SlideShare a Scribd company logo

Fundamentals of Information Systems Security Chapter 14

Download as PPTX, PDF
Dr. Ahmed Al Zaidy
Dr. Ahmed Al Zaidy

Chapter 14: Information Security Professional Certifications

Education
1 of 35
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security Lesson 14 Information Security Professional Certifications
Page 2Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 2Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Learning Objective(s)  Describe information systems security educational opportunities and professional certifications.
Page 3Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 3Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Concepts  U.S. DoD/Military Directive 8570.01 and DoDD 8140.01  Popular vendor-neutral professional certifications  Popular vendor-specific professional certifications
Page 4Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 4Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DoD Directive 8570.01 “Information Assurance Training, Certification and Workforce Management” Affects any DoD facility or contractor organization Ensures that all personnel who are directly involved with information security possess security certifications
Page 5Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 5Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DoD Directive 8140  A new, operationally focused cybersecurity training framework  Will replace the 8570.01 directive  Developed by the Defense Information Systems Agency (DISA)
Page 6Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 6Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DoD Directive 8140 (cont.)  Roles identified by the 8140 directive include: • Security provision • Operate and maintain • Protect and defend • Analyze • Operate and collect • Oversight and development • Investigate
Page 7Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 7Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Joint Cyberspace Training and Certification Standards
Page 8Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 8Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. U.S. DoD/NSA Training Standards Are actually training requirements for specific job responsibilities Developed by the CNSS and NSTISS committees Provide guidance for course and professional certification vendors to develop curriculum and materials that meet DoD/NSA requirements
Page 9Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 9Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. U.S. DoD/NSA Training Standards Training Standard Description NSTISS- 4011 National Training Standard for Information Systems Security (InfoSec) Professionals CNSS-4012 National Information Assurance Training Standard for Senior System Managers CNSS-4013 National Information Assurance Training Standard for System Administrators (SA) CNSS-4014 Information Assurance Officer (IAO) Training NSTISSC-4015 National Training Standard for System Certifiers CNSS-4016 National Information Assurance Training Standard for Risk Analysts
Page 10Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 10Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Vendor-Neutral Professional Certifications A certification is an official statement that validates the fact that a person has satisfied specific job requirements, including: • Possessing a certain level of experience • Completing a course of study • Passing an examination Certifications target specific areas of knowledge and expertise Vendor-neutral certifications cover concepts and topics that are general in nature
Page 11Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 11Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Seven Main (ISC)2 Certifications SSCP CISSP CAP CSSLPCCFP HCISPP CCSP
Page 12Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 12Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Seven Main (ISC)2 Certifications (cont.) SSCP • Covers the seven domains of best practices for information security CISSP • Demonstrates competence in the eight domains of the (ISC)2 CISSP Common Body of Knowledge (CBK) CAP • Provides a method to measure the knowledge and skills of professionals involved in authorizing and maintaining information systems
Page 13Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 13Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Seven Main (ISC)2 Certifications (cont.) CSSLP • Evaluates professionals for the knowledge and skills necessary to develop and deploy secure applications CCFP • Tests and evaluates professionals for the knowledge and skills necessary to perform and conduct a digital forensics investigation
Page 14Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 14Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Seven Main (ISC)2 Certifications (cont.) HCISPP • Tests and evaluates professionals for the knowledge and skills necessary to perform and conduct security and privacy work for health care organizations CCSP • Tests and evaluates professionals for the knowledge and skills necessary to secure and manage cloud computing environments
Page 15Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 15Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Additional (ISC)2 Professional Certifications Architecture (CISSP-ISSAP) • Two years of professional experience in the area of architecture; appropriate for chief security architects and analysts Engineering (CISSP-ISSEP) • Road map for incorporating security into projects, applications, business processes, and all information systems Management (CISSP-ISSMP) • Two years enterprise-wide security operations and management; contains deeper managerial elements
Page 16Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 16Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Global Information Assurance Certification (GIAC)/SANS Institute Offers approximately 30 individual credentials Spans several information security job disciplines: • Audit • Forensics • Legal • Management • Security administration • Software security
