CISSP - Certified Information Systems Security Professional

1 - I can do better 2 - Jury's out 3 - Pretty darn good 4 - Splendiferous 5 - Awesometastic by 1 person | Log in to rate

Ranked #1,331 in Tech & Geek, #34,395 overall

The CISSP is a certification run by the International Information Systems Security Certification Consortium or (ISC)² for short.

The puropose of the certification is to show that individuals have demonstrated competence and industry knowledge.

Passing the exam is not enough to be able awarded the CISSP certification. Individuals must also have a minimum of 5 years experience in 2 of the 10 areas defined in the CBK.

Once the exam has been passed you must have you application endorsed by someone holding a certification from (ISC)² supporting your claim to have the required experience.

Once the CISSP certification has been attained it is valid for 3 years. There are two ways to renew the certification:
  • Earn the minimum number of Continuing Professional Education (CPE) credits required within each three year certification cycle period

  • Retake and pass the Certification examination every three years.

    There is also the annual maintenance fee and you must continue to abide by the (ISC)² Code of Ethics.
  • Common Body of Knowledge 

    These are the 10 areas covered by the CISSP

    These are the 10 areas covered by the CISSP.
    You must have at least 5 years experience in 2 of these areas in order to receive the certification.

  • Access Control
  • Concepts, terms of subjects and objects, implementation of authentication techniques
  • Application Security
  • Security and controls of the systems development process, life cycle, application controls, change controls, data warehousing, data mining, knowledgebased systems, program interfaces, and concepts used to ensure data and application integrity, security, and availability
  • Business Continuity and Disaster Recovery Planning
  • Preservation of the business in the face of major disruptions to normal business operations
  • Cryptography
  • Business and security requirements for cryptography, principles of certificates and key management, secure protocols
  • Information Security and Risk Management
  • Identification of an organization's information assets and the development, documentation, and implementation of policies, standards, procedures and guidelines that ensure confidentiality, integrity, and availability
  • Legal, Regulations, Compliance and Investigations
  • Computer crime laws and regulations, the investigative measures and techniques which can be used to determine if a crime has been committed, methods to gather evidence if it has, as well as the ethical issues and code of conduct for the security professional
  • Operations Security
  • Identify the controls over hardware, media, and the operators with access privileges to any of these resources
  • Physical (Environmental) Security
  • Threats, vulnerabilities, and countermeasures that can be utilized to physically protect an enterprise's resources and sensitive information
  • Security Architecture and Design
  • Concepts, principles, structures, and standards used to design, implement, monitor, and secure, operating systems, equipment, networks, applications, and those controls used to enforce various levels of confidentiality, integrity, and availability
  • Telecommunications and Network Security
  • Structures, transmission methods, transport formats, and security measures used to provide integrity, availability, authentication, and confidentiality for transmissions over private and public communications networks and media

    CISSP books available at Amazon 

    Vote for the one you found best or add another.
    The Shon Harris books are very popular as is the Official (ISC)2 Guide.

    CISSP Certification All-in-One Exam Guide, 4th Ed. (All-in-One) by Shon Harris

    CISSP Certification All-in-One Exam Guide, 4th Ed. (All-in-One) by Shon Harris

    <p><strong>All-in-One is All You Need& more...1 point

    Official (ISC)2 Guide to the CISSP CBK ((Isc)2 Press Series)

    Official (ISC)2 Guide to the CISSP CBK ((Isc)2 Press Series)

    This officially sanctioned resource is the best an more...0 points

    CISSP For Dummies (For Dummies (Computer/Tech)) by Lawrence H. Miller, Peter H. Gregory

    CISSP For Dummies (For Dummies (Computer/Tech)) by Lawrence H. Miller, Peter H. Gregory

    The fun and easy way(r) to pass the CISSP exam and more...0 points

    The CISSP and CAP Prep Guide: Platinum Edition by Ronald L. Krutz, Russell Dean Vines

    The CISSP and CAP Prep Guide: Platinum Edition by Ronald L. Krutz, Russell Dean Vines

