Questions and Answers on Professional Certifications in Security
1. Identify 3 vendor centric professional certifications in security.
a. Checkpoint
b. Cisco
c. IBM
d. Microsoft
e. RSA
f. Symantec
2. Within the DoD 8570.01M directive, which professional certifications map to the 8570.01M directive?
Technical Level
Level I
Level II
Level III
A+
Security+
CISSP
Network+
SSCP
CISA
SSCP
Other: GSEC, SCNP
Other: GSE, SCNA
Management Level
Level I
Level II
Level III
CAP
CAP
CISSP
Security+
CISSP,CISM
CISM
Other: GISF, GSLC
Other: GSLC
Other:GSLC
Computer Network Defense (CND) Certifications
Analyst
Infrastructure Support
Incident Responder
Auditor
SP-Manager
CEH
CEH
CEH
CEH
CISSP-ISSMP
Other: GCIA
SSCP
CISM
Information Assurance System Architecture and Engineering (IASAE) Certifications
Level I
Level II
Level III
CISSP
CISSP
CISSP-ISSAP
CISSP-ISSEP
3. From a career perspective, which professional certifications make sense for someone wishing to perform intrusive, penetration tests?
a. Profession certification to perform intrusive penetration tests would be the GIAC Penetration Tester (GPEN), GIAC Certified Intrusion Analyst (GCIA), Certified Ethical Hacker (CEH), and Licensed Penetration Tester (LPT).
4. What is the primary difference between the (ISC) SSCP and CISSP professional certifications from an information systems security career path perspective?
a. SSCP certification is for an entry-level systems security analyst. The SSCP is open to all candidates with as little as one year experience, making it an ideal starting point for a new career in InfoSec or to add that layer of security you need in your current IT career. If you are SSCP certified, you have the ability to perform hands-on security countermeasures and implementation of security countermeasures.
b. CISSP certification is for someone who many years of experience in the InfoSec industry. Typically someone who is CISSP certified will manage a team of SSCP’s. CISSP’s are responsible for the InfoSec throughout the entire organization. They see to it that all
a. Checkpoint
b. Cisco
c. IBM
d. Microsoft
e. RSA
f. Symantec
2. Within the DoD 8570.01M directive, which professional certifications map to the 8570.01M directive?
Technical Level
Level I
Level II
Level III
A+
Security+
CISSP
Network+
SSCP
CISA
SSCP
Other: GSEC, SCNP
Other: GSE, SCNA
Management Level
Level I
Level II
Level III
CAP
CAP
CISSP
Security+
CISSP,CISM
CISM
Other: GISF, GSLC
Other: GSLC
Other:GSLC
Computer Network Defense (CND) Certifications
Analyst
Infrastructure Support
Incident Responder
Auditor
SP-Manager
CEH
CEH
CEH
CEH
CISSP-ISSMP
Other: GCIA
SSCP
CISM
Information Assurance System Architecture and Engineering (IASAE) Certifications
Level I
Level II
Level III
CISSP
CISSP
CISSP-ISSAP
CISSP-ISSEP
3. From a career perspective, which professional certifications make sense for someone wishing to perform intrusive, penetration tests?
a. Profession certification to perform intrusive penetration tests would be the GIAC Penetration Tester (GPEN), GIAC Certified Intrusion Analyst (GCIA), Certified Ethical Hacker (CEH), and Licensed Penetration Tester (LPT).
4. What is the primary difference between the (ISC) SSCP and CISSP professional certifications from an information systems security career path perspective?
a. SSCP certification is for an entry-level systems security analyst. The SSCP is open to all candidates with as little as one year experience, making it an ideal starting point for a new career in InfoSec or to add that layer of security you need in your current IT career. If you are SSCP certified, you have the ability to perform hands-on security countermeasures and implementation of security countermeasures.
b. CISSP certification is for someone who many years of experience in the InfoSec industry. Typically someone who is CISSP certified will manage a team of SSCP’s. CISSP’s are responsible for the InfoSec throughout the entire organization. They see to it that all