Page 17Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 17Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. GIAC Credentials
Page 18Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 18Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Certified Internet Webmaster (CIW) Credentials focus on both general and web- related security Credentials that satisfy CIW requirements include: • (ISC)2 SCCP or CISSP • Various GIAC credentials • CompTIA Security+ • Several vendor-specific credentials
Page 19Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 19Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. CIW Credentials
Page 20Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 20Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. CompTIA Security+ • Globally recognized • Entry-level information security certification of choice for IT professionals • Meets the ISO 17024 standard and is approved by the DoD 8570.01-M requirements • Is industry supported CompTIA Advanced Security Practitioner (CASP)
Page 21Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 21Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. ISACA  Is a nonprofit global organization that promotes “the development, adoption, and use of globally accepted, industry leading knowledge and practices for information systems”  Provides security training at conferences and training events  Offers four certifications for IT security professionals: CISM, CISA, CGEIT, and CRISC
Page 22Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 22Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. ISACA Certifications
Page 23Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 23Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Other Information Systems Security Certifications • CEH, CHFI, EC-Council Certified Security Analyst, and more EC-Council • CERT—Certified Computer Security Incident Handler, SEI—Authorized CERT Instructor Software Engineering Institute (Carnegie Mellon University • Multiple security certificationsMile2 • Multiple wireless security certifications Certified Wireless Security Professional
Page 24Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 24Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Other Information Systems Security Certifications (cont.) • Certified Computer Crime Investigator, Certified Computer Forensic Technician High Tech Crime Network • Certified Computer Examiner (CCE) International Society of Forensic Computer Examiners • CyberSecurity Forensic Analyst (CSFA) CyberSecurity Institute • Multiple certifications Offensive Security
Page 25Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 25Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Vendor-Specific Professional Certifications Certifications offered by vendors of hardware and software products Holding a certification for a specific vendor implies competence If an applicant meets requirements for a certification, applicant has a certain level of knowledge and skills
Page 26Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 26Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cisco Systems One of the largest manufacturers of network security devices and software Offers a range of certifications for its networking products Offers several different certification levels along different tracks that enable security professionals to focus efforts on specific knowledge and skills they need to get the most out of Cisco equipment
Page 27Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 27Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cisco Systems (cont.) Levels Entry Associate Professional Expert Architect Paths Design Security Voice Wireless Routing and Switching Service Provider
Page 28Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 28Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cisco Certifications
Page 29Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 29Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Juniper Networks Manufactures a variety of network security hardware and software Offers a varied range of certifications for its networking product line Four levels from 11 different tracks Does not offer certifications at all levels for every track
Page 30Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 30Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Juniper Networks Certification Levels and Tracks
Page 31Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 31Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. RSA Global provider of security, risk, and compliance solutions for enterprise environments Provides specific training and certifications to help security professionals use RSA products effectively Offers certifications for RSA Archer and RSA SecurID
Page 32Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 32Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Symantec Provides a wide range of security software products Offers certifications for its product lines, including: • Administration of Symantec NetBackup for UNIX • Administration of Symantec Enterprise Vault for Exchange • Administration of Symantec Endpoint Protection • Administration of Symantec NetBackup for Windows
Page 33Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 33Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Check Point Global manufacturer of network and security devices and software Provides training and certification paths for security professionals to encourage highest level of knowledge and skills in the use of Check Point products Requires that applicants pass an exam that involves 80 percent study materials and 20 percent hands-on experience
Page 34Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 34Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Check Point Certifications
Page 35Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 35Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Summary U.S. DoD/Military Directive 8570.01 and DoDD 8140.01 Popular vendor-neutral professional certifications Popular vendor-specific professional certifications

