Certified Information Systems Security Professional

Certification: ISC CISSP - Certified Information Systems Security Professional

---

Certification Overview

CISSP is the most demanding credential in the information security industry today. This certification is now needed by most organizations which are security conscious. CISSP certification has set the standard for information security expertise. CISSP certified individuals are considered to have very sound knowledge and experience to manage and design the total security structure of a company.CISSP certified professionals act as a middle man between higher management and IT specialist. They are responsible for guiding their teams, hold meeting with senior managers regarding security issues, acting proactively on security matters and responding well to critical security conditions. CISSP professionals also set the procedures and policies for making sure that correct processes and systems are available to safeguard information from sudden threats.

Who need to do this certification?

The CISSP certification training is most appropriate for the future security leaders. Security professionals who want to progress and shine in their field should definitely aim for this certification. CISSP certification opens opportunities for job roles like Chief Information Security Officer, Security Director, Security Consultant and Network Architect.

Benefits

CISSP certification promises higher salary, promotion and recognition. CISSP certification also allows professionals to become part of the prestigious CISSP family. They can share knowledge with global security experts and always remain updated with industry best practices. CISSP certification increases chance of getting a better job with career advancing prospects.

Associated Exams

Obtaining pass mark in the written exam is mandatory to attain the CISSP certification. CISSP certification training is readily available to help candidates preparefor the certification CISSP exam.

Prerequisites

Five years of full time experience in two subject areas of information security is required for the CISSP certification.

Examination Overview

Certification CISSP proves that the individual is able to handle all parts of information security in a company from strategy building to managing security aspects of the business. The certification CISSP exam consists of ten domains. The candidates are required to have experience with at least two of these ten domains in order to be eligible for the CISSP certification program. These ten domains are:

• Access Control –discusses the mechanism which builds the security architecture of a company.
• Telecommunications and Network Security – discusses the various methods of transmission, network structures, and formats of security measures, the various communication channels, and network components leading to network attacks.
• Information Security Governance and Risk Management: tests the candidates’ understanding of security policy and governance, the various contractual agreements, concepts of risk management, personnel security, etc.
• Software Development Security – candidates are required to demonstrate their knowledge on Systems Development Life Cycle, various security controls, and application security.
• OperationsSecurity – includes topics like resource protection, attack prevention and vulnerability management.
• Cryptography – this section includes topics like concepts of Encryption, Digital Signatures, alternatives and information hiding, Cryptanalytic Attacks, etc.
• Security Architecture and Design – candidates must understand the basic Security Model concepts, virtualization, memory protection, cloud computing, dealing with threats, etc.
• Business Continuity and Disaster Recovery Planning – covers impact analysis of business, strategies to recover normal business operation, processes for disaster recovery, etc.
• Legal, Compliance, Investigations and Regulation – covers the legal issues related to information security, including investigations and forensic procedures.
• Physical Security – covers Perimeter Security, Facilities Security, Site Security, and Internal Security.

CISSP text books and boot camps are good tools for exam preparation. The CISSP text book contains complete explanation of the ten domains covered in the CISSP certification exam. These books also contain practice tests and tips for doing well in the exam. Practice tests are very effective as it brings out the strong and weak sides of the candidates. After identifying the weak areas, the candidates can make a plan to improve those areas. Video tutorials and other online materials are also excellent tools for the exam. Candidates can also attend a CISSP training program to enhance their knowledge.

Validity of certification

The CISSP certification requires recertification within a cycle of three years. Giving the written exam again can fulfil the requirement of recertification. Another way to recertify the certification is to earn 120 credits of CPE. CPEs can be earned by providing lectures, attending in seminars, participating in training programs, conducting voluntary activities, etc. All these activities must be relating to information security.

Expert Review

CISSP exam materials of training institutions are regularly updated, and are in align with the latest objectives of the exam. Participating in CISSP training programs of these institutions thus increases the success rate of the exam.

Hugh Martin

Security Analyst, InfoSec Ltd.

London, UK

---

Related IT Guides

1. CISSP
2. Get ISC2 CISSP Certification
3. Getting ISC2 CISSP Certification
4. How to pass IS2C CISSP exams?
5. ISC2 CISSP
6. ISC2 CISSP Certification