Certification / Exam Reviews

Guide to information security certifications

Bookmark and Share
For this update to our survey we added only one new vendor-neutral certification, the GIAC Certified Incident Manager, or GCIM. On the other side of the table, numerous items were deleted or removed. 12 full-blown vendor-neutral credentials were dropped for reasons that vary from no information available, to no visible signs of life, to a virus lurking on the program's home Web page. We can't take a security program seriously if its operator lets its website attempt to download viruses to its visitors. We also decided to drop individual Brainbench security exams, because they don't lead to certification in and of themselves, which drops the vendor-neutral count by another 5 items. We also did away with coverage of the GIAC certificate and specialist items to drop another 23 items. Thus, our total dropped item count for vendor-neutral certifications is 39. In addition, 11 vendor-specific credentials were dropped, for reasons that vary from cancellation of the program (Symantec), obsolescence of the platform (Windows Server 2000), lack of information available (Cisco IPS) or lack of substantial security content (NCTE and NCDE).

Of course, it's been a year since we last revisited this material, so it's not too surprising that there's been a lot of change. Although the overall numbers for credentials have dropped by a net of 50 (11 vendor-neutral, 5 Brainbench exams, 23 GIAC specialist items and 11 vendor-specific certifications), there are still many options available for interested IT professionals to ponder.

In fact, the sheer number of credentials can make navigating the security certification landscape a dizzying experience. Simply identifying the vast array of offerings can be time consuming and overwhelming -- never mind determining which certification best fits your situation. This guide to information security certifications provides an overview of the myriad options, whether you're just embarking on a journey up the information security career ladder or wish to hone your skills in a specialized area.

General security -- Basic

  • GIAC -- Global Information Assurance Certification Program
    This program seeks to identify individuals who can demonstrate knowledge of and the ability to manage and protect important information systems and networks. The SANS organization is well known for its timely, focused and useful security information and certification program. A shining star on this landscape, the GIAC program aims at serious, full-time security professionals responsible for designing, implementing and maintaining a state-of-the-art security infrastructure that may include incident handling and emergency response team management. Available entry-level certifications include the following:
    • GIAC Certified ISO-17799 Specialist (G7799)
    • GIAC Information Security Fundamentals (GISF)
    • GIAC Information Security Professional (GISP)
    • GIAC IT Security Audit Essentials (GSAE)
    • GIAC Operations Essentials Certification (GOEC)
    • GIAC Security Essentials Certification (GSEC)
    Source: Global Information Assurance Certification

  • Security Certified Network Specialist (SCNS)
    This entry-level security certification focuses on tactical perimeter defense -- firewalls, intrusion detection and router security. The SCNS is the starting point for individuals who want to attain the Security Certified Network Professional and Security Certified Network Architect certifications. (Please note that the SCNS and a revised version of the SCNP will be available some time during the second quarter of 2007.)
    Source: Security Certified Program

  • Security+
    This security certification focuses on important security fundamentals related to security concepts and theory, as well as best operational practices. In addition to functioning as a standalone exam for CompTIA, Microsoft accepts the Security+ as an alternative to one of the specialization exams for the MCSA and MCSE Security specializations, and Symantec accepts Security+ as part of the requirements for the Symantec Certified Technology Architect credential.
    Source: CompTIA Security+ Certification Overview

  • SSCP -- Systems Security Certified Practitioner
    The entry-level precursor to the ISC²'s CISSP, the SSCP exam covers seven of the 10 domains in the CISSP Common Body of Knowledge. The exam focuses more on operational and administrative issues relevant to information security and less on information policy design, risk assessment details and other business analysis skills that more germane to a senior IT security professional (and less so to a day-to-day security administrator, which is where the SSCP is really focused).
    Source: (ISC)²

  • Wireless#
    This entry-level certification recognizes individuals who have an essential understanding of leading wireless technologies such as Wi-Fi, Bluetooth, WiMAX, ZigBee, Infrared, RFID and VoWLAN. It also covers basic WLAN security issues and best related practices. To obtain this credential, candidates must pass one exam.
    Source: Planet3 Wireless

