120 likes | 288 Views
What is CISSP Anyway?. A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT. Where we’re headed today. A little history A little certification And a little more. The Certification Movement.
E N D
What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT
Where we’re headed today • A little history • A little certification • And a little more
The Certification Movement • Security organizations already exist pre-’88 • Special Interest Group for Computer Security (SIG-CS) of the Data Processing Management Association (DPMA) - Nov ‘88 • Volunteers from several organizations began a joint effort to forge a certification program • SIG-CS of the DPMA • Information Systems Security Association (ISSA) • Computer Security Institute (CSI) • Canadian Information Processing Society (CIPS) • Several agencies of the U.S. and Canadian governments • Idaho State University
Certification Realized • International Information Systems Security Certification Consortium (ISC)² established mid-’89 • nonprofit corporation • develop a certification program for information systems security practitioners • certification body, not a membership organization
(ISC)² • Code of Ethics established • Canons • Protect society, the commonwealth, and the infrastructure • Act honorably, honestly, justly, responsibly, and legally • Provide diligent and competent service to principals • Advance and protect the profession
(ISC)² • Certification for Information Systems Security Professionals (CISSP) • Ten “Common Body of Knowledge” (CBK) areas defined • Access Control Systems and Methodology • Telecommunications and Network Security • Security Management Practices • Applications and System Development Security • Cryptography • Security Architecture and Models • Operations Security • Business Continuity Planning and Disaster Recovery Planning • Law, Investigations and Ethics
CISSP • Certification for Information Systems Security Professionals (CISSP) • Examination • Prerequisites: • Subscribe to code of ethics • Have 3 years direct work experience in one of 10 areas of CBK • $450 fee • 6 hours • 250 multiple-choice questions • Recertification • Annual fee of $85 • Abide by code of ethics • Earn 120 Continuing Professional Education (CPE) credits every 3 years
CISSP • Preparation • (ISC)² CBK review seminars • Four days - $1550 (w/ exam add $275) • Eight days - $2800 (w/ exam add $275) • NEbraskaCERT CISSP Exam Preparation Course • Ten weeks - $1495 (discounts available) • Self study
Coming Certification . . . • Systems Security Certified Practitioner (SSCP) • Aimed at network and systems security administrators • Multiple examinations • Core examination - multiple choice • Optional specialty exams specific to technologies - scenario based • Seven areas of CBK • Access controls • Administration • Audit and monitoring • Risk, response and recovery • Cryptography • Data communications • Malicious code
Contacting George • NEbraskaCERT • george.mcmullin@nebraskacert.org • CorpNet Security • george@corpnetsecurity.com • Cell phone • (402) 968-6830