Certification Listing
The Certified Information Systems Security Professional
(CISSP) designation is established in 1990 and administrated by the International
Information Systems Security Certification Consortium, or (ISC)2. Working with a
professional testing service, (ISC)2 has developed a certification examination based
on the information systems security Common Body of Knowledge (CBK). Candidates have
up to 6 hours to complete the examination, which consists of 250 multiple choice
questions that address the ten topical test domains of the CBK.
The information systems security test domains are:
- Security Management Practices
- Security Architecture & Models
- Access Control Systems & Methodology
- Cryptography
- Telecommunications & Network Security
- Physical Security
- Operations Security
- Application & Systems Development
- Law, Investigations & Ethics
- Business Continuity & Disaster Recovery Planning
In addition to passing the examination, candidates must have 4 years or 3 years
with a college degree or equivalent life experience in one or more of the ten test
domains of the information systems security Common Body of Knowledge (CBK), and
then endorsed by a qualified third party to get certified.
Valid experience includes information systems (IS) security-related work performed
as a practitioner, auditor, consultant, vendor, investigator or instructor, that
requires IS security knowledge and involves direct application of that knowledge.
The 3 years experience is the actual time worked; the requirement is cumulative,
however, and may have been accrued over a much longer period of time.
For more information, you may visit the (ISC)2 web site www.isc2.org
Since 1978, the Certified Information Systems Auditor
(CISA) program, sponsored by the Information Systems Audit and Control Association
(ISACA), has been the globally accepted standard of achievement among IS audit,
control and security professionals. The purpose of the examination is to evaluate
a candidate’s knowledge and experience in conducting information systems audits.
The examination consists of 200 multiple-choice questions, administered during a
four-hour session, examine on the 7 Process & Content Areas:
- The IS Audit Process
- Management, Planning, and Organization of IS
- Technical Infrastructure and Operational Practices
- Protection of Information Assets
- Disaster Recovery and Business Continuity
- Business Application System Development, Acquisition, Implementation, and Maintenance
- Business Process Evaluation and Risk Management
A scaled score of 75 or above represents a passing score for the entire exam. After
successfully completed the CISA Examination, certification is granted initially
to individuals who have accumulated a minimum of five years professional information
systems audit, control or security work experience. However, substitutions and waivers
of such experience may be obtained:
- A maximum of one year of information systems experience OR one year of
financial or operational auditing experience can be substituted for one year of
information systems auditing, control or security experience.
- 60 to 120 completed college semester credit hours (the equivalent of an Associate
or Bachelor degree) can be substituted for one or two years, respectively, of information
systems auditing, control or security experience.
- Two years as a full-time university instructor in a related field (e.g., computer
science, accounting, information systems auditing) can be substituted for one year
of information systems auditing, control or security experience.
For more information, you may visit the web site of ISACA www.isaca.org
About CISM
The Certified Information Security Manager (CISM) is specifically geared
toward experienced information security managers and those who have information
security management responsibilities. CISM is designed to provide executive management
with assurance that those earning the CISM designation have the required knowledge
and ability to provide effective security management and consulting.
The 4-hour CISM exam is consists of 200 multiple-choice questions that cover the
5 job practice areas created from a CISM job practice analysis and reflects the
work performed by information security managers. The five information security management
areas are as follows:
- Information Security Governance
- Risk Management
- Information Security Program(me) Management
- Information Security Management
- Response Management
A scaled score of 75 or above represents a passing score for the entire exam. After
successfully completed the CISM Examination, certification is granted initially
to individuals who have accumulated a minimum of 5 years professional information
security management, work experience.
However, substitutions and waivers of such experience may be obtained.
For more information, you may visit the web site of ISACA www.isaca.org
About Certified Ethical
Hacker
The Certified Ethical Hacker (CEH) Program certifies individuals in the specific
network security discipline of Ethical Hacking from a vendor-neutral perspective.
This CEH certification will significantly benefit security officers, auditors, security
professionals, site administrators, and anyone who is concerned about the integrity
of the network infrastructure. A Certified Ethical Hacker is a skilled professional
who understands and knows how to look for the weaknesses and vulnerabilities in
your systems and uses the same knowledge and tools as a malicious hacker.
To achieve CEH certification, you must pass the Prometric exam EC0-350 Ethical Hacking
and Countermeasures that covers the standards and language involved in common exploits,
vulnerabilities and countermeasures. You must also show knowledge of the tools used
by hackers in exposing common vulnerabilities as well as the tools used by security
professionals for implementing countermeasures.
For more information, please refer to the International Council of E-Commerce Consultants
at http://www.eccouncil.org/CEH.htm
|
|
|
查詢請電 (24 全天候小時熱線) : (852) 2549 7978
|