General security -- Intermediate

  • BISA -- Brainbench Information Security Administrator
    This Brainbench certification tests knowledge of networking and Internet security, including authorization, authentication, firewalls, encryption, disaster recovery and more.
    Source: Brainbench

  • CAP -- Certification and Accreditation Professional
    The CAP aims to identify individuals who can assess and manage the risks that security threats can pose within an organization, particularly in the government and enterprise sectors. This is a credential that deals with processes and practices, and works in tandem with emerging compliance requirements (Sarbanes-Oxley, HIPAA, and so forth) as well as emerging best industry governance standards (ITIL).
    Source: ISC²

  • CWSP -- Certified Wireless Security Professional
    This certification recognizes individuals who can design, implement and manage wireless LAN security. To obtain this credential, candidates must pass two exams.
    Source: Planet3 Wireless

  • GIAC -- Global Information Assurance Certification Program
    This cert program seeks to identify individuals who can demonstrate knowledge of and the ability to manage and protect important information systems and networks. The SANS organization is well known for its timely, focused and useful security information and certification program. A shining star on this landscape, the GIAC program aims at serious, full-time security professionals responsible for designing, implementing and maintaining a state-of-the-art security infrastructure that may include incident handling and emergency response team management. Available intermediate certifications include the following:
    • GIAC Assessing Wireless Networks (GAWN)
    • GIAC Certified Firewall Analyst (GCFW)
    • GIAC Certified Intrusion Analyst (GCIA)
    • GIAC Certified Incident Manager (GCIM)
    • GIAC Certified Security Consultant (GCSC)
    • GIAC Certified Incident Handler (GCIH)
    • GIAC Certified Windows Security Administrator (GCWN)
    • GIAC Certified UNIX Security Administrator (GCUX)
    • GIAC Legal Issues (GLEG)
    • GIAC Securing Oracle Certification (GSOC)
    • GIAC Security Leadership (GSLC)
    • GIAC Systems and Network Auditor (GSNA)
    Source: Global Information Assurance Certification

  • SCNP -- Security Certified Network Professional
    This mid-level security certification focuses on strategic infrastructure security, including packet structure analysis, security policies, risk analysis, ethical hacking techniques, Internet security, cryptography, and hardening Linux and Windows systems. Individuals who attain this certification will be able to work as full-time IT security professionals with an operations focus. As of Q2 2007, the SCNS (described in the section on entry level certifications in this guide) is required as a pre-requisite for those pursuing this credential.
    Source: Security Certified Program

  • SCNA -- Security Certified Network Architect
    This is a mid- to senior-level security certification that focuses on concepts, planning and implementation of enterprise security topics, such as Private Key Infrastructure, biometric authentication and identification systems, digital certificates, cryptography and more. Individuals who attain this certification will be able to implement these technologies within organizations or as consultants to such organizations.
    Source: Security Certified Program

General security -- Advanced

  • CERI-ACSS -- Advanced Computer System Security
    The CERI-ACSS seeks to identify law enforcement officials with advanced computer crime investigation experience and training. Requirements include two years of computer investigation/debugging, three years of Microsoft platform analysis, one year of non-Microsoft platform analysis, 40 hours of approved training, a written exam and successful completion of hands-on exercises. (Note: because of its "double coverage" this item also appears in the Forensics/antihacking – Advanced section as well.)
    Source: Cyber Enforcement Resources Inc.

  • CISM -- Certified Information Security Manager
    The CISM demonstrates knowledge of information security for IT professionals responsible for handling security matters, issues and technologies. This cert is of primary interest to IT professionals responsible for managing IT systems, networks, policies, practices and procedures to make sure organizational security policies meet governmental and regulatory requirements, conform to best security practices and principles, and meet or exceed requirements stated in an organization's security policy.
    Source: Information Systems Audit and Control Association

  • CISSP -- Certified Information Systems Security Professional
    The CISSP demonstrates knowledge of network and system security principles, safeguards and practices. It is of primary interest to full-time IT security professionals who work in internal security positions or who consult with third parties on security matters. CISSPs are capable of analyzing security requirements, auditing security practices and procedures, designing and implementing security policies, and managing and maintaining an ongoing and effective security infrastructure. CISSP candidates must have four years of experience (or a college degree plus three years of experience; a Master's Degree in Information Security counts toward one year of experience).
    Source: (ISC)²

