In-Depth Guide to Information Security Certifications

How valuable are security certifications and is the investment and effort worth the result?

See Also: Keep Your Web Properties Efficient, Available, and Secure for a Better e-Learning Experience

Well, certifications certainly seem to be happening today and are in fact a major criterion for hiring qualified security professionals, a practice followed by most companies. The challenge for employers, and the key point, is to understand what a specific certification signifies- If a certification along with mastery in key knowledge areas also tests the practical knowledge of the candidate and his/her ability to perform and execute specific assignments within information security, then the value of certification greatly increases as employers get some sort of assurance that they are hiring the right candidate and have a validation for candidate’s performance skill as well as knowledge in key areas. Value, of certifications also depend on what the candidate needs and is looking for? Getting certification which does not include an experience requirement will definitely not be worth pursuing. Example- for an information security professional striving to conduct vulnerability assessments or penetration tests, a certification in Certified Information System Security Professional (CISSP) or Certified Ethical Hacker (CEH) will be more suitable than getting certified as a Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) which is more directed at the audit and management side. Certification is definitely a big plus in a candidate’s profile specially when backed by solid industry experience.


7 Good Reasons to get a Security Certification-

  • To expand your knowledge in security concepts and practices and get a broader perspective in information security
  • To show a dedication to the security discipline and how committed you are to its practice
  • To enhance your network by joining a professional organization and having the ability to link up with like-minded individuals
  • This gives you an opportunity to focus and specialize in a certain area within information security which helps in further defining your career
  • It definitely adds value to your existing experience and is preferred by hiring managers and employers, with high chances of you getting good response for potential interviews
  • World Wide Recognition-Although certification may not be mandatory for professionals at this time, a growing number of organizations are requiring or recommending that employees become certified. To help ensure success in the global marketplace, it is vital to select a certification program based on universally accepted technical practices.
  • It brings you in a better position to negotiate salary and benefits with potential employers


International Information Systems Security Certification Consortium (ISC) 2
Source - www.isc2.org/

Certifications

Overview

Requirements

Suitable For

Cost

CISSP- Certified Information Security Professional

The Certified Information Systems Security Professional (CISSP®) certification provides information security professionals with not only an objective measure of competence but a globally recognized standard of achievement. The CISSP credential demonstrates competence in 10 security domains

1. Must possess minimum of four years of professional experience in the information security field or three years plus a college degree.

2. Pass the CISSP exam (approx 250 questions/ 6 hours) with a scaled score of 700 points or greater.

3. Candidate application must be endorsed by a (ISC) ² credential holder before the credential can be awarded.

The CISSP credential is ideal for mid- and senior-level managers who are working toward or have already attained positions as CISOs, CSOs or Senior Security Engineers.

Early Registration- $499 (America)

Standard Registration

$599

(America)

SSCP- Systems Security Certified Practitioner

The Systems Security Certified Practitioner (SSCP) credential offers information security tacticians, with implementation orientations, the opportunity to demonstrate their level of competence within seven domains of best practices in information security.

1. Must possess minimum of one year of professional experience in the information security field

2. Pass the SSCP examination (approx 125 questions/ 3 hrs) with a scaled score of 700 points or greater.

3. Candidate application must be endorsed by a (ISC) ² credential holder before the credential can be awarded.

The SSCP credential is ideal for those working toward or who have already attained positions as Senior Network Security Engineers, Senior Security Systems Analysts or Senior Security Administrators

Early Registration- $369(America)

Standard Registration

$469

(America)

CAP-Certification & Accreditation Professional

The CAP credential is an objective measure of the knowledge, skills and abilities required for personnel involved in the Certification and Accreditation process.

1. Must possess a minimum of two years of professional experience in the certification and accreditation field

2. Pass the CAP examination with a scaled score of 700 points or greater

3. Candidate application must be endorsed by a (ISC) ² credential holder before the credential can be awarded.

Specifically, the credential applies to professionals responsible for formalizing processes used to assess risk and establish security requirements.

CAP Early Registration- 16 days before exam date- $369

CAP Standard Registration- less than 16 days from exam date-

$ 469



Other certifications offered by ISC2 - Source: www.isc2.org/

ISSAP -- Information Systems Security Architecture Professional
An (ISC)² ISSAP credential demonstrates competence in the rigorous requirements for information security architecture. ISSAP requirements- candidates for the ISSAP must: be a CISSP in good standing, pass the ISSAP examination and maintain the credential in good standing.

The major domains of the CBK® covered by ISSAP certification are:

  • Access control systems and methodologies
  • Telecommunications and network security
  • Cryptography
  • Requirements analysis and security standards, guidelines and criteria
  • Technology-related business continuity and disaster recovery planning (BCP and DRP)
  • Physical security integration

ISSEP -- Information Systems Security Engineering Professional

ISSEP credential demonstrates competence in the rigorous requirements for information security engineering. ISSEP requirements include-candidates for the ISSEP must: be a CISSP in good standing, pass the ISSEP examination and maintain the credential in good standing.

The major domains of the CBK® covered by ISSEP certification are:

  • Systems security engineering
  • Certification and accreditation
  • Technical management
  • U.S. government information assurance regulations

ISSMP -- Information Systems Security Management Professional

An (ISC)² ISSMP credential demonstrates competence in the rigorous requirements for information security management. ISSEP requirements include-candidates for the ISSMP must: be a CISSP in good standing, pass the ISSEP examination and maintain the credential in good standing.

