Certification and Training: CSE 4471: Information Security Instructor: Adam C. Champion Autumn Semester 2013

This document discusses information security personnel roles, professional certifications, and training opportunities. It describes typical positions like the chief security officer and security manager, and shows the information security organization chart at Ohio State University. The document also outlines several professional certification programs from organizations like ISACA, (ISC)2, and IISFA, detailing the exam domains and requirements for certifications like the CISSP, CISA, and CISM. It recommends certifications for different academic backgrounds and provides resources for additional training.

Uploaded by

Zulkifl Hasan

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

82 views

Certification and Training: CSE 4471: Information Security Instructor: Adam C. Champion Autumn Semester 2013

Uploaded by

Zulkifl Hasan

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 18

Certification and Training

CSE 4471: Information Security

Instructor: Adam C. Champion
Autumn Semester 2013

Based on slides by a former student (CSE 551)

Outline
•  Organizational information security personnel
–  In general
–  At OSU
•  Professional information security certification
Information Security Personnel
Org Chart

Figure 11.2. Positions in Information Security (redrawn)

Information Security Personnel (2)
•  Chief security officer (CSO): Head of security, reports to CIO
and execs
–  Manages org’s infosec program and policies
–  Works on strategic, tactical, operational plans
–  Handles security budgeting, personnel
–  Usually needs college degree and CISSP
•  Security manager: handles org’s infosec program on a daily basis
–  Develops/implements policies under CSO’s guidance
–  Monitors progress of organization’s infosec program
–  Handles incident response, disaster recovery, risk assessment
–  Usually needs college degree, CISSP
•  Security technician: deploys/manages firewalls, IDSs, etc. under security
manager’s guidance
OSU Information Security Personnel
Org Chart

•  Varies from the previous, general org chart

–  OSU CIO Office has 9 divisions: customer experience, learning
tech, etc.
–  Only the division encompassing infosec at OSU is shown
Source: https://orgchart.osu.edu/organization/ocio
Professional Certifications
•  Information System Audit and Control Association (ISACA)
–  Certified Information Systems Auditor (CISA)
–  Certified Information Security Manager (CISM)
•  Int’l. Information Systems Security Certification Consortium
(ISC)²
–  Certified Information System Security Professional (CISSP)
–  System Security Certified Practitioner (SSCP)
•  Int’l. Information System Forensics Association (IISFA)
–  Certified Information Forensics Investigator (CIFI)
•  Many require candidates have professional security experience/
college degree, no criminal record
Other Certifying Organizations
•  System Administration, Networking, and Security Institute
(SANS)
•  Global Information Assurance Certification (GIAC)
•  Information System Security Association (ISSA)
•  American National Standards Institute (ANSI)
•  Computer Professional for Social Responsibility (CPSR)
•  Companies: Microsoft, Cisco, etc. (vendor-specific)
•  Int’l. Society of Forensic Computer Examiners (ISFCE)
•  CompTIA: A+ certs (vendor-neutral)
CISSP Concentrations
•  Information System Security Architecture
Professional (ISSAP): Concentration in Architecture
•  Information System Security Engineering
Professional (ISSEP): Concentration in Engineering
•  Information System Security Architecture
Professional (ISSMP): Concentration in
Management
CISA Exam Content Areas
•  CISA Exam (Six Domains)
–  IS Audit Process (10%)
–  IT Governance (15%)
–  Systems and Infrastructure Life Cycle (16%)
–  IT Service Delivery and Support (14%)
–  Protection of Information Assets (31%)
–  Business Continuity and Disaster Recovery (14%)
CISM Exam Content Area
•  CISM Exam (Five Domains)
–  Information Security Governance (21%)
–  Risk Management (21%)
–  Information Security Program Management (21%)
–  Information Security Management (24%)
–  Response Management (13%)
CISSP Exam Content Area (1)
•  CISSP Exam (10 Domains)
–  Access Control Systems and Methodology
–  Applications and Systems Development Security
–  Business Continuity Planning (BCP),
Disaster Recovery Planning (DRP)
–  Cryptography
–  Law, Investigation and Ethics
–  Operations Security
–  Physical Security
–  Security Architecture and Models
–  Security Management Practices
–  Telecommunications and Network Security
SSCP Exam Content Area
•  SSCP Exam (7 Domains)
–  Access Control
–  Administration
–  Audit and Monitoring
–  Cryptography
–  Data Communications
–  Malicious Code/Malware
–  Risk, Response and Recovery
CIFI Exam Content Area
•  CIFI Exam (6 Domains)
–  Auditing
–  Incident Response
–  Law and Investigation
–  Tools and Techniques
–  Traceback
–  Countermeasures
Figure 11-3
Training, Seminars and Conferences
•  http://www.issa.org/
•  http://www.isaca.org/
•  https://www.isc2.org
•  http://www.ansi.org/
•  http://www.sans.org/
•  http://www.giac.org/
•  http://www.infoforensics.org
Professional Publications
•  ISACA
–  Information Systems Control Journal
•  (ISC)2
–  The (ISC)2 Journal (Information Systems Security)
•  ISSA
–  The ISSA Journal
Chapters and Membership
•  Chapters: local and worldwide
•  Membership
–  ISACA is a leading information technology
organization representing more than 50,000
individual members in more than 140 countries.
–  ISSA has over 13,000 members worldwide
Summary
•  Infosec personnel generally include CSO, security
manager, and technicians
•  Real-world org charts may vary
•  Professional organizations offer infosec certs
•  Recommendations:
–  CIS/CSE Majors:
•  CISSP (most prestigious)
•  SSCP
–  MIS (College of Business)
•  CISA
•  CISM

