"certificate" of safety practitioners

Posted by barello at 2020-03-15

No matter what field there will be certificates, and our information security also has many certificates.

What's the use of certificates?

The certificate represents a kind of ability, so does the security field. Of course, not everyone in the security field has a certificate, but whether there is a certificate or not will play an absolutely important role in the future career development.

Today, I'd like to introduce to you the certificates of safety certification, so that those who want to take the test can know your "certificate" is that one. (the following certificates do not include ranking and ability)

CISP (registered information security officer)

CISP state's highest recognition of the qualification of information security personnel. Certified Information Security Professional (CISP) CISP is certified by China Information Security Evaluation Center.

Certified Information Security Professional 中国信息安全测评中心

CISP is compulsory. If you want to take CISP exam, you must provide training qualification certificate of authorized training institution.

CISP is divided into:

CISO (registered information security administrator) management position

Cise (registered information security engineer) technical position

CISD (registered information security development engineer) development position

Audit position of CISA (registered Information Security Auditor)

CISP must meet these requirements:

1. Master degree or above with more than one year of information security related work experience

2. Bachelor degree with more than two years of information security related work experience

3. College degree with more than four years of information security related work experience

4. Training needs to be conducted by training institutions authorized by China's information security assessment

To pass CISO cise examination, agree to comply with CISP's code of practice, meet CISP registration requirements, comply with and meet CISP registration maintenance requirements and pay annual fees.

What are the areas of CISP?

1. Information security: basic knowledge and practice of information security.

2. Information security technology: network security, system security, application security, password technology, security attack and defense, software security development, access control and audit monitoring.

3. Information security regulations: information security regulations and policies, information security standards, and moral models.

4. Information security engineering: principle and practice of security engineering.

5. Information security management: security management system, security management measures, risk control.

The exam time of CISP is 2 hours, the exam title is 100 points, and 70 points are needed to pass the exam.

CISP is divided into two exam papers CISO and cise according to different fields.

Cise: registered information security engineer (cise) is mainly engaged in information security technology, development, service engineering and other personnel.

CISP: registered information security manager (CISO) is mainly engaged in information security management.

Proportion of knowledge points in their exams

Cisp-pte (registered information security professional - penetration test)

Cisp-pte, Certified Information Security Professional - penetration testing engineer. Certificate holders are mainly engaged in website penetration testing in the field of information security technology. They have the basic knowledge and ability to plan test plans, prepare project test plans, prepare test cases and test reports. It belongs to qualification examination.

What does penetration mean?

Let's take another way of thinking. According to my understanding, someone gives you a goal to test whether he has a hole. To see how high their security is, penetration seems to be divided into white box test and black box test. The first one is that an enterprise gives you some rules and attack techniques to test. The latter is that there are no restrictions, which is the author's understanding.

Penetration testing is a mechanism provided to prove that network defense works as expected.

Contents of cisp-pte outline

Web Security Foundation: mainly including HTTP protocol, injection vulnerability, XSS vulnerability, SSRF vulnerability, CSRF vulnerability, file processing vulnerability, access control vulnerability, session management vulnerability and other related technical knowledge and practice.

Middleware security foundation: mainly including Apache, IIS, Tomcat, Weblogic, WebSphere, JBoss and other related technical knowledge and practice.

Operating system security foundation: mainly including the relevant technical knowledge and practice of Windows operating system and Linux operating system.

Database security foundation: mainly including MSSQL database, MySQL database, Oracle database, redis database related technical knowledge and practice.

Other content can refer to the content on the blog of the group leader, and the address is as follows:

CISSP (registered information system security expert)

CISSP (English full name of CISSP: "Certified Information Systems Security Professional", Chinese full name: "registered information systems security expert" (ISC) 2), organized and managed by (ISC) 2, is the most authoritative, professional and systematic information security certification in the world at present.

What kind of certification does CISSP have?

(ISC) ² registered information system security officer (CISSP ®)

(ISC) 2 registered software life cycle Security Engineer (csslp ®)

(ISC) 2 registered Network Forensics (ccfpsm)

(ISC) ² registered information security licenser (cap ®)

(ISC) 2 registered system safety officer (SSCP ®)

(ISC) 2 medical information and privacy security officer (hcisppssm)

CISSP special strengthening certification:

Cissp-issap (Information Systems Security Architecture Professional) information system security architecture expert

Cissp-issep (Information Systems Security Engineering Professional) information system security engineering expert

Cissp-issmp (information system security management professional) information system security management expert

CISSP certified personnel are generally engaged in the following work:

1. Security Advisor

2. Safety Director / Manager

3. It Director / Manager

4. Safety Auditor

5. Security Architect

6. Security Analyst

7. Safety System Engineer

8. Network architect

The certification requirements of CISSP are very strict

You need to demonstrate that you have at least five years of full-time work experience in the information security industry, or a bachelor's degree, in two or more of the eight areas of knowledge defined by the (ISC) ² CISSP CBK, and

Four years of full-time working experience in two or more of the eight knowledge areas defined by CISSP CBK. If you do not meet the age requirement, you can still take the exam and become (ISC) first

Personnel, until the required work experience is met before applying for certification.

1. Take and pass the CISSP (250 single choice questions, 6 hours, 599 USD)

2. Complete the certification application process – when you are notified that you have successfully passed the examination, you need to complete the following recommendation procedures within 9 months from the examination date:

Fill in the application endorsement form

Agree to abide by (ISC) 2 code of ethics

Obtain the signature of another (ISC) 2 certified member

3. Re certification is required every three years to maintain the validity of the certificate. After obtaining the certificate, the holder must obtain at least 20 CPE credits every year and 120 CPE credits every three years. If the CPE credit requirements are not met, the CISSP holder must be re certified. In addition, CISSP holders are required to pay an annual fee of US $85 (AMF), and the CISSP examination language is Chinese.

Examination & machine test;

250 single choice questions; the questions come from the question bank of (ISC) 2, and the questions will change every time;

25 of the 250 questions are for investigation purposes, without scoring, but not clearly marked out;

Full Score: 1000, passing score: 700

After the computer test, the results will be announced on the spot;

If you fail, you will be informed of the specific scores and scores of each domain, so that you can learn lessons and strengthen learning;

It is necessary to fill in an endorsement with a resume, which is recommended by a CISSP for Isc2 review (Isc2 will randomly check the qualifications of candidates);

Finally, you will receive email from Isc2; certificate, badge, card, Isc2 website login password;

The next step is to accumulate CPE and pay membership fees;

He and CISP also need to maintain CISSP, which is very difficult to maintain.

CPE scores can be derived from the following aspects:

1. Manufacturer's training: CISSP participates in the training and lectures held by the manufacturer, and can obtain 1 CPE per hour;

2. Safety meeting: CISSP participates in the safety meeting and can obtain 1 CPE per hour;

3. University courses: CISSP can obtain 11.5 CPEs per semester by participating in and passing university courses;

4. Publish safety papers or books: CISSP can get 40 CPEs by publishing safety books, or 10 CPEs by publishing safety articles, in this way, it can get up to 40 CPEs in three years;

5. Provide safety training: CISSP can get 4 CPEs per hour for safety lectures and lectures, and get up to 80 CPEs per year in this way;

6. For the management of security professional organizations: CISSP can obtain 10 CPEs per year through services, but it can obtain up to 20 CPEs in this way;

7. Self study: CISSP can obtain CPE through self-study, in this way, it can obtain up to 40 CPEs within 3 years;

8. Read security books: CISSP can get 10 CPEs by reading information security books, but only one book is recognized every year;

9. Volunteer work: CISSP can obtain CPE as a volunteer of (ISC) 2. Scores and specific activities are determined by (ISC) 2;

10. Other: if CISSP wants to obtain CPE in other ways, it must be submitted to the re Certification Committee of (ISC) 2 for approval.

The (ISC) ² CISSP CBK knowledge domain covers a wide range of information security critical topics of general interest to information security professionals and is updated annually to reflect the latest global best practices. At the same time, a general framework of information security concepts and principles is established for discussion, debate and solution of industry problems.

CISSP CBK covers the following eight areas, which came into effect on July 1, 2015.

Safety and risk management - including (safety, risk, compliance, laws, regulations, business continuity)

1. Understand and apply the concept of confidentiality, integrity and availability, and apply security governance principles

2. Compliance and understanding of laws and regulations related to information security

3. Understanding professional ethics

4. Develop and implement documented security policies, standards, procedures and guidelines

5. Understanding business continuity requirements

6. Personal security policy

7. Understand and apply threat modeling

8. Establish and manage information security education, awareness and training

Asset security - (protecting asset security)

1. Classification of information and supporting assets (e.g. sensitivity and criticality)

2. Identify and maintain asset owners (e.g. data owner, system owner, business / Mission owner)

3. Privacy protection

4. Ensure proper preservation

5. Determine data security controls (e.g. stored data, transferred data)

6. Establish disposal requirements (e.g. marking, storage, distribution of sensitive information)

Safety engineering - (safety engineering and management)

1. Implementation and management of engineering process using safety design principles

2. Understand the basic concept of security model, select control and Countermeasures Based on system security evaluation model

3. Understand the security capabilities of information systems (e.g., storage protection, virtualization, trusted platform modules, interfaces, fault tolerance)

4. Assess and mitigate vulnerability of security architecture, design and Solution elements, and web based (e.g., XML, OWASP)

5. Assess and mitigate the vulnerability of mobile systems, embedded devices and network physical systems (such as the Internet of things)

6. Application password

7. Apply safety principles, design and implement physical safety in the design of sites and facilities

Communication and network security - (design and protect network security)

1. Application of security design principles in network architecture (such as IP and non IP protocols)

2. Security network components

3. Design and establish secure communication channels

4. Protect or slow down network attacks

Identity and access management - (access control and identity management)

1. Physical and logical access control of assets

2. Identity and authentication management of personnel and equipment

3. Consolidate identity as a service (e.g. cloud identity)

4. Integrate third party identity services

5. Implement and manage authorization mechanism

6. Protect or mitigate access control attacks

7. Manage identity and access configuration lifecycle

Safety assessment and test - (design, implement and analyze safety test)

