Question

What are some of the industry standard certifications that exists. Which ones are the most sought...

What are some of the industry standard certifications that exists. Which ones are the most sought after in the IT security field?

post should be in 350 words

0 0
Add a comment Improve this question Transcribed image text
Answer #1

There are mainly five in the industry-standard certifications.

  1. CEH: Certified Ethical Hacker:

The Certified Ethical Hacker (CEH) is an intermediate-level credential offered by the International Council of E-Commerce Consultants (EC-Council). It's a must-have for IT professionals pursuing careers in ethical hacking. CEH credential holders possess skills and knowledge on hacking practices in areas such as footprinting and reconnaissance, scanning networks, enumeration, system hacking, Trojans, worms and viruses, sniffers, denial-of-service attacks, social engineering, session hijacking, hacking web servers, wireless networks and web applications, SQL injection, cryptography, penetration testing, evading IDS, firewalls, and honeypots. To obtain a CEH certification, candidates must pass one exam. A comprehensive five-day CEH training course is recommended, with the exam presented at course conclusion.

  1. CISM: Certified Information Security Manager:

The Certified Information Security Manager (CISM) is a top credential for IT professionals responsible for managing, developing and overseeing information security systems in enterprise-level applications, or for developing best organizational security practices. The CISM credential was introduced to security professionals in 2003 by the Information Systems Audit and Control Association (ISACA).

     ISACA's organizational goals are specifically geared toward IT professionals interested in the highest quality standards with respect to audit, control and security of information systems. The CISM credential targets the needs of IT security professionals with enterprise-level security management responsibilities. Credential holders possess advanced and proven skills in security risk management, program development and management, governance, and incident management and response.

    Holders of the CISM credential, which is designed for experienced security professionals, must agree to ISACA's Code of Professional Ethics, pass a comprehensive examination, possess at least five years of security experience, comply with the organization's continuing education policy and submit a written application. Some combinations of education and experience may be substituted for the experience requirement.

  1. CompTIA Security+:

CompTIA's Security+ is a well-respected, vendor-neutral security certification. Security+ credential holders are recognized as possessing superior technical skills, broad knowledge and expertise in multiple security-related disciplines.

While Security+ is an entry-level certification, successful candidates should possess at least two years of experience working in network security and should consider first obtaining the Network+ certification. IT pros who obtain this certification possess expertise in areas such as threat management, cryptography, identity management, security systems, security risk identification and mitigation, network access control, and security infrastructure. The CompTIA Security+ credential is also approved by the U.S. Department of Defense to meet Directive 8140/8570.01-M requirements. In addition, the Security+ credential complies with the standards for ISO 17024.

4. CISSP: Certified Information Systems Security Professional:

The Certified Information Systems Security Professional (CISSP) is an advanced-level certification for IT pros serious about careers in information security. Offered by the International Information Systems Security Certification Consortium, known as (ISC)2 (pronounced "ISC squared"), this vendor-neutral credential is recognized worldwide for its standards of excellence.

CISSP credential holders are decision-makers who possess expert knowledge and technical skills necessary to develop, guide and then manage security standards, policies and procedures within their organizations. The CISSP continues to be highly sought after by IT professionals and is well recognized by IT organizations. It is a regular fixture on most-wanted and must-have security certification surveys.

CISSP is designed for experienced security professionals. A minimum of five years of experience in at least two of (ISC)2's eight Common Body of Knowledge (CBK) domains, or four years of experience in at least two of (ISC)2's CBK domains and a college degree or an approved credential, is required for this certification.

  1. GSEC: SANS GIAC Security Essentials:

Another fine entry-level credential is the GIAC Security Essentials (GSEC), designed for professionals seeking to demonstrate that they not only understand information security terminology and concepts but also possess skills and technical expertise necessary to occupy "hands-on" security roles.

GSEC holders have the knowledge and technical skills in areas, such as identifying and preventing common and wireless attacks, access controls, authentication, password management, DNS, cryptography fundamentals, ICMP, IPv6, public key infrastructure, Linux, network mapping and network protocols.

The Most Sought After Information Security Field:

Vulnerability Analysis

The ability to identify vulnerabilities within an enterprise system, as well as to propose and implement effective remediations and responses to those vulnerabilities.

Malware Analysis

Knowledge of how the malware operates and infects systems, as well as how to recover from a malware infestation.

Risk Assessment Analysis

The ability to identify risks, and determine appropriate mediations for those risks.

Attack Vector Knowledge

An understanding of current attack vectors - from both the standpoint of what's happening today, and on an ongoing basis - and anticipate what may surface in the future.

Enterprise Security Skills

The ability to plan and implement information security strategies to protect the enterprise, its critical information, and its assets.

Strategic and Tactical Information Security Skills

The ability to bridge the gap between policy-driven information assurance and technical implementation in order to increase operator and administrator effectiveness and organizational agility.

Contextual and Systematic Security Analysis

The ability to go beyond the individual component and area perspective to develop a more holistic and contextual view of information security that incorporates networks, systems, and human-oriented processes.

Add a comment
Know the answer?
Add Answer to:
What are some of the industry standard certifications that exists. Which ones are the most sought...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions
ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT