ebooksgratis.com

See also ebooksgratis.com: no banners, no cookies, totally FREE.

CLASSICISTRANIERI HOME PAGE - YOUTUBE CHANNEL
Privacy Policy Cookie Policy Terms and Conditions
Certified Information Systems Security Professional - Wikipedia, the free encyclopedia

Certified Information Systems Security Professional

From Wikipedia, the free encyclopedia

Certified Information Systems Security Professional (CISSP) is an independent information security certification governed by the International Information Systems Security Certification Consortium (commonly known as (ISC)²). As of April 11, 2007, (ISC)² has reported certifying 48,598 information security professionals in more than 120 countries.[1] In June, 2004, the CISSP program earned the ANSI ISO/IEC Standard 17024:2003 accreditation, the first IT certification to have done so.[2] It is formally approved by the U.S. Department of Defense (DoD) in both their Information Assurance Technical (IAT) and Managerial (IAM) categories.[3] The CISSP has been adopted as a baseline for the U.S. National Security Agency's ISSEP program, which further extends the significance of the credential.[4]

Contents

[edit] Certification subject matter

The CISSP curriculum covers subject matter in a variety of Information Security topics. The CISSP examination is based on what (ISC)² terms the Common Body of Knowledge (or CBK). According to (ISC)², "the CISSP CBK is a taxonomy -- a collection of topics relevant to information security professionals around the world. The CISSP CBK establishes a common framework of information security terms and principles that allow information security professionals worldwide to discuss, debate and resolve matters pertaining to the profession with a common understanding."[5]

The CISSP CBK is fundamentally based on the CIA triad, the core information security and assurance tenets: confidentiality, integrity and availability[6] , and attempts to balance the three across ten areas of interest, which are also called domains. The ten CBK domains are[7]:

[edit] Requirements

Candidates for the CISSP must meet several requirements.

  • They must have a minimum of five years of professional experience in information security. One year may be waived for having either a four-year college degree, a Master's degree in Information Security, or for possessing one of a number of other certifications from other organizations[8].
  • They must attest to the truth of their assertions regarding professional experience and accept the CISSP Code of Ethics.[9].
  • They must attest to lack of criminal history and related background.[9]
  • They must pass the CISSP exam with a scaled score of 700 points or greater. The exam consists of 250 questions to be answered over a period of six hours[10].
  • They must have their qualifications endorsed by another CISSP or other qualified professional. The endorser attests that the candidate's assertions regarding professional experience are true to the best of their knowledge, and that the candidate is in good standing within the information security industry.[10]

[edit] Specialized concentrations

Experienced information security professionals with an (ISC)² credential in good standing can progress to meet requirements for (ISC)² Concentrations to demonstrate further knowledge of select CBK domains. A passing score on a concentration examination is intended to demonstrate proven capabilities and subject-matter expertise beyond that required for the CISSP.

Current concentrations for CISSPs include the:

[edit] Ongoing certification

The CISSP credential is valid for only three years, after which it must be renewed. The credential can be renewed by re-taking the exam, however the more common method is to report at least 120 Continuing Professional Education (CPE) credits since the previous renewal. Currently, to maintain the CISSP certification, a member is required to earn and submit a total of 120 CPEs by the end of their three-year certification cycle and pay the Annual Membership Fee of US$85 during each year of the three-year certification cycle before the annual anniversary date. With the new changes effective 30 April 2008, CISSPs are required to earn and post a minimum of 20 CPEs (of the 120 CPE certification cycle total requirement) and pay the AMF of US$85 during each year of the three-year certification cycle before the member’s certification or recertification annual anniversary date. For CISSPs who hold one or more concentrations, CPEs submitted for the CISSP concentration(s) will be counted toward the annual minimum CPEs required for the CISSP.[11].

CPEs can be earned through several paths, including taking classes, attending conferences and seminars, teaching others, undertaking volunteer work, professional writing, etc., all in areas covered by the CBK. Most activities earn 1 CPE for each hour of time spent, however preparing (but not delivering) training for others is weighted at 4 CPEs/hour, published articles are worth 10 CPEs, and published books 40 CPEs[12].

[edit] Promotion

(ISC)2 promotes the CISSP certification as the "international gold standard" against which other security certifications are measured.

IT professionals with security expertise are often in high demand, and the CISSP is one metric by which that expertise can be demonstrated. In 2005, CertMag surveyed 35,167 IT professionals in 170 countries on compensation and found that CISSPs led their list of certificates ranked by salary, with the Certified Information Systems Security Management Professional (CISSP-ISSMP) program drawing $116,970 annually and the Certified Information Systems Security Architecture Professional (CISSP-ISSAP) earning $111,870.” A 2006 Certification Magazine salary survey also ranked the CISSP credential highly at $94,070 per year, and ranked CISSP concentration certifications as the top best paid credentials in IT, with CISSP-ISSAPs averaging at $114,210 per year and CISSP-ISSMP at $111,280 per year.[13]. These numbers correlate with compensation advantages enjoyed by IT security professionals in general, as well as with advantages accruing to the seniority and management roles that intersect with the concentration certificates.[14]

According to the (ISC)2, as of April 11, 2007 there are a total of 48,598 people holding the CISSP certification in 126 countries, with the majority of CISSP holders in the United States (30,385). [15]

[edit] Criticisms of the CISSP examination

Some critics have raised the issues below concerning the CISSP examination, its contents, and its processes.

  • Critics claim the exam is very long and tough to pass for an ordinary security professional and requires extensive preparation to pass the exam.
  • Critics say the CISSP exam covers information security topics "a mile wide, and an inch deep"[16] meaning the test has insufficient depth.
  • The exam sometimes includes outdated information. Critics say that although organizations still use legacy technology, the exam should focus only on current technologies.[citation needed]
  • Some questions on CISSP tests and information in the CBK may be technically inaccurate or incomplete.[citation needed]
  • The CISSP test is formulated so that candidates are asked to choose the best answer from among a group of correct answers. Some feel these are "trick" questions that unnecessarily distract capable candidates.[citation needed]

[edit] References

  1. ^ Member Counts (2007-04-11). Retrieved on 2007-06-04.
  2. ^ (ISC)² Press Release
  3. ^ U.S. Government, DoD 8570.01-M. Retrieved March 23, 2007.
  4. ^ NSA PARTNERS WITH (ISC)² TO CREATE NEW INFOSEC CERTIFICATION (2003-02-27). Retrieved on 2007-06-04.
  5. ^ Tipton & Henry, Official (ISC)² Guide to the CISSP CBK, Auerbach Publications, p. xv, ISBN 0-8493-8231-9
  6. ^ Tipton & Henry, Official (ISC)² Guide to the CISSP CBK, Auerbach Publications, p. 5, ISBN 0-8493-8231-9
  7. ^ (ISC)² CISSP
  8. ^ CISSP Professional Experience Requirement. ISC2. Retrieved on 2007-04-27.
  9. ^ a b CISSP Applicant Requirements. ISC2. Retrieved on 2007-04-27.
  10. ^ a b How To Certify. ISC2. Retrieved on 2008-02-13.
  11. ^ Modifications to Recertification Requirements. (ISC)2. Retrieved on 2008-03-09.
  12. ^ CPE Credit Requirements. (ISC)2. Retrieved on 2007-04-27.
  13. ^ Top Certifications by Salary in 2007 (2007-04-11). Retrieved on 2007-10-14.
  14. ^ Sosbe, Tim; Emily Hollis, Brian Summerfield, Cari McLean (December 2005). "CertMag’s 2005 Salary Survey: Monitoring Your Net Worth". CertMag. 
  15. ^ Member Counts (2007-04-11). Retrieved on 2007-10-14.
  16. ^ Harris, Shon (2002). Mike Meyers' CISSP(R) Certification Passport, Mike Meyers' Certification Passports. McGraw-Hill, xxi. ISBN 0072225785. 

[edit] See also

[edit] External links


aa - ab - af - ak - als - am - an - ang - ar - arc - as - ast - av - ay - az - ba - bar - bat_smg - bcl - be - be_x_old - bg - bh - bi - bm - bn - bo - bpy - br - bs - bug - bxr - ca - cbk_zam - cdo - ce - ceb - ch - cho - chr - chy - co - cr - crh - cs - csb - cu - cv - cy - da - de - diq - dsb - dv - dz - ee - el - eml - en - eo - es - et - eu - ext - fa - ff - fi - fiu_vro - fj - fo - fr - frp - fur - fy - ga - gan - gd - gl - glk - gn - got - gu - gv - ha - hak - haw - he - hi - hif - ho - hr - hsb - ht - hu - hy - hz - ia - id - ie - ig - ii - ik - ilo - io - is - it - iu - ja - jbo - jv - ka - kaa - kab - kg - ki - kj - kk - kl - km - kn - ko - kr - ks - ksh - ku - kv - kw - ky - la - lad - lb - lbe - lg - li - lij - lmo - ln - lo - lt - lv - map_bms - mdf - mg - mh - mi - mk - ml - mn - mo - mr - mt - mus - my - myv - mzn - na - nah - nap - nds - nds_nl - ne - new - ng - nl - nn - no - nov - nrm - nv - ny - oc - om - or - os - pa - pag - pam - pap - pdc - pi - pih - pl - pms - ps - pt - qu - quality - rm - rmy - rn - ro - roa_rup - roa_tara - ru - rw - sa - sah - sc - scn - sco - sd - se - sg - sh - si - simple - sk - sl - sm - sn - so - sr - srn - ss - st - stq - su - sv - sw - szl - ta - te - tet - tg - th - ti - tk - tl - tlh - tn - to - tpi - tr - ts - tt - tum - tw - ty - udm - ug - uk - ur - uz - ve - vec - vi - vls - vo - wa - war - wo - wuu - xal - xh - yi - yo - za - zea - zh - zh_classical - zh_min_nan - zh_yue - zu -