The major domains of the CBK® covered by ISSEP certification are:

  • Enterprise security management practices
  • Enterprise-wide system development security
  • Overseeing compliance of operations security
  • Understanding BCP, DRP and continuity of operations planning (COOP)
  • Law, investigations, forensics and ethics



The Information Systems Audit and Control Association (ISACA) - Source-http://www.isaca.org

Certifications

Overview

Requirements

Suitable For

Cost

CISA- Certified Information Systems Auditor

The CISA exam measures excellence in IS auditing, control and security. CISA covers six information system audit, control, and assurance or security areas.

1. Must possess a minimum of five years of professional information systems auditing, control or security work experience

2. Pass the CISA exam (approx 200 questions) ISACA uses and reports scores on a common scale from 200 to 800. A candidate must receive a score of 450 or higher to pass the exam.

The CISA credential is ideal for IS/ IT auditor, consultant, IS security professional, regulator, chief information officer and internal auditor, risk manager

Early Registration- Member-$360

Non Member

$480

Final Registration

Member-$410

Non Member

$530

CISM- Certified Information Security Manager

The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services.

1. Must possess minimum of five (5) years of information security work experience, with a

minimum of three (3) years of information security management work experience in three or more of the job practice areas.

2. Pass the CISM exam (approx 200 questions) ISACA uses and reports scores on a common scale from 200 to 800. A candidate must receive a score of 450 or higher to pass the exam.

Specifically, the credential applies to professionals who must maintain a view of the "big picture" by managing, designing, overseeing and assessing an enterprise's information security.

Early Registration- Member-$360

Non Member

$480

Final Registration

Member-$410

Non Member

$530

Global Information Assurance Certification (GIAC)-Source- http://www.giac.org/

Certifications

Overview

Requirements

Suitable For

Cost

The GIAC Security Essentials Certification (GSEC)

The GIAC Security Essentials Certification (GSEC) was created to provide assurance that a certified individual holds the appropriate level of knowledge and skill necessary for anyone with hands on technical responsibilities in the key or essential areas of information security

1. There are two exams including 100 questions for each exam which an applicant must pass.

The GIAC credential is ideal for system administrators, network engineers, security engineers

Total Cost is $800


All GIAC certifications available include the following: Source- http://www.giac.org/

Entry-level/basic pre-requisite:
GIAC Security Essentials Certification (GSEC)


Mid-level specializations:
GIAC Certified Firewall Analyst (GCFW) - have the knowledge, skills, and abilities to design, configure, and monitor routers, firewalls, and perimeter defense systems. Two online exams, each exam contain 75 multiple-choice questions and have a two hour time limit.

GIAC Certified Intrusion Analyst (GCIA) - have the knowledge, skills, and abilities to configure and monitor intrusion detection systems, and to read, interpret, and analyze network traffic and related log files. Two online exams, each exam contains 75 multiple-choice questions and has a two hour time limit

GIAC Certified Incident Handler (GCIH)- have the knowledge, skills, and abilities to manage incidents; to understand common attack techniques and tools; and to defend against and/or respond to such attacks when they occur. Two online exams, each exam contain 75 multiple-choice questions and have a two hour time limit.

GIAC Certified Windows Security Administrator (GCWN) - have the knowledge, skills and abilities to secure and audit Windows systems, including services such as Group Policy, Active Directory, Internet Information Server, IPSec and Certificate Services. Two online exams, each exam contains 75 multiple-choice questions and has a two hour time limit

GIAC Certified UNIX Security Administrator (GCUX)- have the knowledge, skills and abilities to secure and audit UNIX and Linux systems. Two online exams, each exam contain 75 multiple-choice questions and have a two hour time limit.


Senior-level (all specializations, plus additional exams and work):
GIAC Security Engineer (GSE) track

Role-oriented credentials:
GIAC Information Security Officer -- Basic (GISO -- Basic)

GIAC Systems and Network Auditor (GSNA) - have the knowledge, skills and abilities to apply basic risk analysis techniques and to conduct a technical audit of essential information systems. Two online exams, each exam contain 75 multiple-choice questions and has a two hour time limit



Institute of Internal Auditors –Source- http://www.theiia.org/certification/specialty-certifications

Certifications

Overview

Requirements

Suitable For

Cost

CIA - Certified Internal Auditor

Demonstrates knowledge of professional financial auditing practices. Of primary interest to financial professionals responsible for auditing IT practices and procedures, as well as standard accounting practices and procedures to insure the integrity and correctness of financial records, transaction logs and other records relevant to commercial activities.

1. Applicant must hold a bachelor's degree or its equivalent from an accredited college-level institution.

2. Applicant must complete 24 months of internal auditing experience or its equivalent.

3. Pass the CIA exam

which is offered in four parts, each part consisting of 125 multiple-choice questions?

The CIA credential is ideal for internal / IT auditors, financial and accounting professionals

IIA members

Approx cost $400 taking application each exam part ($85), into consideration

Non IIA members

Approx cost

$515

CFSA-

The CFSA measures an individual's knowledge of, and proficiency in, audit principles and practices within the banking, insurance, and securities financial services industries. The exam format offers candidates a choice of three financial services disciplines — banking, insurance and securities.

