|
The ISC2 Certified Information Systems Security Professional certification is a high-level, vendor-neutral, certification for IT professionals who are working in or seeking a career in network security related roles.
A prerequisite for the CISSP exam is “four years experience or three years with a college degree. Additionally, a Master's Degree in Information Security from a National Centre of Excellence can substitute for one year towards the four-year requirement.” However, in June 2003, ISC2 introduced an associate program whereby a candidate can take the exam and then obtain the experience requirement. ISC2 say “After passing the selected exam and signing (ISC)2's Code of Ethics, the Associate must garner the requisite work experience and successfully complete a professional endorsement process before he/she becomes officially certified as CISSP or SSCP.” Exam Requirements: Candidates must pass a single CISSP exam to achieve the CISSP certification.
The single CISSP exam has 250 questions covering the following ten areas (domains) of security; collectively referred to as the “Common Body of Knowledge (CBK)”. - Access Control Systems & Methodology
- Applications & Systems Development
- Business Continuity Planning
- Cryptography
- Law, Investigation & Ethics
- Operations Security
- Physical Security
- Security Architecture & Models
- Security Management Practices
- Telecommunications, Network & Internet Security
“To maintain their certification, holders of the CISSP certification are required to earn 120 Continuing Professional Education (CPE) credits in the information security field every three years, ensuring certified professionals are up-to-date on current information security issues. Of the 120 CPEs that are required, at least 80 must be ‘A’ credits (directly related to the 10 major domains of the CBK) and as many as 40 can be ‘B’ credits (not related to the 10 domains of the CISSP CBK).”
|