Recommended

Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Dr. Ahmed Al Zaidy
 

Recommended

Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Dr. Ahmed Al Zaidy
 
Funsec3e ppt ch06
Funsec3e ppt ch06Funsec3e ppt ch06
Funsec3e ppt ch06Skillspire LLC
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Dr. Ahmed Al Zaidy
 
Forensic3e ppt ch13
Forensic3e ppt ch13Forensic3e ppt ch13
Forensic3e ppt ch13Skillspire LLC
 
Forensic3e ppt ch03
Forensic3e ppt ch03Forensic3e ppt ch03
Forensic3e ppt ch03Skillspire LLC
 
Funsec3e ppt ch07
Funsec3e ppt ch07Funsec3e ppt ch07
Funsec3e ppt ch07Skillspire LLC
 
Funsec3e ppt ch11
Funsec3e ppt ch11Funsec3e ppt ch11
Funsec3e ppt ch11Skillspire LLC
 
Funsec3e ppt ch13
Funsec3e ppt ch13Funsec3e ppt ch13
Funsec3e ppt ch13Skillspire LLC
 
Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Dr. Ahmed Al Zaidy
 
Funsec3e ppt ch14
Funsec3e ppt ch14Funsec3e ppt ch14
Funsec3e ppt ch14Skillspire LLC
 
Hacking3e ppt ch10
Hacking3e ppt ch10Hacking3e ppt ch10
Hacking3e ppt ch10Skillspire LLC
 
Forensic3e ppt ch08
Forensic3e ppt ch08Forensic3e ppt ch08
Forensic3e ppt ch08Skillspire LLC
 
Funsec3e ppt ch10
Funsec3e ppt ch10Funsec3e ppt ch10
Funsec3e ppt ch10Skillspire LLC
 
Funsec3e ppt ch03
Funsec3e ppt ch03Funsec3e ppt ch03
Funsec3e ppt ch03Skillspire LLC
 
Hacking3e ppt ch02
Hacking3e ppt ch02Hacking3e ppt ch02
Hacking3e ppt ch02Skillspire LLC
 
Forensic3e ppt ch06
Forensic3e ppt ch06Forensic3e ppt ch06
Forensic3e ppt ch06Skillspire LLC
 
Funsec3e ppt ch05
Funsec3e ppt ch05Funsec3e ppt ch05
Funsec3e ppt ch05Skillspire LLC
 
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...Global Knowledge Training
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftOSIsoft, LLC
 

More Related Content

What's hot

Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Dr. Ahmed Al Zaidy
 

What's hot (20)

Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8
 
Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4
 
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5
 
Funsec3e ppt ch06
Funsec3e ppt ch06Funsec3e ppt ch06
Funsec3e ppt ch06
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
 
Forensic3e ppt ch13
Forensic3e ppt ch13Forensic3e ppt ch13
Forensic3e ppt ch13
 
Forensic3e ppt ch03
Forensic3e ppt ch03Forensic3e ppt ch03
Forensic3e ppt ch03
 
Funsec3e ppt ch07
Funsec3e ppt ch07Funsec3e ppt ch07
Funsec3e ppt ch07
 
Funsec3e ppt ch11
Funsec3e ppt ch11Funsec3e ppt ch11
Funsec3e ppt ch11
 
Funsec3e ppt ch13
Funsec3e ppt ch13Funsec3e ppt ch13
Funsec3e ppt ch13
 
Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9
 
Funsec3e ppt ch14
Funsec3e ppt ch14Funsec3e ppt ch14
Funsec3e ppt ch14
 
Hacking3e ppt ch10
Hacking3e ppt ch10Hacking3e ppt ch10
Hacking3e ppt ch10
 
Forensic3e ppt ch08
Forensic3e ppt ch08Forensic3e ppt ch08
Forensic3e ppt ch08
 
Funsec3e ppt ch10
Funsec3e ppt ch10Funsec3e ppt ch10
Funsec3e ppt ch10
 
Funsec3e ppt ch03
Funsec3e ppt ch03Funsec3e ppt ch03
Funsec3e ppt ch03
 
Hacking3e ppt ch02
Hacking3e ppt ch02Hacking3e ppt ch02
Hacking3e ppt ch02
 
Forensic3e ppt ch06
Forensic3e ppt ch06Forensic3e ppt ch06
Forensic3e ppt ch06
 
Funsec3e ppt ch05
Funsec3e ppt ch05Funsec3e ppt ch05
Funsec3e ppt ch05
 

Similar to Fundamentals of Information Systems Security Chapter 14

Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...Global Knowledge Training
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftOSIsoft, LLC
 