CISSP SelfPaced MasterClass
0% (2)
CISSP SelfPaced MasterClass
20 pages
CISSP Exam Outline April 2024 English
No ratings yet
CISSP Exam Outline April 2024 English
15 pages
Cissp Course Content
No ratings yet
Cissp Course Content
30 pages
API Pentesting
No ratings yet
API Pentesting
27 pages
Computer Security
100% (1)
Computer Security
519 pages
9803 Cissp Slides
86% (7)
9803 Cissp Slides
545 pages
CISSP Domain 1
No ratings yet
CISSP Domain 1
142 pages
CISA Brochure
No ratings yet
CISA Brochure
2 pages
Akun SSH Gratis
No ratings yet
Akun SSH Gratis
33 pages
CISSP Presentati
100% (1)
CISSP Presentati
545 pages
Certification: Exam Outline
No ratings yet
Certification: Exam Outline
15 pages
Information Security 13 - Security and Personnel
No ratings yet
Information Security 13 - Security and Personnel
17 pages
Cissp Course
100% (1)
Cissp Course
30 pages
Future of Certified Information Systems Security Professionals
No ratings yet
Future of Certified Information Systems Security Professionals
27 pages
Dase - 201 - Lecture Slides - WK10 - V7.0
No ratings yet
Dase - 201 - Lecture Slides - WK10 - V7.0
41 pages
CISSP Exam Outline PDF
No ratings yet
CISSP Exam Outline PDF
15 pages
Carriers in Cyber Security
No ratings yet
Carriers in Cyber Security
45 pages
CISSP Exam Outline English April 2021 PDF
No ratings yet
CISSP Exam Outline English April 2021 PDF
16 pages
CISSP Exam Outline April 2024 English
No ratings yet
CISSP Exam Outline April 2024 English
15 pages
Certification Roadmap Brochure
No ratings yet
Certification Roadmap Brochure
18 pages
Conversational Guide To CISSP Certification
No ratings yet
Conversational Guide To CISSP Certification
24 pages
Cissp
No ratings yet
Cissp
16 pages
Isaca Cisacism Dod Presentation 5-1-09
No ratings yet
Isaca Cisacism Dod Presentation 5-1-09
30 pages
Lecture1-2_IPS
No ratings yet
Lecture1-2_IPS
32 pages
Infosec Certifications: The Very Good, The Almost Good and The Really Ugly
No ratings yet
Infosec Certifications: The Very Good, The Almost Good and The Really Ugly
24 pages
Cissp Information PDF
No ratings yet
Cissp Information PDF
4 pages
CISSP
No ratings yet
CISSP
713 pages
CISSP Exam Outline-V1115
No ratings yet
CISSP Exam Outline-V1115
16 pages
CISSP For Dummies: Chapter 1-3 Certification Basics
No ratings yet
CISSP For Dummies: Chapter 1-3 Certification Basics
38 pages
Information Sheet - Certification Programs in The Information Security Field
No ratings yet
Information Sheet - Certification Programs in The Information Security Field
9 pages
Bsi Cissp Training Course Flyer June 21
No ratings yet
Bsi Cissp Training Course Flyer June 21
2 pages
(ISC) Career Guide: Decoding The Information Security Profession
No ratings yet
(ISC) Career Guide: Decoding The Information Security Profession
40 pages
How I Passed The CISSP Test: Lessons Learned in Certification
No ratings yet
How I Passed The CISSP Test: Lessons Learned in Certification
713 pages
CISSPNOTE
No ratings yet
CISSPNOTE
13 pages
Abstract:: Professional (CISSP) Certification
No ratings yet
Abstract:: Professional (CISSP) Certification
5 pages
Default
No ratings yet
Default
4 pages
Lab1-5 - Becoming A Defender - ILM
No ratings yet
Lab1-5 - Becoming A Defender - ILM
4 pages
Security Certification Resource Guide: IT Influencer Series
No ratings yet
Security Certification Resource Guide: IT Influencer Series
30 pages