1. Candidate must have a bachelor's (four-year) degree or educational equivalent

2. Candidate must exhibit high moral and professional character and must submit a character reference form signed by a CFSA, a Certified Internal Auditor (CIA), a CCSA (Certification in Control Self-Assessment), a CGAP (Certified Government Auditing Professional) or the candidate's supervisor

3. A CFSA candidate must obtain two years of auditing experience in a financial services environment

The GIAC credential is ideal for banking, financial services / insurance professionals

The exam consists of 125 multiple-choice questions to be answered in 3 hours, 30 minutes. Regular Exam Fee: US $225
(includes US $50 non-refundable application fee and US $175 test fee)

Retest Exam Fee: US $175
(includes US $175 test fee only)

.

Other certification provided by the Institute of Internal Auditors- Source- http://www.theiia.org/certification/specialty-certifications/cgap/cgap-exam-content/

The Certified Government Auditing Professional (CGAP) is a specialty certification designed for and by public-sector internal auditing practitioners. The exam tests a candidate's knowledge of the unique features of public-sector internal auditing — fund accounting, grants, legislative oversight, confidentiality rights, and more. The program’s broad scope emphasizes the internal auditor’s role in strengthening accountability to the public and improving government services. Candidates must have an appropriate four-year degree or a two-year degree with five years of experience in a public-sector environment, submit a character reference and show proof of at least two years of direct government auditing experience. Candidates need to pass one exam to get certified- which includes 125 multiple-choice questions, covers four domains, and requires a completion time of three and one-half hours.



Microsoft- Source- http://www.microsoft.com/learning/mcp/certifications.mspx

Certifications

Overview

Requirements

Suitable For

Cost

MCSE - Microsoft Certified Systems Engineers

The Microsoft Certified Systems Engineer (MCSE) credential is the premier certification for professionals who analyze the business requirements and design and implement the infrastructure for business solutions based on the Microsoft Windows 2000 platform and Microsoft Windows Server System

1. Core Exams- 5 exams required which includes Four operating system exams. Candidates must pass one exam from each set of operating system exam One design exam. Candidates must pass one exam that provides proof of expertise for design skills for specific Microsoft server technologies.

2. Elective Exams- 2 exams required. The elective exams provide a valid and reliable measure of technical proficiency and expertise in solution design and implementation.

3. Candidates should also have at least one year of experience implementing and administering a network operating system, implementing and administering a client operating system, and designing a network infrastructure

The MCSE certification is appropriate for:

Systems engineers,

Technical support engineers,

Systems analysts, Network analysts and Technical consultants

Exam Cost is $125 per exam

$125 *7( exams required for MCSE certification)

Total: $875

MCSA- The Microsoft Certified Systems Administrator

The Microsoft Certified Systems Administrator (MCSA) credential proves that you have the skills to successfully implement, manage, and troubleshoot the ongoing needs of Microsoft Windows 2000–based operating environments.

1. Candidates should have at least 12 months of experience working with a desktop operating system, a network operating system, and an existing network infrastructure.

2. MCSA candidates are required to pass three core exams and one elective exam.

The MCSA certification is appropriate for:

Systems administrators,

Technical support professionals, Network administrators and Technical consultants

Exam Cost is $125 per exam

$125 *4( exams required for MCSE certification)

Total: $500

MCP- Microsoft Certified Professional

The Microsoft Certified Professional (MCP) credential is for professionals who have the skills to successfully implement a Microsoft product or technology as part of a business solution in an organization.

Candidates are required to pass one current Microsoft certification exam that provides a valid and reliable measure of technical proficiency and expertise.

The MCP certification is appropriate for:

Systems administrators/ engineers/ analysts,

Technical support professionals, Network administrators and Technical consultants

Exam Cost

is $125

A list of other certifications offered by Microsoft-Source- http://www.microsoft.com/learning/mcp/certifications.mspx

MCITP - The Microsoft Certified IT Professional (MCITP) certifications demonstrate comprehensive skills in planning, deploying, supporting, maintaining, and optimizing IT infrastructures.

MCPD - The Microsoft Certified Professional Developer (MCPD) credentials distinguish you as an expert Windows Application Developer, Web Application Developer, or Enterprise Applications Developer. These credentials demonstrate that you can build rich applications that target a variety of platforms using Microsoft .NET Framework 2.0.

Microsoft Certified Architect Program - Microsoft Certified Architect Program targets practicing solutions architects and infrastructure architects who successfully apply frameworks and methodologies to create architecture through the entire IT life cycle.

MCDST - Microsoft Certified Desktop Support Technicians (MCDSTs) have the technical and customer service skills to troubleshoot hardware and software operation issues in Microsoft Windows environments.

MCLC - The Microsoft Certified Learning Consultant (MCLC) credential recognizes MCTs whose job roles have grown to include frequent consultative engagements with customers. These MCTs are experts in designing and delivering customized learning solutions.

MCDBA - Microsoft Certified Database Administrators (MCDBAs) design, implement, and administer Microsoft SQL Server databases.

MCT - Microsoft Certified Trainers (MCTs) are qualified instructors who are certified by Microsoft to deliver Microsoft training courses to IT professionals and developers.

MCAD - Microsoft Certified Application Developers (MCADs) use Microsoft technologies to develop and maintain department-level applications, components, Web or desktop clients, or back-end data services.

MCSD - Microsoft Certified Solution Developers (MCSDs) design and develop leading-edge business solutions with Microsoft development tools, technologies, platforms, and the Microsoft Windows architecture.

Microsoft Office Specialist- Microsoft Office Specialists (Office Specialists) are globally recognized for demonstrating advanced skills with Microsoft desktop software.