cryptography.pptx
cryptography.pptxcryptography.pptx
cryptography.pptxMhndHTaani
 
Professional designations in it governance
Professional designations in it governanceProfessional designations in it governance
Professional designations in it governancejkllee
 
Professional Designations in IT Governance
Professional Designations in IT GovernanceProfessional Designations in IT Governance
Professional Designations in IT Governancejkllee
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?PECB
 
Security_360_Marketing_Package
Security_360_Marketing_PackageSecurity_360_Marketing_Package
Security_360_Marketing_PackageRandy B.
 
20160426 AIIM16 CIP Preconference Briefing
20160426 AIIM16 CIP Preconference Briefing20160426 AIIM16 CIP Preconference Briefing
20160426 AIIM16 CIP Preconference BriefingJesse Wilkins
 
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCUnderstanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCAdam Levithan
 
Assocham conf grc sept 13
Assocham conf grc sept 13Assocham conf grc sept 13
Assocham conf grc sept 13subramanian K
 
Dr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptxDr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptxMhndHTaani
 
Beyond Keystroke Logging and Trojans: How to Navigate the Changing Landscape...
Beyond Keystroke Logging and Trojans: How to Navigate the Changing Landscape... Beyond Keystroke Logging and Trojans: How to Navigate the Changing Landscape...
Beyond Keystroke Logging and Trojans: How to Navigate the Changing Landscape...NetCom Learning
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
CompTIA cysa+ certification changes: Everything you need to know
CompTIA cysa+ certification changes: Everything you need to knowCompTIA cysa+ certification changes: Everything you need to know
CompTIA cysa+ certification changes: Everything you need to knowInfosec
 
102 Information security standards and specifications
102 Information security standards and specifications102 Information security standards and specifications
102 Information security standards and specificationsSsendiSamuel
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan MMohan M
 

Similar to Fundamentals of Information Systems Security Chapter 14 (20)

Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...
Why It’s Critical to Apply the Risk Management Framework to Your IT Moderniza...
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
 
cryptography.pptx
cryptography.pptxcryptography.pptx
cryptography.pptx
 
Professional designations in it governance
Professional designations in it governanceProfessional designations in it governance
Professional designations in it governance
 
Professional Designations in IT Governance
Professional Designations in IT GovernanceProfessional Designations in IT Governance
Professional Designations in IT Governance
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
 
Security_360_Marketing_Package
Security_360_Marketing_PackageSecurity_360_Marketing_Package
Security_360_Marketing_Package
 
Topic11
Topic11Topic11
Topic11
 
20160426 AIIM16 CIP Preconference Briefing
20160426 AIIM16 CIP Preconference Briefing20160426 AIIM16 CIP Preconference Briefing
20160426 AIIM16 CIP Preconference Briefing
 
CompTIA PenTest+ BETA EXAM CODE PT1-001
CompTIA PenTest+ BETA EXAM CODE PT1-001CompTIA PenTest+ BETA EXAM CODE PT1-001
CompTIA PenTest+ BETA EXAM CODE PT1-001
 
File1
File1File1
File1
 
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCUnderstanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
 
Assocham conf grc sept 13
Assocham conf grc sept 13Assocham conf grc sept 13
Assocham conf grc sept 13
 
Dr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptxDr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptx
 
CompTIA PenTest+ Exam (PT0-001) Exam Review
CompTIA PenTest+ Exam (PT0-001) Exam ReviewCompTIA PenTest+ Exam (PT0-001) Exam Review
CompTIA PenTest+ Exam (PT0-001) Exam Review
 