CISA-Certification-Overview Bro Eng 1018
No ratings yet
CISA-Certification-Overview Bro Eng 1018
4 pages
Cissp Demo
No ratings yet
Cissp Demo
18 pages
CISA-Certification-Overview Bro Eng 0519
No ratings yet
CISA-Certification-Overview Bro Eng 0519
4 pages
Developing-skills-in-cyber-while-in-the-role---final-a11_1022650
No ratings yet
Developing-skills-in-cyber-while-in-the-role---final-a11_1022650
29 pages
SANS Trainning Program For CISSP
No ratings yet
SANS Trainning Program For CISSP
2 pages
Sam Security Certifications
No ratings yet
Sam Security Certifications
12 pages
DoD Directive 8570.1
100% (1)
DoD Directive 8570.1
4 pages
CISSP A Comprehensive Beginner's Guide To Learn and Understand The Realms of CISSP From A-Z
0% (1)
CISSP A Comprehensive Beginner's Guide To Learn and Understand The Realms of CISSP From A-Z
164 pages
CISSP ISSMP Certification Prep Course
No ratings yet
CISSP ISSMP Certification Prep Course
2 pages
CISSP For Professionals
No ratings yet
CISSP For Professionals
2 pages
PR500-CISSP Exam Preparation
No ratings yet
PR500-CISSP Exam Preparation
2 pages
An Introduction To The CISSP & SSCP Certifications: Wilfred L. Camilleri, CISSP
No ratings yet
An Introduction To The CISSP & SSCP Certifications: Wilfred L. Camilleri, CISSP
49 pages
Domain 1
No ratings yet
Domain 1
94 pages
Information Security Training and Certification 1.02
No ratings yet
Information Security Training and Certification 1.02
8 pages
Lecture 1 - Basic Concepts in Information Security
No ratings yet
Lecture 1 - Basic Concepts in Information Security
40 pages
Security Certifications
No ratings yet
Security Certifications
3 pages
CCISO Course Ouline
No ratings yet
CCISO Course Ouline
5 pages
UltimateGuideCISSP Web
No ratings yet
UltimateGuideCISSP Web
8 pages
New CISSP Certification 2015
No ratings yet
New CISSP Certification 2015
29 pages
2058-courseoutline
No ratings yet
2058-courseoutline
5 pages
(Exam Outline) : Effective Date 1 January 2012
No ratings yet
(Exam Outline) : Effective Date 1 January 2012
43 pages
Isaca Cisa Cism
100% (1)
Isaca Cisa Cism
49 pages
CISSP Primer Bangalore Dec 19
No ratings yet
CISSP Primer Bangalore Dec 19
8 pages
Certified Information Systems Security Professional (CISSP)
No ratings yet
Certified Information Systems Security Professional (CISSP)
28 pages
(ISC)2 Certified Information Systems Security Professional CISSP Realistic Practice Test
From Everand
(ISC)2 Certified Information Systems Security Professional CISSP Realistic Practice Test
CertSquad Professional Trainers
No ratings yet
Week 9 Lecture 16 Information Security
No ratings yet
Week 9 Lecture 16 Information Security
36 pages
Chapter 7 Marketing Automation (With Poll)
No ratings yet
Chapter 7 Marketing Automation (With Poll)
65 pages
Week 1 Lecture 1 Information Security
No ratings yet
Week 1 Lecture 1 Information Security
28 pages
Week 9 Lecture 15 Information Security
No ratings yet
Week 9 Lecture 15 Information Security
35 pages
4471 Active Worm Handout
No ratings yet
4471 Active Worm Handout
21 pages
Physical Security: CSE 4471: Information Security Instructor: Adam C. Champion
No ratings yet
Physical Security: CSE 4471: Information Security Instructor: Adam C. Champion
43 pages
Mobile Device Security: Adam C. Champion and Dong Xuan CSE 4471: Information Security
No ratings yet
Mobile Device Security: Adam C. Champion and Dong Xuan CSE 4471: Information Security