  • CPTS -- Certified Pen Testing Specialist
    An offering from Iowa-based training company, Mile2, this credential stresses currency on the latest exploits, vulnerabilities and system penetration techniques. It also focuses on business skills, identification of protection opportunities, testing justifications and optimization of security controls to meet business needs and control risks and exposures. The credential is structured around a five-day course that's backed up by the CPTS or Certified Ethical Hacker exam, both delivered by Prometric.
    Source: Mile2

  • CPP -- Certified Protection Professional
    The CPP demonstrates a thorough understanding of physical, human and information security principles and practices. The most senior and prestigious IT security professional certification covered in this article, the CPP requires extensive on-the-job experience (nine years or seven years with a college degree), as well as a profound knowledge of technical and procedural security topics and technologies. Only those who have worked with and around security for some time are able to qualify for this credential.
    Source: American Society for Industrial Security (ASIS)

  • GIAC -- Global Information Assurance Certification Program
    This cert program seeks to identify individuals who can demonstrate knowledge of and the ability to manage and protect important information systems and networks. The SANS organization is well known for its timely, focused, and useful security information and certification program. A shining star on this landscape, the GIAC program aims at serious, full-time security professionals responsible for designing, implementing and maintaining a state-of-the-art security infrastructure that may include incident handling and emergency response team management. The GIAC Security Engineer (GSE) track is the most senior-level certification in that program. Candidates must complete three intermediate-level GIAC certifications (GSEC, GCIA and GCIH), earning GIAC Gold in at least two of them, and pass two proctored exams to qualify for this certification. There's also the GIAC .NET Certification (GNET), which we've decided to upgrade to an advanced level because of the extensive programming knowledge and experience required to earn this credential.
    GNET Source: Global Information Assurance Certification

    GSE Source: Global Information Assurance Certification

  • ISSAP -- Information Systems Security Architecture Professional
    The ISSAP permits CISSPs to concentrate further in information security architecture and stresses the following elements of the CBK:
    • Access control systems and methodologies
    • Telecommunications and network security
    • Cryptography
    • Requirements analysis and security standards, guidelines and criteria
    • Technology-related business continuity and disaster recovery planning (BCP and DRP)
    • Physical security integration
    Source: (ISC)²

  • ISSEP -- Information Systems Security Engineering Professional
    The ISSEP permits CISSPs who work in areas related to national security to concentrate further in security engineering, in cooperation with the NSA. The ISSEP stresses the following elements of the CBK:
    • Systems security engineering
    • Certification and accreditation
    • Technical management
    • U.S. government information assurance regulations

    Source: (ISC)²

  • ISSMP -- Information Systems Security Management Professional
    The ISSMP permits CISSPs to concentrate further in security management areas and stresses the following elements of the CBK:
    • Enterprise security management practices
    • Enterprise-wide system development security
    • Overseeing compliance of operations security
    • Understanding BCP, DRP and continuity of operations planning (COOP)
    • Law, investigations, forensics and ethics
    Source: (ISC)²

  • PSP -- Physical Security Professional
    Another high-level security certification from ASIS, this program focuses on matters relevant to maintaining security and integrity of the premises, and access controls over the devices and components of an IT infrastructure. Key topics covered include physical security assessment, and selection and implementation of appropriate integrated physical security measures. Requirements include five years of experience in physical security, a high school diploma (or GED) and a clean criminal record.
    Source: ASIS International: Physical Security Professional

  • QIAP -- Qualified Information Assurance Professional
    Security University's QIAP certification combines coverage of key information security topics, tools and technologies with a hands-on, lab-oriented learning and testing program. To obtain QIAP certification, security professionals must complete three courses on topics such as:
    • Access, authentication and Public Key Infrastructure
    • Network security policy and security-oriented architect
    • Certification and accreditation
    Students must also take and pass three exams, one per course.
    Source: Security University

  • QISP -- Qualified Information Security Professional
    Security University's QISP certification combines coverage of key information security topics, tools and technologies with a hands-on, lab-oriented learning and testing program. SU offers QISP certification with four concentrations: analyst/penetration tester, Security hacker/defender, edge protection and forensics. To obtain QISP certification security professionals must complete five courses, depending on their concentration. Students must also take and pass a demanding exam.
    Source: Security University