Beyond Keystroke Logging and Trojans: How to Navigate the Changing Landscape...
Beyond Keystroke Logging and Trojans: How to Navigate the Changing Landscape... Beyond Keystroke Logging and Trojans: How to Navigate the Changing Landscape...
Beyond Keystroke Logging and Trojans: How to Navigate the Changing Landscape...
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
 
CompTIA cysa+ certification changes: Everything you need to know
CompTIA cysa+ certification changes: Everything you need to knowCompTIA cysa+ certification changes: Everything you need to know
CompTIA cysa+ certification changes: Everything you need to know
 
102 Information security standards and specifications
102 Information security standards and specifications102 Information security standards and specifications
102 Information security standards and specifications
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan M
 

More from Dr. Ahmed Al Zaidy

Chapter 14 Exploring Object-based Programming
Chapter 14 Exploring Object-based ProgrammingChapter 14 Exploring Object-based Programming
Chapter 14 Exploring Object-based ProgrammingDr. Ahmed Al Zaidy
 
Chapter 13 Programming for web forms
Chapter 13 Programming for web formsChapter 13 Programming for web forms
Chapter 13 Programming for web formsDr. Ahmed Al Zaidy
 
Chapter 12 Working with Document nodes and style sheets
Chapter 12 Working with Document nodes and style sheetsChapter 12 Working with Document nodes and style sheets
Chapter 12 Working with Document nodes and style sheetsDr. Ahmed Al Zaidy
 
Chapter 11 Working with Events and Styles
Chapter 11 Working with Events and StylesChapter 11 Working with Events and Styles
Chapter 11 Working with Events and StylesDr. Ahmed Al Zaidy
 
Chapter 10 Exploring arrays, loops, and conditional statements
Chapter 10 Exploring arrays, loops, and conditional statementsChapter 10 Exploring arrays, loops, and conditional statements
Chapter 10 Exploring arrays, loops, and conditional statementsDr. Ahmed Al Zaidy
 
Chapter 9 Getting Started with JavaScript
Chapter 9 Getting Started with JavaScriptChapter 9 Getting Started with JavaScript
Chapter 9 Getting Started with JavaScriptDr. Ahmed Al Zaidy
 
Chapter 8 Enhancing a website with multimedia
Chapter 8 Enhancing a website with multimediaChapter 8 Enhancing a website with multimedia
Chapter 8 Enhancing a website with multimediaDr. Ahmed Al Zaidy
 
Chapter 7 Designing a web form
Chapter 7 Designing a web formChapter 7 Designing a web form
Chapter 7 Designing a web formDr. Ahmed Al Zaidy
 
Chapter 6 Working with Tables and Columns
Chapter 6 Working with Tables and ColumnsChapter 6 Working with Tables and Columns
Chapter 6 Working with Tables and ColumnsDr. Ahmed Al Zaidy
 
Chapter 5 Designing for the mobile web
Chapter 5 Designing for the mobile webChapter 5 Designing for the mobile web
Chapter 5 Designing for the mobile webDr. Ahmed Al Zaidy
 
Chapter 4 Graphic Design with CSS
Chapter 4 Graphic Design with CSSChapter 4 Graphic Design with CSS
Chapter 4 Graphic Design with CSSDr. Ahmed Al Zaidy
 
Chapter 3 Designing a Page Layout
Chapter 3 Designing a Page LayoutChapter 3 Designing a Page Layout
Chapter 3 Designing a Page LayoutDr. Ahmed Al Zaidy
 
Chapter 2 Getting Started with CSS
Chapter 2 Getting Started with CSSChapter 2 Getting Started with CSS
Chapter 2 Getting Started with CSSDr. Ahmed Al Zaidy
 