32 pages
CSE 4471: Computer Networking Review!: - Network Layers! - Tcp/Udp! - IP!
No ratings yet
CSE 4471: Computer Networking Review!: - Network Layers! - Tcp/Udp! - IP!
15 pages
Cryptography: Modifications by Prof. Dong Xuan and Adam C. Champion
No ratings yet
Cryptography: Modifications by Prof. Dong Xuan and Adam C. Champion
22 pages
Law & Ethics, Policies & Guidelines, and Security Awareness: Modifications by Prof. Dong Xuan and Adam C. Champion
No ratings yet
Law & Ethics, Policies & Guidelines, and Security Awareness: Modifications by Prof. Dong Xuan and Adam C. Champion
32 pages
Car Vehicle REg
No ratings yet
Car Vehicle REg
2 pages
Week 2 Lec 4 Inform Systems Manual Vs Computerized Information Systems
No ratings yet
Week 2 Lec 4 Inform Systems Manual Vs Computerized Information Systems
33 pages
29 Private Universities Eligible For Public Funding
No ratings yet
29 Private Universities Eligible For Public Funding
1 page
Naukri NarahariJayavardhan (6y 0m)
No ratings yet
Naukri NarahariJayavardhan (6y 0m)
2 pages
Data Security PPT - Version 1
No ratings yet
Data Security PPT - Version 1
22 pages
AV Asset Vulnerabilities Bancb3ms2 20240222
No ratings yet
AV Asset Vulnerabilities Bancb3ms2 20240222
2 pages
H2H Connectivity Guide V7.3
No ratings yet
H2H Connectivity Guide V7.3
78 pages
Cyber Security Training
No ratings yet
Cyber Security Training
13 pages
A Zero Trust Approach To Network Security
No ratings yet
A Zero Trust Approach To Network Security
12 pages
RF Id Disadvantages
No ratings yet
RF Id Disadvantages
8 pages
Appointment-letter Aadhar 1.
No ratings yet
Appointment-letter Aadhar 1.
1 page
CEE_CAVA_support_matrix
No ratings yet
CEE_CAVA_support_matrix
4 pages
Silme SA Malwarebytes Case Study
No ratings yet
Silme SA Malwarebytes Case Study
2 pages
ccs question bank
No ratings yet
ccs question bank
34 pages
BR Enterprise Security MGMT
No ratings yet
BR Enterprise Security MGMT
4 pages
Cse 403p Network Security and Cryptography
0% (1)
Cse 403p Network Security and Cryptography
3 pages
Ethical Hacking Introduction
No ratings yet
Ethical Hacking Introduction
31 pages
ICDL IT Security Chapter 1
No ratings yet
ICDL IT Security Chapter 1
18 pages
Baseline Information Security and Privacy Requirements For Suppliers - 19032018
No ratings yet
Baseline Information Security and Privacy Requirements For Suppliers - 19032018
15 pages
Follower
No ratings yet
Follower
55 pages
InfoSec World 2016 RFIDiggity Brown 05apr2016
50% (2)
InfoSec World 2016 RFIDiggity Brown 05apr2016
92 pages
Fathima Technical Report
No ratings yet
Fathima Technical Report
35 pages
Lesson 2.1: Online Safety, Security and Netiquette
No ratings yet
Lesson 2.1: Online Safety, Security and Netiquette
6 pages
SIMOS.3003.IKEv2.FlexVPN.SVTI.with.PSK.v001
No ratings yet
SIMOS.3003.IKEv2.FlexVPN.SVTI.with.PSK.v001
11 pages
Class 7 Computer Science CHAPTER 3 (Computer Viruses)
100% (2)
Class 7 Computer Science CHAPTER 3 (Computer Viruses)
2 pages
What Is Hacking
No ratings yet
What Is Hacking
4 pages
08 - Module 8
No ratings yet
08 - Module 8
87 pages
Playfair Cipher
100% (2)
Playfair Cipher
4 pages
1.1 The Evolution of Web Applications
No ratings yet
1.1 The Evolution of Web Applications
9 pages
EAadhaar 2710032212197520210907060758 07012024142135
No ratings yet
EAadhaar 2710032212197520210907060758 07012024142135
1 page