  • QSSE -- Qualified Software Security Expert
    Security University's QSSE certification combines coverage of key software security topics, tools and technologies with a hands-on, lab-oriented learning and testing program. To obtain QSSE certification, security professionals must complete a software security bootcamp and six courses on topics such as:
    • Penetration testing
    • Breaking and fixing Web applications
    • Breaking and fixing software
    • Secure software programming
    • Software security ethical hacking Reverse engineering

    Source: Security University

Forensics/antihacking -- Basic

  • BCF -- Computer Forensics (U.S.)
    The Computer Forensics (U.S.) certification is designed for experienced individuals who can analyze and collect evidence, recognize data types, follow proper examination procedures and initial analysis, use forensic tools, prepare for an investigation, and report findings.
    Source: Brainbench

  • CCCI -- Certified Computer Crime Investigator (Basic)
    The CCCI is one of four computer forensic certifications aimed at law enforcement and private IT professionals seeking to specialize in the investigative side of the field. Basic requirements include two years of experience (or a college degree, plus one year of experience), 18 months of investigative experience, 40 hours of computer crimes training and documented experience from at least 10 investigated cases.
    Source: High Tech Crime Network certifications

  • CCFT -- Certified Computer Forensic Technician (Basic)
    The CCFT is one of four computer forensic certifications aimed at law enforcement and private IT professionals seeking to specialize in the investigative side of the field. Basic requirements include three years of experience (or a college degree, plus one year of experience), 18 months of forensics experience, 40 hours of computer forensics training and documented experience from at least 10 investigated cases.
    Source: High Tech Crime Network certifications

  • CEECS -- Certified Electronic Evidence Collection Specialist Certification
    The CEECS identifies individuals who successfully complete the CEECS certification course. No prerequisites are required to attend the course, which covers the basics of evidence collection in addition to highly technical terminology, theories and techniques.
    Source: International Association of Computer Investigative Specialists

  • CERI-CFE -- Computer Forensic Examination
    The CERI-CFE seeks to identify law enforcement officials with basic computer crime investigation experience and training. Requirements include two years of computer investigation/debugging, one year of Microsoft platform analysis, six months of non-Microsoft platform analysis, 40 hours of approved training, a written exam and successful completion of hands-on exercises.
    Source: Cyber Enforcement Resources Inc.

  • NSA -- EC-Council Network Security Administrator
    The NSA identifies individuals who can evaluate internal and external security threats against a network, and develop and implement security policies. One exam is required.
    Source: EC-Council

Forensics/antihacking -- Intermediate

  • CCE -- Certified Computer Examiner
    The CCE, by the International Society of Forensic Computer Examiners, seeks to identify individuals with no criminal record who have appropriate computer forensics training or experience, including evidence gathering, handling and storage. In addition, candidates must pass an online examination and successfully perform a hands-on examination on three test media.
    Source: International Society of Forensic Computer Examiners

  • CEH -- Certified Ethical Hacker
    The CEH identifies security professionals capable of finding and detecting weaknesses and vulnerabilities in computer systems and networks by using the same tools and applying the same knowledge as a malicious hacker. Candidates must pass a single exam and prove knowledge of tools used both by hackers and security professionals.
    Source: EC-Council

  • CFCE -- Computer Forensic Computer Examiner
    The International Association of Computer Investigative Specialists (IACIS) offers this credential to law enforcement and private industry personnel alike. Candidates must have broad knowledge, training or experience in computer forensics, including forensic procedures and standards, as well as ethical, legal and privacy issues. Certification includes both hands-on performance-based testing as well as a written exam.
    Source: International Association of Computer Investigative Specialists

  • CHFI -- Computer Hacking Forensic Investigator
    The CHFI is geared toward personnel in law enforcement, defense, military, information technology, law, banking and insurance, among others. To obtain CHFI certification, a candidate needs to successfully complete one exam.
    Source: EC-Council

  • CNDA -- Certified Network Defense Architect
    The CNDA is geared toward IT personnel who act as penetration testers or legitimate hackers to test the strength and integrity of a network's defense. To obtain CNDA certification, a candidate needs to successfully complete one exam.
    Source: EC-Council