CheckPoint- Source- http://www.certexams.com/checkpoint/ccsa/exam-details.htm

Certifications

Overview

Requirements

Suitable For

Cost

CCSA - Check Point Certified Security Administrator

The Check Point Certified Security Administrator (CCSA) certification is designed as a foundation level certification. A CCSA can install and manage some basic tasks of Check Point's VPN-1/FireWall-1.

1. Applicant must pass 1 exam consisting of 60 questions to be answered in 90 minutes. Approx passing % is 70%

CCSA is most suitable for security administrators, network administrators, System administrators

$150

CCSE - Check Point Certified Security Engineer

The CCSE certification is the second tier certification that validates an individual's ability to deploy VPM-1/FireWall-1 in an enterprise environment.

1. Applicant must pass 1 exam consisting of 60 questions to be answered in 90 minutes. Approx passing % is 70%

2. An applicant must possess in-depth knowledge of VPN and encryptions technologies along with the skills necessary to set up a site-to-site VPN and roll out a remote access VPN.

CCSE is most suitable for security engineers and analysts, network engineers, and System engineers

$150

Other certifications by CheckPoint include- Source- http://www.checkpoint.com/services/education/certification/pdf/Training_Certification.pdf

  • CCSA NGX Check Point Certified Security Administrator NGX- prerequisite includes knowledge of TCP/IP and routing fundamentals. Can be used for the following products & technologies VPN-1®, SmartCenterâ„¢, SmartConsole and SmartDefenseâ„¢
  • CCSE NGX Check Point Certified Security Expert NGX-prerequisite includes CCSA NGX. Can be used for the following products & technologies- VPN-1, SmartCenter, SmartConsole, SmartDefense, and ClusterXLâ„¢
  • Accelerated CCSE NGX Check Point Certified Security Expert NGX- prerequisite includes CCSE NG, can be used for the following products & technologies- Check Point NGX platform and technologies.



CISCO- Source- http://www.cisco.com/web/learning/le3/le2/le0/le9/learning_certification_type_home.html

Certifications

Overview

Requirements

Suitable For

Cost

CCNA - Cisco Certified Network Associate

Cisco CCNA certification (Cisco Certified Network Associate) is an entry-level certification of the Cisco Career Certifications Program. It represents a strong foundation and understanding of IP networking and troubleshooting, and is the only exam required to achieve a CCNA Routing and Switching certification.

1. Applicant must pass 1 exam which includes multiple-choice questions, and drag-and-drop questions, as well as simulated router/switch questions.

CCNA is most suitable for network engineers and administrators System engineers, technical support professionals

$125

CCSP - Cisco Certified Security Professional

Cisco Certified Security Professional-CCSP is an advanced-level certification for IT professionals who are actively involved in developing business solutions and designing and delivering multiple levels of security departments. These individuals typically are responsible for designing and implementing Cisco secure networks

1. Applicant must pass 5 exams + be a holder of the CCNA certification

CCSP is most suitable for

Network Security Professionals, Systems Security Professionals, Infrastructure Security Specialists

$750 ($125 for each exam)


Other certifications provided by Cisco includes- Source- http://www.cisco.com/web/learning/le3/learning_career_certifications_and_learning_paths_home.html

Cisco CCIE Security - certifies expertise with specific security protocols and components, as well as IP and IP routing. There are no formal prerequisites for CCIE certification; other professional certifications or training courses are not required. Instead, candidates must first pass a written qualification exam and then the corresponding hands-on lab exam. Candidates are expected to have an in-depth understanding of the topics in the exam blueprints and strongly encouraged to have three to five years of job experience before attempting certification

Cisco CCIE Service Provider - certifies expert-level knowledge and skill for building an extensible Service Provider infrastructure to deliver rich managed services, there are no formal prerequisites for CCIE certification; other professional certifications or training courses are not required. Instead, candidates must first pass a written qualification exam and then the corresponding hands-on lab exam. Candidates are expected to have to have three to five years of job experience before attempting certification

Cisco CCIE Storage Networking - certifies expert-level knowledge of intelligent storage solutions using multiple transport options over long distances. There are no formal prerequisites for CCIE certification; other professional certifications or training courses are not required. Instead, candidates must first pass a written qualification exam and then the corresponding hands-on lab exam. Candidates are expected to have an in- to have three to five years of job experience before attempting certification.

Cisco CCIE Voice - certifies expert-level knowledge of voice-over-IP solutions in the enterprise. There are no formal prerequisites for CCIE certification; other professional certifications or training courses are not required. Instead, candidates must first pass a written qualification exam and then the corresponding hands-on lab exam. Candidates are expected to have an in- to have three to five years of job experience before attempting certification.

CCVP Certification - recognizes the increased importance placed on IT professionals of today who are responsible for integrating voice technology into underlying network architectures. Individuals who earn a CCVP certification can help create a telephony solution that is transparent, scalable, and manageable. Earning a CCVP certification validates a robust set of skills in implementing, operating, configuring, and troubleshooting a converged IP network. The certification content focuses on Cisco Systems CallManager, quality of service (QoS), gateways, gatekeepers, IP phones, voice applications, and utilities on Cisco routers and Cisco Catalyst switches.

CCNP certification validates a network professional's ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 or more nodes. Network Professionals who achieve the CCNP have demonstrated the knowledge and skills required to manage the routers and switches that form the network core, as well as edge applications that integrate voice, wireless, and security into the network.

