certifications on security - is audit
TRANSCRIPT
Assignment 1
IS AUDIT
2/1/2015
Certifications on Security
SUBMITTED TO:
SIR WAQAS
MADE BY:
SHAHZEB PIRZADA (5701)
Why Certification MattersIn a world fraught with security threats, the need for skilled and knowledgeable information security professionals has never been greater. Your experience in the field is an important component of your value to an employer, but experience isn’t enough. Employers need something quantifiable and verifiable to show them you have the expertise they need.
The Value of (ISC) ²® Certification(ISC)² is acknowledged as the global, not-for-profit leader in educating and certifying information security professionals throughout their careers. Our reputation has earned our information security certifications and information security training programs recognition as the Gold Standard of the industry.
When you become certified through (ISC)², you gain:
Tested and verifiable proof of proficiency in your field. Higher salary and promotion potential. Entry into one of the largest communities of recognized information security professionals in the world. Access to unparalleled global resources, peer networking, mentoring, and a wealth of ongoing information security
opportunities.
Certificate About Vendor Cost Exams
CISSP - Certified
Information Systems
Security
Professional
CISSPs are information assurance professionals who define the architecture, design, management and/or controls that assure the security of business environments. This was the first certification in the field of information security to meet the stringent requirements of ISO/IEC Standard 17024.
(ISC)² $85 Per year.3 year
Access ControlTelecommunications and Network Security Information Security Governance and Risk ManagementSoftware Development SecurityCryptographySecurity Architecture and DesignOperations SecurityBusiness Continuity and Disaster Recovery PlanningLegal, Regulations, Investigations, and CompliancePhysical (Environmental) Security
SSCP - Systems Security Certified Practitioner
The SSCP certification is the ideal credential for those with proven
(ISC)² $250 Access ControlsCryptographyMalicious Code and Activity
technical skills and practical security knowledge in hands-on operational IT roles. It provides industry-leading confirmation of a practitioner’s ability to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability.
Monitoring and AnalysisNetworks and CommunicationsRisk, Response and RecoverySecurity Operations and Administration
CAP - Certified Authorization Professional
The Certified Authorization Professional (CAP) certification is an objective measure of the knowledge, skills and abilities required for personnel involved in the process of authorizing and maintaining information systems. Specifically, this credential applies to those responsible for formalizing processes used to assess risk and establish security requirements and documentation. Their decisions will ensure that information systems possess security commensurate with the level of exposure to potential risk, as well as damage to assets or individuals.
(ISC)² $469 Risk Management Framework (RMF)Categorization of Information SystemsSelection of Security ControlsSecurity Control ImplementationSecurity Control AssessmentInformation System AuthorizationMonitoring of Security Controls
CCFP- Certified Cyber Forensics
The evolving field of cyber forensics requires
(ISC)² $549 Legal and Ethical PrinciplesInvestigations
Professional professionals who understand far more than just hard drive or intrusion analysis. The field requires CCFP professionals who demonstrate competence across a globally recognized common body of knowledge that includes established forensics disciplines as well as newer challenges, such as mobile forensics, cloud forensics, anti-forensics, and more.
Forensic ScienceDigital ForensicsApplication ForensicsHybrid and Emerging Technologies
CSSLP - Certified Secure Software Lifecycle Professional
With the CSSLP® certification from (ISC)², your application security competency within the software development lifecycle (SDLC) will be validated. You'll not only be seen as an industry leader in application security, but as a leader within your organization as well. A status you'll rightly deserve because you'll have proven your proficiency in:
Developing an application security program in your organizationReducing production costs, application vulnerabilities and delivery delaysEnhancing the credibility of your
$549 Secure Software Concepts Secure Software DesignSecure Software RequirementsSecure Software Implementation/Coding – Secure Software Testing –Software Acceptance –Software Deployment, Operations, Maintenance and Disposal –Supply Chain and Software Acquisition
organization and its development teamReducing loss of revenue and reputation due to a breach resulting from insecure software
EC–Council Certified Security Analyst (ECSA)
This program is a comprehensive, standards-based, methodology intensive training program which teaches information security professionals to conduct real life penetration tests by utilizing EC-Council’s published penetration testing methodology.
Neutral $100 Need for Security Analysis
TCP IP Packet Analysis
Penetration Testing Methodologies
Customers and Legal Agreements
Rules of Engagement
Penetration Testing Planning and Scheduling
Pre-penetration Testing Steps
Information Gathering
Vulnerability Analysis
External Penetration Testing
Internal Network Penetration Testing
Firewall Penetration Testing
IDS Penetration Testing
Password Cracking Penetration Testing
Social Engineering Penetration Testing
Web Application Penetration Testing
SQL Penetration Testing
Penetration Testing Reports and Post Testing Actions