Security Certification • Internal & External Value • Credible advice & support • Quality of work & productivity • Differentiation of your organization or group • Culture of excellence

Why Security Certification • Certification: • Not a substitute for years of experience

Which certifications are right for my organization? • Organizational Needs Assessment: • Roles & Responsibilities • Experience • Types of Infrastructure equipment supported

Security Certifications • Classifications: • Benchmark • Wide recognition by professionals in all sectors • Advanced level • Prerequisite for many senior jobs • Foundation • Introductory certifications • One to four years of experience

Security Certifications • Classifications: • Intermediate • 3 to 4 years of networking experience • 2 years of IT Security experience • Advanced • Expert level • Minimum of 4 years of IT Security experience

Security Certifications • Vendor and Product Specific • Hardware/ software dependent • Range from intro to expert or advanced levels • Examples include: Cisco, Check Point, Symantec, Tivoli, Microsoft, and others

Security Certifications • Benchmark certifications: • CISSP • isc2.org • Common Body of Knowledge • Access Control Systems and Methodology • Applications & Systems Development • Business Continuity Planning • Cryptography • Law, Investigation & Ethics

Security Certifications • Benchmark: • CISSP • Common Body of Knowledge • Operations Security • Physical Security • Security Architecture & Models • Security Management Practices • Telecommunications, Network & Internet Security

Security Certifications • Benchmark: • Certified Information Systems Auditor (CISA) • isaca.org • IT audit community • Covers: • Management, planning and organization of IS • Technical infrastructure and operational practices • Protection of Information Assets • Disaster Recovery and Business Continuity

Security Certifications • Benchmark: • Certified Information Systems Auditor (CISA) • Covers: • Business Application Systems Development, Acquisition, Implementation and Maintenance • Business Process Evaluation and Risk Management • IS Audit Process

Security Certifications • Foundation level: • Security+ • CompTIA • Focus on basic architecture, business, and products • Covers: • General Security Concepts • Communications Security • Infrastructure Security • Basics of Cryptography • Operational/Organizational Security

Security Certifications • Foundation level: • TICSA Certified Security Associate by Trusecure • Network admins, and entry level audit personnel • Focus on architecture and products • Covers: • Security Practices and Procedures • Security Fundamentals • TCP/IP Networking Fundamentals • Firewall Management Fundamentals • Detection, Response & Recovery

Security Certifications • Foundation level: • TICSA Certified Security Associate by Trusecure • Covers: • Administration & Maintenance Fundamentals • Design & Configuration Basics • Malicious Code Fundamentals • Law, Ethics, and Policy • Authentication Fundamentals • Cryptography Basics

Security Certifications • Foundation level: • SANS • GIAC Security Essentials (GSEC) • Basic understanding of the CBK • Basic skills to incorporate good infosec practices • GIAC IT Security Audit Essentials • Developing audit checklists • Perform limited risk assessment

Security Certifications • Foundation level: • SSCP (Systems Security Certified Practitioner) • isc2 • Covers: • Access Controls • Administration • Audit and Monitoring • Risk, Response, and Recovery • Cryptography • Data Communications • Malicious Code/Malware

Security Certifications • Intermediate level: • National Security Agency Infosec Assessment Methodology • NSA-IAM • NSA process for identifying and correcting security weaknesses in information systems and networks • GIAC Systems and Network Auditor (GSNA) • Apply risk analysis techniques • Conduct technical audits

Security Certifications • Intermediate level: • CIW Security Analyst Certification • Deployment of e-business transaction and payment security solutions • Implementing e-business security policies • GIAC Certified Windows Security Administrator (GCWN) • Secure and audit Windows systems • GIAC Certified UNIX Security Administrator (GCUX) • Secure and audit UNIX and Linux systems

Security Certifications • Intermediate level: • GIAC Specializations • Firewall Analyst • Forensic Analyst • Incident Handler

Security Certifications • Advanced level: • Certified Information Systems Security Professional (CISSP) • isc2: CBK • Additional concentrations: • Information Systems Security Engineering Professional • Information Systems Security Management Professional • Information Systems Security Architecture Professional

Security Certifications • Advanced level: • Certified Information Systems Auditor • Information Systems Audit and Control Association • Globally accepted standard IS Audit and Control

Security Certifications • Vendor Specific: • Cisco: • Cisco Certified Security Professional (Intermediate) • Cisco Certified Internetwork Expert Security (Advanced) • Check Point: • Check Point Certified Security Administrator (Foundation) • Check Point Certified Security Expert (Advanced)

References & Resources • (isc)2 = International Information Systems Security Certifications Consortium, Inc. • https://www.isc2.org • Information Systems Audit and Control Association • http://www.isaca.org • SANS & Global Information Assurance Certification • http://www.giac.org/subject_certs.php • Certification Magazine • http://certmag.com

References & Resources • CIW Certified • http://www.ciwcertified.com • Cisco • http://cisco.com • Check Point • http://checkpoint.com • CSO Magazine • http://csoonline.com

The End • For Additional Information: • David.Cass.wt06@wharton.upenn.edu

Security Certification