Chapter 1 Getting Started with HTML5
Chapter 1 Getting Started with HTML5Chapter 1 Getting Started with HTML5
Chapter 1 Getting Started with HTML5Dr. Ahmed Al Zaidy
 
testing throughout-the-software-life-cycle-section-2
testing throughout-the-software-life-cycle-section-2testing throughout-the-software-life-cycle-section-2
testing throughout-the-software-life-cycle-section-2Dr. Ahmed Al Zaidy
 
Chapter 14 Business Continuity
Chapter 14 Business ContinuityChapter 14 Business Continuity
Chapter 14 Business ContinuityDr. Ahmed Al Zaidy
 
Chapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data SecurityChapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data SecurityDr. Ahmed Al Zaidy
 

More from Dr. Ahmed Al Zaidy (20)

Chapter 14 Exploring Object-based Programming
Chapter 14 Exploring Object-based ProgrammingChapter 14 Exploring Object-based Programming
Chapter 14 Exploring Object-based Programming
 
Chapter 13 Programming for web forms
Chapter 13 Programming for web formsChapter 13 Programming for web forms
Chapter 13 Programming for web forms
 
Chapter 12 Working with Document nodes and style sheets
Chapter 12 Working with Document nodes and style sheetsChapter 12 Working with Document nodes and style sheets
Chapter 12 Working with Document nodes and style sheets
 
Chapter 11 Working with Events and Styles
Chapter 11 Working with Events and StylesChapter 11 Working with Events and Styles
Chapter 11 Working with Events and Styles
 
Chapter 10 Exploring arrays, loops, and conditional statements
Chapter 10 Exploring arrays, loops, and conditional statementsChapter 10 Exploring arrays, loops, and conditional statements
Chapter 10 Exploring arrays, loops, and conditional statements
 
Chapter 9 Getting Started with JavaScript
Chapter 9 Getting Started with JavaScriptChapter 9 Getting Started with JavaScript
Chapter 9 Getting Started with JavaScript
 
Chapter 8 Enhancing a website with multimedia
Chapter 8 Enhancing a website with multimediaChapter 8 Enhancing a website with multimedia
Chapter 8 Enhancing a website with multimedia
 
Chapter 7 Designing a web form
Chapter 7 Designing a web formChapter 7 Designing a web form
Chapter 7 Designing a web form
 
Chapter 6 Working with Tables and Columns
Chapter 6 Working with Tables and ColumnsChapter 6 Working with Tables and Columns
Chapter 6 Working with Tables and Columns
 
Chapter 5 Designing for the mobile web
Chapter 5 Designing for the mobile webChapter 5 Designing for the mobile web
Chapter 5 Designing for the mobile web
 
Chapter 4 Graphic Design with CSS
Chapter 4 Graphic Design with CSSChapter 4 Graphic Design with CSS
Chapter 4 Graphic Design with CSS
 
Chapter 3 Designing a Page Layout
Chapter 3 Designing a Page LayoutChapter 3 Designing a Page Layout
Chapter 3 Designing a Page Layout
 
Chapter 2 Getting Started with CSS
Chapter 2 Getting Started with CSSChapter 2 Getting Started with CSS
Chapter 2 Getting Started with CSS
 
Chapter 1 Getting Started with HTML5
Chapter 1 Getting Started with HTML5Chapter 1 Getting Started with HTML5
Chapter 1 Getting Started with HTML5
 
Integer overflows
Integer overflowsInteger overflows
Integer overflows
 
testing throughout-the-software-life-cycle-section-2
testing throughout-the-software-life-cycle-section-2testing throughout-the-software-life-cycle-section-2
testing throughout-the-software-life-cycle-section-2
 
Fundamental of testing
Fundamental of testingFundamental of testing
Fundamental of testing
 
Chapter 15 Risk Mitigation
Chapter 15 Risk MitigationChapter 15 Risk Mitigation
Chapter 15 Risk Mitigation
 
Chapter 14 Business Continuity
Chapter 14 Business ContinuityChapter 14 Business Continuity
Chapter 14 Business Continuity
 
Chapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data SecurityChapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data Security
 

Recently uploaded

Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPoojaSen20
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 