The CCDP certification indicates advanced or journeyman knowledge of network design. With a CCDP, a network professional can design routed and switched networks involving LAN, WAN, and dial access services, applying modular design practices and making sure the whole solution responds optimally to the business and technical needs and is designed to be highly available.

The CCIP (Cisco Certified Internetwork Professional) provides individuals working in service provider organizations with competencies in infrastructure IP networking solutions. CCIP professionals have detailed understanding of networking technologies in the service provider arena including IP routing, IP QoS, BGP, and MPLS.

CCNP certification validates a network professional's ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 or more nodes. Network Professionals who achieve the CCNP have demonstrated the knowledge and skills required to manage the routers and switches that form the network core, as well as edge applications that integrate voice, wireless, and security into the network.



High Tech Crime Network Certification- Source- http://www.htcn.org/cert.htm

Certifications

Overview

Requirements

Suitable For

Cost

CCCI- Certified Computer Crime Investigator (Basic and Advanced)

The CCCI is one of two computer forensic certifications aimed at law enforcement and private IT professionals seeking to specialize in the investigative side of the field.

1. Basic requirements include two years of experience (or a college degree plus one year of experience),

2. 18 months of investigations experience, 40 hours of computer crimes training and documented experience from at least 10 cases investigated.

3. Advanced requirements bump experience to three years

4. Four years of investigations, 80 hours of training and involvement as a lead investigator in 20 cases with involvement in over 60 cases overall.

The CCCI is suitable for law enforcement professionals,

private IT professionals,

crime investigators

$500 for Basic

$500 for Advanced

CCFT-The Security Certified Network Specialist (Basic and Advanced)

The CCFT is one of two computer forensic certifications aimed at law enforcement and private IT professionals seeking to specialize in the investigative side of the field.

1.Basic requirements include two years of experience (or a college degree plus one year of experience)

2.18 months of investigations experience, 40 hours of computer crimes training and documented experience from at least 10 cases investigated.

3. Advanced requirements bump experience to three years

4. Four years of investigations, 80 hours of training and involvement as a lead investigator in 20 cases with involvement in over 60 cases overall.

The CCFT is

suitable for law enforcement professionals,

private IT professionals,

crime investigators, military / defense officers

$500 for Basic

$500 for Advanced

Other Certifications available include the following-

IICTC-CIFI -- Computer Information Forensics Investigator
The CIFI identifies senior management personnel, law enforcement officer, IT professionals, lawyers and others, who capable of finding and detecting weaknesses and vulnerabilities in computer systems and networks by using specific tools and related knowledge. It is also provide related personnel in searching the source of criminal documents and digital materials to effectively collect and handle process and preserve computer forensics evidence. To obtain CIFI certification, a candidate needs to successfully complete one exam.
Source: International ICT Council

CEECS -- Certified Electronic Evidence Collection Specialist Certification
The CEECS identifies individuals who successfully complete the CEECS certification course. No prerequisites are required to attend the course, which covers the basics of evidence collection in addition to highly technical terminology, theories and techniques.
Source: International Association of Computer Investigative Specialists

CFCE -- Certified Forensic Computer Examiner
The International Association of Computer Investigative Specialists (IACIS) offers this credential to law enforcement and private industry personnel alike. Candidates must have broad knowledge, training or experience in computer forensics, including forensic procedures and standards, as well as ethical, legal and privacy issues. Certification includes both hands-on performance-based testing as well as a written exam.
Source: International Association of Computer Investigative Specialists

CERI-CFE -- Computer Forensic Examination
The CERI-CFE seeks to identify law enforcement officials with basic computer crime investigation experience and training. Requirements include two years of computer investigation/debugging, one year of Microsoft platform analysis, six months of non-Microsoft platform analysis, 40 hours of approved training, a written exam and successful completion of hands-on exercises.
Source: Cyber Enforcement Resources Inc.

CERI-ACFE -- Advanced Computer Forensic Examination
The CERI-ACFE seeks to identify law enforcement officials with advanced computer crime investigation experience and training. Requirements include two years of computer investigation/debugging, four years of Microsoft platform analysis, two years of non-Microsoft platform analysis, 80 hours of approved training, a written exam and successful completion of hands-on exercises.
Source: Cyber Enforcement Resources Inc.

CCE -- Certified Computer Examiner
The CCE, offered by the Southeast Cybercrime Institute at Kennesaw State University in partnership with Key Computer Service, seeks to identify individuals with no criminal record who have appropriate computer forensics training or experience, including evidence gathering, handling and storage. In addition, candidates must pass an online examination and successfully perform a hands-on examination on three test media.
Source: Key Computer Service

IISFA -- Certified Information Forensics Investigator
obtaining the credential of Certified Information Forensics Investigator requires adherence to a code of ethics, successful completion of a rigorous exam and fulfillment of specific experience requirements. Aimed at full-time professional practitioners, this certification is vendor-neutral and devoid of sponsored training requirements or the use or purchase of specific products.
Source: International Information Systems Forensics Association

CSFA -- CyberSecurity Forensic Analyst
The CSFA aims to identify individuals who are interested in information technology security issues, especially at the hardware level. Prerequisites include at least one certification in computer and software support, networking or security (such as CompTIA's A+, Microsoft's MCSA or MCSE, or Cisco's CCNA), successful completion of an introductory and an advanced computer forensics course offered through the CyberSecurity Institute and no criminal record.
Source: CyberSecurity Institute

CHFI-Computer hacking forensic investigation
The CHFI is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information. The EC-Council recommends that candidates take a five-day training course to prepare for the exam. The CHFI course will benefit- law enforcement personnel, defense and military personnel, legal professionals, government agencies, IT managers and banking, insurance professionals.
Source: EC-Council

BCF -- Computer Forensics (U.S.) - Source: Brainbench
The Computer Forensics (U.S.) certification is designed for experienced individuals who can analyze and collect evidence, recognize data types, follow proper examination procedures and initial analysis, use forensic tools, prepare for
an investigation and report findings.