    This follow-on edition to <i>The CISSP Prep more...0 points

    CISSP ® : Certified Information Systems Security Professional Study Guide, Third Edition by James Michael Stewart, Ed Tittel, Mike Chapple

    CISSP ® : Certified Information Systems Security Professional Study Guide, Third Edition by James Michael Stewart, Ed Tittel, Mike Chapple

    <b><i>CISSP Certified Information Syst more...0 points

    CISSP news 

    the next threat
    This also means we will be seeing an expanding job market for federal and commercial CISSP (Certified Information System Security Professional). ...
    CISSP Online Training Offered by ISC2
    The seminar offers a high-level review of the 10 CISSP CBK® domains and is delivered in two separate, two-hour sessions per week over the course of 10 weeks ...
    DoD to Prospective Employees: Certification Required
    Specific certifications are Security+, CISSP, GIAC, CISM defined for each level. The certification vendors approved by the DoD currently include Sans ...
    (ISC)2(R) Announces Honorees for The Third Annual Asia-Pacific ...
    HyunCheol Jeong , CISSP, Director, Security Technology Department, Korea Information Security Agency (Korea) 2. Aswami Fadillah Mohd Ariffin, MM, CWSP, ...

    CISSP video on YouTube 

    GSEC and CISSP Course Descriptions by Sans Instructor and President of Secure Anchor, Dr. Eric Cole

    Runtime: 2:25 | 2861 views | 0 Comments

     

    powered by YouTube

    CISSP Mind Maps 

    Mindcert.com have a series of mind maps covering the knowledge domains you will cover in your CISSP training.

    To go to the mind maps click here.

    See the section below for an explanation of what a mind map is.

    What is a Mind Map? 

    A mind map is a diagram used to represent words, ideas, tasks, or other items linked to and arranged around a central key word or idea. Mind maps are used to generate, visualize, structure, and classify ideas, and as an aid in study, organization, problem solving, decision making, and writing.

    The elements of a given mind map are arranged intuitively according to the importance of the concepts, and are classified into groupings, branches, or areas, with the goal of representing semantic or other connections between portions of information. Mind maps may also aid recall of existing memories.

    By presenting ideas in a radial, graphical, non-linear manner, mind maps encourage a brainstorming approach to planning and organizational tasks. Though the branches of a mindmap represent hierarchical tree structures, their radial arrangement disrupts the prioritizing of concepts typically associated with hierarchies presented with more linear visual cues. This orientation towards brainstorming encourages users to enumerate and connect concepts without a tendency to begin within a particular conceptual framework.

    The mind map can be contrasted with the similar idea of concept mapping. The former is based on radial hierarchies and tree structures denoting relationships with a central governing concept, whereas concept maps are based on connections between concepts in more diverse patterns.

    Links 

    (ISC)²
    Link to the (ISC)² official website.
    (ISC)² CISSP Boot Camp Certification
    Join Firebrand Training (UK) for a 7 day residential course covering the 10 areas of knowledge and take the exam at the end.

    Exam preparation 

    A very good site for practising exam questions is CCCure.org.
    When you take the CISSP exam you are not allowed to discuss the questions but on this site you will find questions of the "type" you may be given in the exam.

    CISSP Job Opportunities 

    Already have your CISSP qualification?
    See how many employers are asking for this qualification.

    Information Assurance-CISSP
    General Dynamics - IT - Honolulu, HI
    technical field plus minimum 5 years directly related IT security experience. CISSP or other industry recognized certification required. In-depth knowledge of... ...
    PCI Analyst/Compliance Security/CISSP
    - Atlanta, GA
    for this role must have expertise in PCI and be a CISSP. This role requires someone who has experience... Security Professional (CISSP) A working knowledge of... ...
    Security Engineer MUST Have CISSP
    Axis Technologies - Dallas, TX
    Candidates MUST have CISSP certification. Must reside... of experience that combines IT operations and security CISSP required Experience conducting enterprise... ...
    See more results

    Powered by Indeed

    Guestbook - Please leave a comment 

    Thanks for your visit.

    Please remember to give a rating (top of the page) and leave some comments below.

    Free squidoo account required

    Have you passed the CISSP exam?

    Share your tips here.