Training for CISSP - is the most important step in the career of expert information security. Formal Training ISC2 CISSP is the most thorough and complete review of the concept to protect information systems, provides a set of best practices in the field of information security. Official CISSP training is not only the best way to get fundamental knowledge in all 10 areas (domains) of information security, in accordance with a common knowledge base CISSP, but also helps to organize knowledge and to identify additional areas of expertise in information security, the study of which will be needed in the future.
Who need to do this certification?
- specialists of departments of information security,
- security administrators,
- IT professionals.
- Getting the current, updated educational material;
- Getting basic knowledge in the field of information security;
- Authorized instructor expert from the consortium (ISC) 2;
- The opportunity to continue their professional development within the international community CISSP.
- You will not only get valuable knowledge and skills, as well as become the member of the great family of certified professionals (ISC) 2, which has more than a thousand participants from around the world.
Associates of (ISC)² CISSP is SSCP (Systems Security Certified Practitioner), Certified Authorization Professional (CAP), Certified Secure Software Lifecycle Professional (CSSLP), Certified Information Systems Security Professional (CISSP) certification levels.
Requirements for applicants for the title of CISSP are strict. To become a CISSP, you must have at least five years of experience of work directly as a specialist in information security systems in two or more of the 10 areas CBK.
Exam over view:
CISSP program was developed by an international consortium of certification in the field of Information Systems Security (International Information Security Systems Certification Consortium, ISC2). To obtain this status, you must pass the exam, but the opportunity to take it has not every specialist, but the only one who has at least 3 year experience in this area (this information is checked when registering for the exam). This is a fairly standard requirements for all relevant certifications, which allows to cut the Cubs.
All the CISSP exam questions are selected from a large database, which is annually updated. Most importantly, the current exam (by the way, it shall be in the English language) is constantly updated and is always based on modern technologies and the latest developments in these areas. In addition, unlike other systems of certification in the field of information security, it is not tied to any particular manufacturer, which is indicative of its independence.
Exam for certification CISSP lasts 6 hours and consists of 250 questions, grouped into 10 topics (called domains):
- access control (access control model, identification and authentication technologies, methods of attacks, etc.);
- Network Security (Network Technologies, VPN, firewalls, attack methods, etc.);
- safety management procedures (data classification, security policies, standards, risk analysis, staff training);
- developing secure applications (malicious code, software development);
- cryptography (cryptographic protocols encryption, hashing functions, PKI, methods of attack);
- Security Architecture (security model and its evaluation, Common Criteria, etc.);
- operation of infrastructure security (protection support, personnel management, etc.);
- Business Continuity (damage assessment, restoration of health);
- legislation (laws, investigation of incidents);
- physical security (CCTV, burglar alarms, fire protection, detection of physical invasion).
CISSP is based on "generally accepted amount of knowledge» (Common Body of Knowledge, CBK) for information security professionals. In CBK there are collected the best principles, methods and practices to protect, maintain and continually updated by industry experts. The CISSP certification is an international standard, as CBK does not contain specifics unique to a particular country or region.
To prepare for the CISSP certification provides pre-examination consortium consultation, as well as work authorized by a consortium of educational programs. One of the main partners of (ISC) 2 is the training MIS Training Institute (www.misti.com), and these programs are one of the most common ways to prepare for the certification and maintenance of the status CISSP.
Validity of certification
Passing the exam, you will receive a certificate, but you will have to confirm your status every 3 years. This can be done in two ways: re-examination or "production" of 120 so-called loans that are "earned" by writing relevant articles, speeches on thematic conferences, attending seminars, training, reading books on information security, etc.
“The test is a killer,” says Michael Moorman, professor of computer science at Saint Leo University, who recently became CISSP certified. “It's both broad and deep. The standards are very high and they are maintained by people who met those standards,” he says.