Prosoft – Source- http://www.ciwcertified.com/certifications/mced.asp

Certifications

Overview

Requirements

Suitable For

Cost

The CIW-Master Administrator

Master CIW Administrators configure, manage and deploy e-business solutions servers; design and management of enterprise TCP/IP networks; and deploy e-business and network security solutions.

1.There are four exams which the applicant needs to pass-

-CIW Foundations

-CIW Server Administrator

-CIW Internetworking Professional

-CIW Security Professional

CIW certification covers job roles in network administration, security, application development, & programming,

Total Cost is $500 ($125 per exam)

Other Certifications by Prosoft include- Source- http://www.ciwcertified.com/certifications/mced.asp

CIW Security Analysts configure, manage and deploy e-business solutions servers; and implement e-business and network security solutions. This CIW certification is applicable for network administrators and security professionals. CIW Security Analyst certification provides focused and streamlined validation of further proficiency in areas pertaining to systems security. CIW Security Analyst certification also demonstrates mastery of core vendor-neutral security skills combined with specialization in chosen software environments.

CIW Associates have mastered the fundamental knowledge and skills required to work in an Internet technology-enabled environment. These foundational skills include basic knowledge of Internet technologies such as Web browsers, FTP and e-mail; Web page authoring using Extensible Hypertext Markup Language (XHTML); basic infrastructure networking, and project management. CIW Associate certification is valuable for individuals working in fields such as sales, business development, advertising, technical recruiting and other areas that depend on Web-enabled systems for productivity.

CIW Professionals have certified their knowledge and skills in a specific IT discipline. This mid-level CIW job-role certification validates the certificant's knowledge in foundational IT skills as well as more advanced skills in a job role of choice. CIW Professional certifications are best suited to individuals who are now performing jobs or pursuing careers in mid-level technical positions. The candidate must pass two CIW exams to become a CIW Professional. CIW Associate certification is required to qualify for any CIW Professional certification.

Master CIW Designers develop and maintain Web sites using authoring and scripting languages, create content and digital media, and employ standards and technologies for both business-to-business and business-to-consumer e-commerce Web sites. Master CIW Designer certification can lead to a successful career as a Web designer, creative director, Web marketing/ business specialist or art director. Candidates must pass three required CIW exams to become a Master CIW Designer.

Master CIW Web Site Managers can manage Web servers and maintain Web sites for small, medium and large enterprises. Master CIW Web Site Manager Certification can lead to a successful career as a Webmaster, intranet or extranet Web administrator, or Internet project manager. The candidate must pass five required CIW exams to become a Master CIW Web Site Manager.

Master CIW Enterprise Developers build n-tier database and legacy connectivity solutions for Web applications using Java, Java APIs, Java Database Connectivity (JDBC) solutions, middleware tools, and distributed object models such as CORBA/ORB and IIOP. Master CIW Enterprise Developer certification can lead to a successful career as a database developer and administrator, Internet application developer, middleware programmer, Java developer and client/server developers. The candidate must pass seven required CIW exams to become a Master CIW Enterprise Developer.



TruSecure- Source- https://ticsa.trusecure.com/

Certifications

Overview

Requirements

Suitable For

Cost

ICSA- Certified Security Associate

The TruSecure ICSA Certified Security Associate (TICSA) certification is the industry's most practical, vendor-neutral measurement of proficiency and growth designed to validate and improve foundation-level IT security skills for network and computer systems administrators, audit personnel, and other IT-oriented professionals.

1.Must possess at least two years experience in network security administration, or can demonstrate attendance of at least 48 hours of approved computer security training or coursework (within a 24-month period)

2. Pass the ICSA exam consisting of 70 questions within given time of 90 minutes.

ICSA is most suitable for network and computer systems administrators, audit personnel, and other IT-oriented professionals.

$295

CompTIA- Source- http://certification.comptia.org/

Certifications

Overview

Requirements

Suitable For

Cost

CompTIA Security+ Certification

CompTIA Security+ validates knowledge of communication security, infrastructure security, cryptography, operational security, and general security concepts.

1.Must possess at least two years experience in network security

2. Pass the CompTIA exam.

CompTIA Security+ is most suitable for network, security professionals and engineers, and other IT-oriented professionals.

Members

$149

Non Members

$199

Other CompTIA certifications include-Source-http://certification.comptia.org/

CompTIA A+ certification validates the latest skills needed by today’s computer support professionals. It is an international, vendor-neutral certification recognized by major hardware and software vendors, distributors and resellers. CompTIA A+ confirms a technician's ability to perform tasks such as installation, configuration, diagnosing, preventive maintenance and basic networking. The exams also cover domains such as security, safety and environmental issues and communication and professionalism

CompTIA Network+ validates the knowledge and skills of networking professionals. It is an international, vendor-neutral certification that recognizes a technician's ability to describe the features and functions of networking components and to install, configure and troubleshoot basic networking hardware, protocols and services. Although not a prerequisite, it is recommended that CompTIA Network+ candidates have at least nine months of experience in network support or administration or adequate academic training, along with a CompTIA A+ certification.