  • CSFA -- CyberSecurity Forensic Analyst
    The CSFA aims to identify individuals who are interested in information technology security issues, especially at the hardware level. Prerequisites include attendance of the CyberSecurity Institute's Computer Forensics Core Competencies course or at least one of the following certifications:
    • AccessData Certified Examiner (ACE)
    • Certified Forensic Computer Examiner (CFCE)
    • Certified Computer Examiner (CCE)
    • Computer Hacking Forensic Investigator (CHFI)
    • EnCase Certified Examiner (EnCE)
    • GIAC Certified Forensics Analyst (GCFA)
    In addition, candidates should have at least 18 months of experience performing forensic analysis of Windows FAT and NTFS file systems and writing forensic analysis reports. Candidates must have no criminal record.
    Source: CyberSecurity Institute

  • ECSA -- EC-Council Certified Security Analyst
    The ECSA identifies security professionals capable of using advanced methodologies, tools and techniques to analyze and interpret security tests. Candidates must pass a single exam to achieve certification. The EC-Council recommends that candidates take a five-day training course to prepare for the exam.
    Source: EC-Council

  • GIAC -- Global Information Assurance Certification Program
    This cert program seeks to identify individuals who can demonstrate knowledge of and the ability to manage and protect important information systems and networks. The SANS organization is well known for its timely, focused, and useful security information and certification program. A shining star on this landscape, the GIAC program aims at serious, full-time security professionals responsible for designing, implementing and maintaining a state-of-the-art security infrastructure that may include incident handling and emergency response team management. The program includes one mid-level forensics certification -- GIAC Certified Forensics Analyst (GCFA).
    Source: Global Information Assurance Certification

Forensics/antihacking -- Advanced

  • CCCI -- Certified Computer Crime Investigator (Advanced)
    The CCCI is one of four computer forensic certifications aimed at law enforcement and private IT professionals seeking to specialize in the investigative side of the field. Advanced requirements entail three years of experience (or a college degree, plus two years of experience), four years of investigations, 80 hours of training and involvement as a lead investigator in 20 cases, with involvement in over 60 cases overall.
    Source: High Tech Crime Network certifications

  • CCFT -- Certified Computer Forensic Technician (Advanced)
    The CCFT is one of four computer forensic certifications aimed at law enforcement and private IT professionals seeking to specialize in the investigative side of the field. Basic requirements include three years of experience (or a college degree, plus one year of experience), 18 months of forensics experience, 40 hours of computer forensics training and documented experience from at least 10 investigated cases. Advanced requirements entail three years of experience (or a college degree, plus two years of experience), four years of investigations, 80 hours of training and involvement as a lead investigator in 20 cases with involvement in over 60 cases overall.
    Source: High Tech Crime Network certifications

  • CERI-ACFE -- Advanced Computer Forensic Examination
    The CERI-ACFE seeks to identify law enforcement officials with advanced computer crime investigation experience and training. Requirements include two years of computer investigation/debugging, four years of Microsoft platform analysis, two years of non-Microsoft platform analysis, 80 hours of approved training, a written exam and successful completion of hands-on exercises.
    Source: Cyber Enforcement Resources Inc.

  • CERI-ACSS -- Advanced Computer System Security
    The CERI-ACSS seeks to identify law enforcement officials with advanced computer crime investigation experience and training. Requirements include two years of computer investigation/debugging, three years of Microsoft platform analysis, one year of non-Microsoft platform analysis, 40 hours of approved training, a written exam and successful completion of hands-on exercises. (Note: because of double coverage, this item is also listed under the General Security – Advanced section as well.)
    Source: Cyber Enforcement Resources Inc.

