International Information Systems Security Certification Consortium, Inc. (ISC)²
CISSP Certification Training Program
Overview
The CISSP certification is governed by the
International Information Systems Security Certifications Consortium (ISC)²
and is universally recognized as key component in the selection process for management-level
information security positions.
Certified Information Systems Security Professional (CISSP)
is an independent information security certification governed by the International Information Systems
Security Certification Consortium (commonly known as (ISC)²). As of April 11, 2007, (ISC)²
has reported certifying 48,598 information security professionals in more than 120 countries.
In June, 2004, the CISSP program earned the
ANSI ISO/IEC Standard 17024:2003 accreditation,
the first IT certification to have done so. It is formally approved by the U.S. Department of Defense
(DoD) in both their Information Assurance Technical (IAT) and Managerial (IAM) categories.
The CISSP has been adopted as a baseline for the U.S. National Security Agency's ISSEP program, which
further extends the CISSP significantly.
The CISSP credential is ideal for mid- and senior-level managers who are working toward or have already
attained positions as CISOs, CSOs or Senior Security Engineers.
The Network Learning Institute Difference
Network Learning Institute’s custom CISSP (Certified Information Systems Security Professional)
certification materials are always up to date and focused on the latest exam objectives. With our evening
college teaching format our CISSP training equips you with the knowledge and expertise you need to successfully
understand the material and pass the CISSP certification exam.
Our CISSP program focuses on training and exam preparation. This course is not a boot camp and therefore can effectively focus on
training and exam preparation. The course will include in-depth teaching of the entire common body of knowledge (CBK), and practical question
and answer scenarios.
Network Learning Institute is focused on delivering high quality training programs that prepare students with the knowledge they need to succeed with
the certification they earn.
The CISSP has clearly emerged as the key certification for security professionals. In fact, an informal survey of information security jobs on a major employment
web site revealed that over 70% of the positions required CISSP certification. Corporations are demanding experienced information security professionals, with
the certifications to prove it, to protect their information and assets.
The CISSP course will expand upon your security knowledge by addressing the essential elements of the 10 domains as designated by (ISC)⊃2 for information
systems security professionals. The course offers a job-related approach to the security process, while providing the basic skills required to prepare for CISSP
certification.
- Certification subject matter
The CISSP curriculum covers subject matter in a variety of Information Security topics. The CISSP examination is based on what (ISC)²
terms the Common Body of Knowledge (or CBK).
According to (ISC)²,
"The CISSP CBK is a taxonomy -- a collection of topics relevant to information security professionals around the world. The CISSP CBK
establishes a common framework of information security terms and principles that allow information security professionals worldwide to discuss,
debate and resolve matters pertaining to the profession with a common understanding."
The CISSP CBK is fundamentally based on the CIA triad,
"The core information security and assurance tenets: confidentiality, integrity and availability"
, and attempts to balance the three across ten areas of interest, which are also called domains.
The ten CBK domains are:
- Access Control
- Categories and Controls
- Control Threats and Measures
- Application Security
- Software Based Controls
- Software Development Lifecycle and Principles
- Business Continuity and Disaster Recovery Planning
- Response and Recovery Plans
- Restoration Activities
- Cryptography
- Basic Concepts and Algorithms
- Signatures and Certification
- Cryptanalysis
- Information Security and Risk Management
- Policies, Standards, Guidelines and Procedures
- Risk Management Tools and Practices
- Planning and Organization
- Legal, Regulations, Compliance and Investigations
- Major Legal Systems
- Common and Civil Law
- Regulations, Laws and Information Security
- Operations Security
- Media, Backups and Change Control Management
- Controls Categories
- Physical (Environmental) Security
- Layered Physical Defense and Entry Points
- Site Location Principles
- Security Architecture and Design
- Principles and Benefits
- Trusted Systems and Computing Base
- System and Enterprise Architecture
- Telecommunications and Network Security
- Network Security Concepts and Risks
- Business Goals and Network Security
Benefits of (ISC)² CISSP Certification to the Enterprise
- Establishes a standard of best practices
- Offers a solutions-orientation, not specialization, based on the broader understanding of the (ISC)2 CBK.
- Allows access to a network of global industry and subject matter/domain experts.
- Adds to credibility with the rigor and regimen of the certification examinations.
- Provides a business and technology orientation to risk management.
Register for (ISC)² CISSP Training
The CISSP certification also provides information security professionals with the credential that acknowledges the skill set that they want to offer to employers.
Today, a greater demand is put on security as an integral part of corporate success. This, in turn, increases the demand for highly skilled security professionals.
The CISSP certification signifies an individual’s technical and theoretical security expertise and distinguishes that individual from the rest.
Benefits of (ISC)² Certification to the Professional
- Demonstrates a working knowledge of information security.
- Confirms a track record in the profession.
- Offers a career differentiator, with enhanced credibility and marketability.
- Provides access to valuable resources such as peer networking and idea exchange
Promotion
(ISC)² promotes the CISSP certification as the "international gold standard" against which other security certifications are measured.
IT professionals with security expertise are often in high demand, and the CISSP is one metric by which that expertise can be demonstrated.
In 2005, CertMag surveyed 35,167 IT professionals in 170 countries on compensation and found that CISSPs led their list of certificates ranked by
salary, with the Certified Information Systems Security Management Professional (CISSP-ISSMP) program drawing $116,970 annually and the Certified
Information Systems Security Architecture Professional (CISSP-ISSAP) earning $111,870.”
A 2006 Certification Magazine salary survey also ranked the CISSP credential highly at $94,070 per year, and ranked CISSP concentration certifications
as the top best paid credentials in IT, with CISSP-ISSAPs averaging at $114,210 per year and CISSP-ISSMP at $111,280 per year. These numbers correlate
with compensation advantages enjoyed by IT security professionals in general, as well as with advantages accruing to the seniority and management roles that
intersect with the concentration certificates.
Specialized concentrations
Experienced information security professionals with an (ISC)² credential in good standing can progress to meet requirements for
(ISC)² Concentrations to demonstrate further knowledge of select CBK domains. A passing score on a concentration examination is intended to
demonstrate proven capabilities and subject-matter expertise beyond that required for the CISSP.
Current concentrations for CISSPs include the
- Information Systems Security Architecture Professional (ISSAP), Concentration in Architecture
- Information Systems Security Engineering Professional (ISSEP), Concentration in Engineering
- Information Systems Security Management Professional (ISSMP), Concentration in Management
Register for (ISC)² CISSP Training
