Certified Information Systems Security Professional
Certified Information Systems Security Professional - is a certification for information security from a non-profit organization International Information Systems Security Certifications Consortium, better known as (ISC) ². This certification appeared in the far 1991 and currently about 70 000 experts are active CISSP.
CISSP certification is primarily intended for consultants, accountants, architects, analysts and managers in the field of information security (IS).
CISSP is considered to be one of the highest certifications in information security.
Who need to do this certification?
- Incident Response Personnel
- Information Security Professionals
- IT Managers
- Network Administrators and Architects
- System Administrators
Any organization is very beneficial having certification of its specialists as CISSP. Organization, staffed with CISSP, gain an advantage over competitors. As professionals protecting their data – are the best in their field, these organizations demonstrate to customers, suppliers and their employees the importance and value they attach to security. Also, CISSP qualification means that the staff of information technology is appropriately and consistently professionally trained and prepared.
(ISC) ² provides preliminary certification CISSP Associate (exam followed by a set of work experience). Possible further development CISSP by specialization (concentration): ISSAP (Concentration in Architecture), ISSEP (Concentration in Engineering), ISSMP (Concentration in Management).
At least five full years of work directly as a specialist in information security systems in two or more of the 10 areas CBK
Exam over view:certification test includes 10 domains:
- Access Control
- Telecommunications and Network Security
- Information Security Governance and Risk Management
- Software Development Security
- Security Architecture and Design
- Operations Security
- Business Continuity and Disaster Recovery Planning
- Legal, Regulations, Investigations and Compliance
- Physical (Environmental) Security
The process of preparing \ training:
1) ISACA membership
The first thing you should consider is to become ISACA member. That's a saving on the purchase of the exam and literature to prepare for it. Also, it is access to extensive content, access to the community.
2) Sources of training
The two most important: CISM Review Manual and CD with questions. On some issues, of course, helped Google. Also it is recommended to attend different groups - I signed up for several groups linkedin. A little help, at least keep on our toes.
3) Time and practice
I think the ideal start for 4 months before the exam to:
- Read 2 times completely manual: The manual is quite complicated. In general, until I read the manual once - have forgotten the first chapter. But for the second time - read faster, and actually deposited in the head.
- Pass all the questions in the database: Questions in the final exam will be completely different. But having passed all the questions in the test database, you will be impregnated with Isakovsky spirit and logic, and it is absolutely necessary for the exam. It is recommended to achieve in all 5-domains of at least 80%.
- Deal with new areas: For example, encryption was a new area for me. And indeed, many of the technical terms are necessary to understand. For example DMZ (well, I did not know what it was), the types of attacks, Internet protocols.
4) Programs to prepare for the exams on Information Security:
- Course: (ISG291) Information Security Boot Camp: CISSP Exam Prep Course
- Document of completion: Certificate MIS Training Institute, 37 CPE points
- Advantages: additional reading materials, practical exercises and testing, mock exam at the end of training, advice from the instructor-holder CISSP.
- Consultation workshop Information Security Boot Camp: Prepping for Certification.
This 5-day intensive seminar covers all domains of Common Body of Knowledge, CBK, and other key elements necessary to prepare for the exam for the title of CISSP (ISC2), as well as other examinations in the field of information security. Certification CISSP, Certified Information Systems Security Professional, - an independent and objective measure of professional experience and knowledge in the profession of specialist information security, regarded worldwide as the "gold standard" among certifications for top-level professionals.
At the end of this workshop you will be armed with the most knowledge and skills necessary to pass the exam. You will also receive unique information about how to properly use this knowledge and apply them in the workplace.
Validity of certification
The CISSP certificate is valid for three years. It can be renewed by the re-taking of the exam, but most CISSP holders renew their certificate by submitting Continuing Professional Education (CPE) credits.
Moorman, professor of computer science says: A comprehensive approach to certification in the field of information security requires not only proper certification of information security systems, but also the availability of certified specialists who are able to maintain these systems and manage them at the appropriate level.