CompTIA Server+ validates the knowledge and skills of advanced IT technicians. It is an international, vendor-neutral certification for individuals with 18-24 months of experience with Industry Standard Server Architecture (ISSA) technology. CompTIA Server+ certifies technical knowledge in areas such as RAID, SCSI and multiple CPUs, as well as capabilities with server issues, including disaster recovery. Although not a prerequisite, it is recommended that CompTIA Server+ candidates hold a CompTIA A+ certification.

CompTIA Linux+ is a vendor-neutral certification, generic across distributions, that validates the knowledge of individuals with a minimum of six to twelve months of practical Linux experience. Professionals holding the CompTIA Linux+ credential can explain fundamental management of Linux systems from the command line, demonstrate knowledge of user administration, understand file permissions, software configurations, and management of Linux-based clients, server systems and security.

CompTIA Convergence+ validates the knowledge and skills in the area of Communications Technologies (CT), where datacomm, telephony/telecommunications, video and broadcast multimedia technologies combine into a single IP-based delivery system. It is an international, vendor-neutral certification that recognizes a technician's ability to design, implement and manage both data and voice networking.

CompTIA CTT+ certification is the credential recognizing excellence in instruction. It is a vendor-neutral certification that is applicable to training professionals in all industries. CompTIA CTT+ proves the mastery of core instructor skills, including preparation, presentation, communication, facilitation and evaluation in a classroom environment.

CompTIA Project+ is a globally recognized project management certification that provides validation of fundamental project management skills. It covers the entire project life cycle from initiation and planning through execution, acceptance, support and closure. Unlike some project management certifications, CompTIA Project+ can be acquired in a quick and cost-effective manner. There are no prerequisites, and candidates are not required to submit an application or complete additional hours of continuing education.

The CompTIA Certified Document Imaging Architech (CDIA+) credential validates the knowledge of professionals who deliver document imaging solutions. It is a vendor-neutral certification that proves expertise in the technologies and best practices used to plan, design, and specify a document imaging, management system.



Security Certified Program- Source- http://www.securitycertified.net/

Certifications

Overview

Requirements

Suitable For

Cost

SCNP-The Security Certified Network Professional

The Security Certified Network Professional (SCNP) program focuses on the required elements of securing a network, such as securing Windows and Linux systems.

1. The SCNP certification requires that candidates hold a SCNS credential, in good standing

2. Pass the SCNP exam which consists of 60 questions to be answered within 90 minutes. Passing score is 75%

SSNP is most suitable for network, security professionals and engineers, and other IT-oriented professionals.

SCNS

Exam -$179

SCNP Exam - $179

SCNS-The Security Certified Network Specialist

The Security Certified Network Specialist (SCNS) program focuses on the critical defensive technologies that are the foundation of securing network perimeters, such as firewalls, intrusion detection, and router security.

1. The SCNS certification requires that candidates to hold a certification in ComTIA Security+ or have equivalent experience

2. Pass the SCNS exam which consists of 60 questions to be answered within 90 minutes. Passing score is 75%

SSNS is most suitable for network, professionals and engineers, and other IT-oriented professionals.

SCNS

Exam -$179

American Society for Industrial Security (ASIS International)- Source- http://www.asisonline.org

Certifications

Overview

Requirements

Suitable For

Cost

PSP-Physical Security Professional

The PSP program focuses on matters relevant to maintaining security and integrity of the premises, and access controls over the devices and components of an IT infrastructure. Key topics covered include physical security assessment and selection and implementation of appropriate integrated physical security measures.

1. Candidates must have at least five years of experience in physical security

2. High school diploma or GED equivalent

3. The applicant must not have been convicted of any criminal offense that would reflect negatively on the security profession, ASIS, or the certification program.

The physical security examination is targeted to security professionals whose primary responsibility is to conduct threat surveys; design integrated security systems that include equipment, procedures, and people; or install, operate, and maintain those systems

The PSP exam consists of 140 multiple-choice questions. Only 125 of the 140 questions are scored.

Exam fee-

$200 for members

$250 for non-members

PCI- Professional Certified Investigator

The PCI certification concentrates on testing individuals' knowledge of legal and evidentiary matters required to present investigations in a court of law, including case management, evidence collection and case presentation.

1. Five (5) years of investigations experience, with at least two (2) years in case management

2. A high school diploma or GED equivalent.

3. The applicant must not have been convicted of any criminal offense that would reflect negatively on the security profession, ASIS, or the certification program

The investigations examination is targeted to security professional whose primary responsibility is to conduct investigations.

Exam fee-

$200 for members

$250 for non-members

Other certification offered by American Society for Industrial Security (ASIS International)- http://www.asisonline.org

CPP -- Certified Protection Professional
CPP demonstrates a thorough understanding of physical, human and information security principles and practices. CPP requires extensive on-the-job experience (nine years or seven years with a college degree), as well as a profound knowledge of technical and procedural security topics and technologies. Only those who have worked with and around security for some time are able to qualify for this credential. The CPP exam consists of 200 multiple-choice questions covering tasks, knowledge, and skills in eight broad subjects identified by CPP.

