Security CertificationDavid Cass, CISSP, NSA-IAM

Why Security Certification

Professional validation of skills

• exposure to industry standards

• best practices

• baseline skills for a specific role

Why Security Certification

Internal & External Value

• Credible advice & support

• Quality of work & productivity

• Differentiation of your organization or group

• Culture of excellence

Why Security Certification

Certification:

• Not a substitute for years of experience

Which certifications are right for my organization?

Organizational Needs Assessment:

• Roles & Responsibilities

• Experience

• Types of Infrastructure equipment supported

Security Certifications

Classifications:

• Benchmark– Wide recognition by professionals in all sectors– Advanced level– Prerequisite for many senior jobs

• Foundation– Introductory certifications– One to four years of experience

Security Certifications

Classifications:

• Intermediate– 3 to 4 years of networking experience– 2 years of IT Security experience

• Advanced– Expert level – Minimum of 4 years of IT Security experience

Security Certifications

•Vendor and Product Specific– Hardware/ software dependent– Range from intro to expert or advanced levels– Examples include: Cisco, Check Point, Symantec, Tivoli,

Microsoft, and others

Security Certifications

Benchmark certifications:

• CISSP– isc2.org– Common Body of Knowledge

– Access Control Systems and Methodology

– Applications & Systems Development

– Business Continuity Planning

– Cryptography

– Law, Investigation & Ethics

Security Certifications

Benchmark:

•CISSP– Common Body of Knowledge

– Operations Security

– Physical Security

– Security Architecture & Models

– Security Management Practices

– Telecommunications, Network & Internet Security

Security Certifications

Benchmark:

• Certified Information Systems Auditor (CISA)– isaca.org– IT audit community– Covers:

– Management, planning and organization of IS

– Technical infrastructure and operational practices

– Protection of Information Assets

– Disaster Recovery and Business Continuity

Security Certifications

Benchmark:

• Certified Information Systems Auditor (CISA)– Covers:

– Business Application Systems Development, Acquisition, Implementation and Maintenance

– Business Process Evaluation and Risk Management

– IS Audit Process

Security Certifications

Foundation level:

• Security+– CompTIA– Focus on basic architecture, business, and products– Covers:

– General Security Concepts

– Communications Security

– Infrastructure Security

– Basics of Cryptography

– Operational/Organizational Security

Security Certifications

Foundation level:

• TICSA Certified Security Associate by Trusecure– Network admins, and entry level audit personnel– Focus on architecture and products– Covers:

– Security Practices and Procedures

– Security Fundamentals

– TCP/IP Networking Fundamentals

– Firewall Management Fundamentals

– Detection, Response & Recovery

Security Certifications

Foundation level:

• TICSA Certified Security Associate by Trusecure– Covers:

– Administration & Maintenance Fundamentals

– Design & Configuration Basics

– Malicious Code Fundamentals

– Law, Ethics, and Policy

– Authentication Fundamentals

– Cryptography Basics

Security Certifications

Foundation level:

SANS

• GIAC Security Essentials (GSEC)– Basic understanding of the CBK– Basic skills to incorporate good infosec practices

• GIAC IT Security Audit Essentials– Developing audit checklists– Perform limited risk assessment

Security Certifications

Foundation level:

• SSCP (Systems Security Certified Practitioner)– isc2– Covers:

– Access Controls

– Administration

– Audit and Monitoring

– Risk, Response, and Recovery

– Cryptography

– Data Communications

– Malicious Code/Malware

Security Certifications

Intermediate level:

• National Security Agency Infosec Assessment Methodology– NSA-IAM– NSA process for identifying and correcting security

weaknesses in information systems and networks

• GIAC Systems and Network Auditor (GSNA)– Apply risk analysis techniques– Conduct technical audits

Security Certifications

Intermediate level:

• CIW Security Analyst Certification– Deployment of e-business transaction and payment security

solutions– Implementing e-business security policies

• GIAC Certified Windows Security Administrator (GCWN)– Secure and audit Windows systems

• GIAC Certified UNIX Security Administrator (GCUX)– Secure and audit UNIX and Linux systems

Security Certifications

Intermediate level:

GIAC Specializations

• Firewall Analyst

• Forensic Analyst

• Incident Handler

Security Certifications

Advanced level:

• Certified Information Systems Security Professional (CISSP)– isc2: CBK– Additional concentrations:

– Information Systems Security Engineering Professional

– Information Systems Security Management Professional

– Information Systems Security Architecture Professional

Security Certifications

Advanced level:

• Certified Information Systems Auditor– Information Systems Audit and Control Association– Globally accepted standard IS Audit and Control

Security Certifications

Vendor Specific:

Cisco:

• Cisco Certified Security Professional (Intermediate)

• Cisco Certified Internetwork Expert Security (Advanced)

Check Point:

• Check Point Certified Security Administrator (Foundation)

• Check Point Certified Security Expert (Advanced)

References & Resources

• (isc)2 = International Information Systems Security Certifications Consortium, Inc.

– https://www.isc2.org

• Information Systems Audit and Control Association– http://www.isaca.org

• SANS & Global Information Assurance Certification– http://www.giac.org/subject_certs.php

• Certification Magazine– http://certmag.com

References & Resources

• CIW Certified– http://www.ciwcertified.com

• Cisco– http://cisco.com

• Check Point– http://checkpoint.com

• CSO Magazine– http://csoonline.com

The End

For Additional Information:

David.Cass.wt06@wharton.upenn.edu