Among the Information Security certifications, the CISSP is still hailed as the holy grail. It has passed the test of time and has consistently achieved industry recognition from the Infosec community.
The certification has been designed by the ISC2 and CISSP stands for Certified Information Systems Security Professional. As of May 2014, (ISC)² reports 93391 members hold the CISSP certification worldwide, in 149 countries.
Some background of the ISC2:
Headquartered in the United States and with offices in London, Hong Kong and Tokyo, the International Information Systems Security Certification Consortium, Inc., (ISC)². It is an international nonprofit organization that focuses at its core on the development of industry certifications in the areas of information security and computer forensics.
The CISSP Is based on the following core domains:
• Access Control
• Telecommunications and Network Security
• Information Security Governance and Risk Management
• Software Development Security
• Security Architecture and Design
• Operations Security
• Business Continuity and Disaster Recovery Planning
• Legal, Regulations, Investigations, and Compliance
• Physical (Environmental) Security
There are several top-notch Boot Camp to help you train and prepare for the Certified Information Systems Security Professional. There are online boot camps as well as in class learning sessions, all that will help on in preparations for the actual exam. After taking one of the boot camps, students will have a strong working knowledge of the 10 domains of knowledge and be better placed to pass the exam.
Some of the areas covered in the
Employing mechanisms to protect information systems
• Defining administrative, technical and physical controls
• Implementing centralized and decentralized approaches
• Investigating biometric and multi-factor authentication
Protecting information by applying mathematical algorithms and data transformation
• Detailing symmetric and asymmetric encryption systems
• Ensuring message integrity through hashing
• Providing message authentication with digital signatures
Candidates must have a minimum of five (5) years of direct full-time professional security work experience in two or more of the ten domains.
The applicant must also answer four questions regarding criminal history and related background and attest to the truth of their assertions regarding professional experience and accept the CISSP
Code of Ethics
It is no doubt that the certification will remain the industry-leading flagship for a long time. As more and more IT Security professionals are adding the CISSP to their raster of certifications. And Human Resource departments continue to hold the certification as the defacto for hiring information security professionals.
In our opinion, you just can’t go wrong with this certification!