Other Vendors offering security certifications are

CEH - Certified Ethical Hacker- Source
The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker. The EC-Council recommends that candidates take a five-day training course to prepare for the exam. Source:EC-Council

ECSA -- EC-Council Certified Security Analyst
The ECSA identifies security professionals capable of using advanced methodologies, tools and techniques to analyze and interpret security tests. Candidates must pass a single exam to achieve certification. The EC-Council recommends that candidates take a five-day training course to prepare for the exam. Source:EC-Council

NSA -- EC-Council Network Security Administrator
The EC-Council's NSA certification looks at the network security in defensive view while the CEH certification program looks at the security in offensive mode. The NSA program is designed to provide fundamental skills needed to analyze the internal and external security threats against a network, and to develop security policies that will protect an organization’s information. Students will learn how to evaluate network and Internet security issues and design, and how to implement successful security policies and firewall strategies. In addition, they will learn how to expose system and network vulnerabilities and defend against them. One exam is required. Source:EC-Council

CNDA -- Certified Network Defense Architect
The CNDA Program certifies individuals in the specific network security discipline of Network Defense from a vendor-neutral perspective. The Certified Network Defense Architect certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Network Defense Architect is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker. One exam is required. Source:EC-Council

Licensed Penetration Tester (LPT)
The LPT is a natural evolution and extended value addition to its series of security related professional certifications. The Licensed Penetration Tester standardizes the knowledge base for penetration testing professionals by incorporating the best practices followed by experienced experts in the field. Prerequisites include EC-Council's CEH and ECSA certifications, and candidates must submit an LPT application, endorsement by a sponsoring agency, proof of a clean background check, detailed resume and an agreement to abide by a code of ethics. In addition, candidates must attend a three-day LPT training program through an EC-Council accredited training center.
Source: http://www.eccouncil.org/lpt/Licensed_Penetration_Tester.htm



RSA Security –Source- http://www.rsa.com/node.aspx?id=1002

RSA/CSE - RSA Certified Systems Engineer
Requires: 1 Exam
Approximate Cost = $150

RSA/CA - RSA Certified Administrator
Requires: 1 Exam
Approximate Cost = $150

RSA/CI - RSA Certified Instructors
Requires: CSE or CA Cert + Workshop
Approximate Cost = $300 ($150 per exam)

BrainBench- Source- http://www.brainbench.com/

BIS - Brainbench Internet Security Certification
Requires: 1 Exam
Approximate Cost = $25

BNS - Brainbench Network Security Certification
Requires: 1 Exam
Approximate Cost = $25

Learning Tree- Source- http://www.learningtree.com/certification/7025.htm

NSCP - Network Security Certified Professional
Requires: 3 Core Courses, 1 Elective Course and associated exams
Approximate Cost = $937- $2645

EWSCP -- Enterprise and Web Security Certified Professional
The EWSCP program is valuable for systems administrators, managers and IT support personnel, among others, who are responsible for the security of enterprise-wide networks, VPNs and Web communications. To obtain this certification, candidates must attend three core courses and one elective course, and pass all associated exams.
Source: Learning Tree International


The Linux Professional Institute- Source-http://www.lpi.org/en/lpi/english/certification

The Linux Professional Institute Certification (LPIC) program is designed to certify the competency of IT professionals using the Linux operating system and its associated tools. It is designed to be distribution neutral, following the Linux Standard Base and other relevant standards and conventions.

Junior Level Linux Professional (LPIC-1)-

Overview of Tasks: To pass Level 1 someone should be able to:

  • Work at the Linux command line
  • Perform easy maintenance tasks: help out users, add users to a larger system, backup & restore, shutdown & reboot
  • Install and configure a workstation (including X) and connect it to a LAN, or a stand-alone PC via modem to the Internet.

Advanced Level Linux Professional (LPIC-2)-

Overview of Tasks: To pass Level 2 someone should be able to:

  • Administer a small to medium-sized site
  • Plan, implement, maintain, keep consistent, secure, and troubleshoot a small mixed (MS, Linux) network, including a:
    • LAN server (samba)
    • nternet Gateway (firewall, proxy, mail, news)
    • Internet Server (webserver, FTP server)
  • Supervise assistants
  • Advise management on automation and purchases

Senior Level Linux Professional (LPIC-3 “Core” and LPI Specialty)

Overview of Tasks: to pass LPIC-3 “Core” someone should:

  • Have several years experience with installing and maintaining Linux on a number of computers for various purposes
  • Have integration experience with diverse technologies and operating systems
  • Have professional experience as, or training for, an enterprise level Linux professional. (Including having experience as a part of another role)
  • Know advanced and enterprise levels of Linux administration including installation, management, security, troubleshooting and maintenance
  • Be able to use open source tools to measure capacity planning and troubleshoot resource problems
  • Have professional experience using LDAP to integrate with Unix services and Windows services, including Samba, PAM, email, Active Directory
  • Be able to plan, architecture, design, build and implement a full environment using Samba and LDAP as well as measure the capacity planning and security of the services
  • Be able create scripts in Bash or Perl or has knowledge of at least one system programming language (such as C)

Overview of Tasks: to pass LPI 302 (Mixed Environment) Specialty someone should:

  • Have necessary skills and experience as outlined in LPIC-3 “Core” exam
  • Have professional experience using Samba to integrate file and print services with Windows, including user management, domain control, security and performance tuning
  • Be able to plan, architecture, design, build and implement a complete multi-user environment using Samba





Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.