Recently uploaded (20)

Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptx
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 

Fundamentals of Information Systems Security Chapter 14

  • 1. © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security Lesson 14 Information Security Professional Certifications
  • 2. Page 2Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 2Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Learning Objective(s)  Describe information systems security educational opportunities and professional certifications.
  • 3. Page 3Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 3Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Concepts  U.S. DoD/Military Directive 8570.01 and DoDD 8140.01  Popular vendor-neutral professional certifications  Popular vendor-specific professional certifications
  • 4. Page 4Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 4Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DoD Directive 8570.01 “Information Assurance Training, Certification and Workforce Management” Affects any DoD facility or contractor organization Ensures that all personnel who are directly involved with information security possess security certifications
  • 5. Page 5Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 5Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DoD Directive 8140  A new, operationally focused cybersecurity training framework  Will replace the 8570.01 directive  Developed by the Defense Information Systems Agency (DISA)
  • 6. Page 6Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 6Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DoD Directive 8140 (cont.)  Roles identified by the 8140 directive include: • Security provision • Operate and maintain • Protect and defend • Analyze • Operate and collect • Oversight and development • Investigate
  • 7. Page 7Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 7Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Joint Cyberspace Training and Certification Standards
  • 8. Page 8Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 8Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. U.S. DoD/NSA Training Standards Are actually training requirements for specific job responsibilities Developed by the CNSS and NSTISS committees Provide guidance for course and professional certification vendors to develop curriculum and materials that meet DoD/NSA requirements
  • 9. Page 9Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 9Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. U.S. DoD/NSA Training Standards Training Standard Description NSTISS- 4011 National Training Standard for Information Systems Security (InfoSec) Professionals CNSS-4012 National Information Assurance Training Standard for Senior System Managers CNSS-4013 National Information Assurance Training Standard for System Administrators (SA) CNSS-4014 Information Assurance Officer (IAO) Training NSTISSC-4015 National Training Standard for System Certifiers CNSS-4016 National Information Assurance Training Standard for Risk Analysts
  • 10. Page 10Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 10Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Vendor-Neutral Professional Certifications A certification is an official statement that validates the fact that a person has satisfied specific job requirements, including: • Possessing a certain level of experience • Completing a course of study • Passing an examination Certifications target specific areas of knowledge and expertise Vendor-neutral certifications cover concepts and topics that are general in nature
  • 11. Page 11Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 11Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Seven Main (ISC)2 Certifications SSCP CISSP CAP CSSLPCCFP HCISPP CCSP
  • 12. Page 12Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 12Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Seven Main (ISC)2 Certifications (cont.) SSCP • Covers the seven domains of best practices for information security CISSP • Demonstrates competence in the eight domains of the (ISC)2 CISSP Common Body of Knowledge (CBK) CAP • Provides a method to measure the knowledge and skills of professionals involved in authorizing and maintaining information systems
  • 13. Page 13Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 13Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Seven Main (ISC)2 Certifications (cont.) CSSLP • Evaluates professionals for the knowledge and skills necessary to develop and deploy secure applications CCFP • Tests and evaluates professionals for the knowledge and skills necessary to perform and conduct a digital forensics investigation
  • 14. Page 14Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 14Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Seven Main (ISC)2 Certifications (cont.) HCISPP • Tests and evaluates professionals for the knowledge and skills necessary to perform and conduct security and privacy work for health care organizations CCSP • Tests and evaluates professionals for the knowledge and skills necessary to secure and manage cloud computing environments
  • 15. Page 15Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 15Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Additional (ISC)2 Professional Certifications Architecture (CISSP-ISSAP) • Two years of professional experience in the area of architecture; appropriate for chief security architects and analysts Engineering (CISSP-ISSEP) • Road map for incorporating security into projects, applications, business processes, and all information systems Management (CISSP-ISSMP) • Two years enterprise-wide security operations and management; contains deeper managerial elements
  • 16. Page 16Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 16Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Global Information Assurance Certification (GIAC)/SANS Institute Offers approximately 30 individual credentials Spans several information security job disciplines: • Audit • Forensics • Legal • Management • Security administration • Software security