  • CPTE -- Certified Pen Testing Expert
    This credential stresses currency on the latest exploits, vulnerabilities and system penetration techniques. It also focuses on business skills, identification of protection opportunities, testing justifications and optimization of security controls to meet business needs and control risks and exposures. The CPTE covers many of the same topics as the lower level CPTS certification but in much more depth and breadth. The CPTE credential is structured around a five-day course that's backed up by the CPTE exam.
    Source: Mile2

  • LPT -- Licensed Penetration Tester
    The LPT identifies security professionals who can thoroughly analyze the security of a network and recommend appropriate corrective measures. An LPT must adhere to a strict code of ethics, best practices and appropriate compliance requirements while performing penetration tests. Prerequisites include EC-Council's CEH and ECSA certifications, and candidates must submit an LPT application, endorsement by a sponsoring agency, proof of a clean background check, detailed resume and an agreement to abide by a code of ethics. In addition, candidates must attend a three-day LPT training program through an EC-Council accredited training center.
    Source: EC-Council

  • PCI -- Professional Certified Investigator
    This is a high-level certification from the American Society for Industrial Security (ASIS is also home to the CPP and PSP certifications) for those who specialize in investigating potential cybercrimes. Thus, in addition to technical skills, this certification concentrates on testing individuals' knowledge of legal and evidentiary matters required to present investigations in a court of law, including case management, evidence collection and case presentation. This cert requires five years of investigation experience, with at least two years in case management (a bachelor's degree or higher counts for up to two years of such experience) and a clean legal record for candidates.
    Source: ASIS International

Specialized

  • CCSA -- Certification in Control Self-Assessment
    The CCSA demonstrates knowledge of internal control self-assessment procedures, primarily aimed at financial and records controls. This cert is of primary interest to those professionals who must evaluate IT infrastructures for possible threats to financial integrity, legal requirements for confidentiality and regulatory requirements for privacy.
    Source: Institute of Internal Auditors

  • CFE -- Certified Fraud Examiner
    The CFE demonstrates ability to detect financial fraud and other white-collar crimes. This cert is of primary interest to full-time security professionals in law, law enforcement or those who work in organization with legal mandates to audit for possible fraudulent or illegal transactions and activities (such as banking, securities trading or classified operations).
    Source: Association of Certified Fraud Examiners

  • CFSA -- Certified Financial Services Auditor
    The CFSA identifies professional auditors with thorough knowledge of auditing principles and practices in the banking, insurance and securities financial services industries. Candidates must have a four-year degree or a two-year degree with three years of experience in a financial services environment, submit a character reference and show proof of at least two years of appropriate auditing experience. To obtain this certification, candidates must pass one exam.
    Source: The Institute of Internal Auditors

  • CGAP -- Certified Government Auditing Professional
    The CGAP identifies public-sector internal auditors who focus on fund accounting, grants, legislative oversight and confidentiality rights, among other facets of internal auditing. Candidates must have an appropriate four-year degree or a two-year degree with five years of experience in a public-sector environment, submit a character reference and show proof of at least two years of direct government auditing experience. To obtain this certification, candidates must pass one exam.
    Source: The Institute of Internal Auditors

  • CIA -- Certified Internal Auditor
    The CIA cert demonstrates knowledge of professional financial auditing practices. The cert is of primary interest to financial professionals responsible for auditing IT practices and procedures, as well as standard accounting practices and procedures to insure the integrity and correctness of financial records, transaction logs and other records relevant to commercial activities.
    Source: Institute of Internal Auditors

  • CISA -- Certified Information Systems Auditor
    The CISA demonstrates knowledge of IS auditing for control and security purposes. This cert is of primary interest to IT security professionals responsible for auditing IT systems, practices and procedures to make sure organizational security policies meet governmental and regulatory requirements, conform to best security practices and principles, and meet or exceed requirements stated in an organization's security policy.
    Source: Information Systems Audit and Control Association

  • ECSP -- EC-Council Certified Secure Programmer
    The ECSP identifies programmers who can design and build relatively bug-free, stable Windows- and Web-based applications with the .NET/Java Framework, greatly reducing exploitation by hackers and the incorporation of malicious code. Candidates must attend a Writing Secure Code training course and pass a single exam.
    Source: EC-Council

  • Security5
    Security5 certification identifies non-IT office workers and home users who understand Internet security terminology, know how to use defense programs such as antivirus and antispyware applications, can implement basic operating system security and follow safe Web and e-mail practices. Candidates must attend a two-day course and pass one exam.
    Source: EC-Council

Contact Us | Advertise | Authors | Subject Index | RSS Feeds

Copyright ©2009 Setup32.com