  • 17. Page 17Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 17Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. GIAC Credentials
  • 18. Page 18Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 18Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Certified Internet Webmaster (CIW) Credentials focus on both general and web- related security Credentials that satisfy CIW requirements include: • (ISC)2 SCCP or CISSP • Various GIAC credentials • CompTIA Security+ • Several vendor-specific credentials
  • 19. Page 19Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 19Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. CIW Credentials
  • 20. Page 20Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 20Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. CompTIA Security+ • Globally recognized • Entry-level information security certification of choice for IT professionals • Meets the ISO 17024 standard and is approved by the DoD 8570.01-M requirements • Is industry supported CompTIA Advanced Security Practitioner (CASP)
  • 21. Page 21Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 21Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. ISACA  Is a nonprofit global organization that promotes “the development, adoption, and use of globally accepted, industry leading knowledge and practices for information systems”  Provides security training at conferences and training events  Offers four certifications for IT security professionals: CISM, CISA, CGEIT, and CRISC
  • 22. Page 22Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 22Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. ISACA Certifications
  • 23. Page 23Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 23Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Other Information Systems Security Certifications • CEH, CHFI, EC-Council Certified Security Analyst, and more EC-Council • CERT—Certified Computer Security Incident Handler, SEI—Authorized CERT Instructor Software Engineering Institute (Carnegie Mellon University • Multiple security certificationsMile2 • Multiple wireless security certifications Certified Wireless Security Professional
  • 24. Page 24Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 24Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Other Information Systems Security Certifications (cont.) • Certified Computer Crime Investigator, Certified Computer Forensic Technician High Tech Crime Network • Certified Computer Examiner (CCE) International Society of Forensic Computer Examiners • CyberSecurity Forensic Analyst (CSFA) CyberSecurity Institute • Multiple certifications Offensive Security
  • 25. Page 25Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 25Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Vendor-Specific Professional Certifications Certifications offered by vendors of hardware and software products Holding a certification for a specific vendor implies competence If an applicant meets requirements for a certification, applicant has a certain level of knowledge and skills
  • 26. Page 26Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 26Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cisco Systems One of the largest manufacturers of network security devices and software Offers a range of certifications for its networking products Offers several different certification levels along different tracks that enable security professionals to focus efforts on specific knowledge and skills they need to get the most out of Cisco equipment
  • 27. Page 27Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 27Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cisco Systems (cont.) Levels Entry Associate Professional Expert Architect Paths Design Security Voice Wireless Routing and Switching Service Provider
  • 28. Page 28Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 28Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cisco Certifications
  • 29. Page 29Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 29Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Juniper Networks Manufactures a variety of network security hardware and software Offers a varied range of certifications for its networking product line Four levels from 11 different tracks Does not offer certifications at all levels for every track
  • 30. Page 30Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 30Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Juniper Networks Certification Levels and Tracks
  • 31. Page 31Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 31Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. RSA Global provider of security, risk, and compliance solutions for enterprise environments Provides specific training and certifications to help security professionals use RSA products effectively Offers certifications for RSA Archer and RSA SecurID
  • 32. Page 32Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 32Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Symantec Provides a wide range of security software products Offers certifications for its product lines, including: • Administration of Symantec NetBackup for UNIX • Administration of Symantec Enterprise Vault for Exchange • Administration of Symantec Endpoint Protection • Administration of Symantec NetBackup for Windows
  • 33. Page 33Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 33Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Check Point Global manufacturer of network and security devices and software Provides training and certification paths for security professionals to encourage highest level of knowledge and skills in the use of Check Point products Requires that applicants pass an exam that involves 80 percent study materials and 20 percent hands-on experience
  • 34. Page 34Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 34Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Check Point Certifications
  • 35. Page 35Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 35Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Summary U.S. DoD/Military Directive 8570.01 and DoDD 8140.01 Popular vendor-neutral professional certifications Popular vendor-specific professional certifications