1. Design and validate assessment and test strategy

2. Manage security control tests

3. Collect safety process data (e.g. management and operational control)

4. Analyze and report test output (e.g. automated, manual)

5. Implement internal and third party audits

Safe operations - (basic concepts, investigations, incident management, disaster recovery)

1. Understand and support the investigation and understand the requirements of investigation type

2. Understand and apply basic security operations concepts, implementation logs, and monitoring activities

3. Security of resource allocation and technology of resource protection

4. Implement incident management, operation and maintain preventive measures

5. Implement and support patch and vulnerability management

6. Participate in and understand the change management process (such as version control, baseline, safety impact analysis)

7. Implement recovery strategy, implement disaster recovery process, test disaster recovery plan, participate in business continuity plan and drill

8. Implement and manage physical security and participate in solving personal security issues

Software development security - (understanding, applying, and implementing software security)

1. Application security in software development life cycle

2. Strengthen safety control in development environment

3. Evaluate the effectiveness of software security

4. Assess the security impact of acquiring software

In a word, CISSP has a very broad coverage. At present, there are only 1343 people with this certificate in mainland China as of November 16, 2016, compared with 72685 in the United States and 110980 in the world. The gold content of CISSP is the highest in the industry.

Of course, you think that's enough for CISSP? You are wrong. He also strengthened certification:

Information system security architecture Specialist (cissp-issap ®)

Information system security engineering specialist (cissp-issep ®)

Information system security management expert (cissp-issmp ®)

They correspond to different abilities respectively, and their examination proportion is also different:

Do you want these certifications? You need to finish CISSP first.

Next, we will introduce what other certificates are for

Iso27001la (IRCA) information security management system certification

CISA international registration information system auditor certification

CISM International Registration Information Security Manager Certification

Crisc risk and information system monitoring certification

CISD national registered information security developer

COBIT information and related technical control objectives

ITIL V3 IT infrastructure library certification (core division service life cycle)

Iso27001ila international information security management director auditor certification

C-ccsk cloud computing security knowledge authentication system

Csslp international registration software life cycle security certification

Other authentication

Software life cycle safety certification of international registration

Csslp (certified secure software lifecycle professional) is mainly aimed at the ability to solve security problems in the whole software development life cycle (SLC). Through the development of the best security development work specification and process, to curb the application vulnerability caused by the lack of software development process.

Csslp uses the whole life cycle approach to solve software security problems. Since csslp is independent of any code language, it is applicable to all personnel involved in the software life cycle (SLC), including analysts, developers, software engineers, software architects, project managers, software quality assurance testers and programmers.

Attack security certified professional (oscp)

Certification authority: official security

Qualification introduction: oscp certification of Offshore Security Company is the exclusive certification of its "Kali Linux penetration test" training course. Kali Linux is a Debian based security oriented distribution. The system is famous for pre installing hundreds of well-known security tools.

Kali also has a high gold content certification in the field of information security called "Kali penetration test" certification. The applicant of this certification must successfully invade multiple computers within 24 hours, and then complete the penetration test report within another 24 hours and send it to the security personnel of affordable security for review. Those who successfully pass the exam will obtain the oscp certificate.

Wireless security expert certification

The Certified Wireless Security Professional (CWSP) is the certificate the author wants (super want)

Certification authority: CWNP;

CWNP is a non-profit organization that maintains vendor neutrality and develops IT industry standards for enterprise Wi Fi certification and training. At present, CWNP focuses on 802.11 wireless network technology and provides six levels (from entry level to expert level) of professional certification qualification for enterprise level Wi Fi technology, covering basic principles, management, security, analysis, design, mastery and teaching.

Qualification introduction: CWSP certification is a professional wireless LAN qualification, which aims to ensure that the holder has the skills to ensure that the enterprise's Wi Fi network is free from hackers, and can adapt to any brand of Wi Fi equipment used within the organization.

Prerequisite: the applicant must have the qualification of a valid Certified Wireless Network Administrator (CWNA);

Examination: wireless security certification expert (examination duration: 90 minutes; 60 questions; 70% of the total score is qualified)

Healthcare information security and privacy practitioner (hcispp)

Shearer said the growing cyber attacks on the healthcare industry also increased the demand for security experts in the industry. As the risk of medical institutions continues to grow, the importance of medical safety certification will also increase.

Certification authority: (ISC) 2

Qualification: (ISC) 2 provide hcispp certification for those responsible for protecting medical data against potential threats. The examination assesses the knowledge of hcispp CBK in six areas: medical industry, regulatory environment, medical privacy and security, information management and risk management, information risk assessment and third-party risk management.

Prerequisites: at least two years of professional experience in one of the six fields of hcispp CBK; only one year of experience must pass any combination of the first three fields of hcispp CBK (medical industry, regulatory environment and medical privacy and security);

Examination: hcispp practitioners of medical information security and privacy (examination duration: 3 hours; 125 questions; 70% of the total score is qualified);

Security: a new upstart of information security technology operation certification+

Certification authority: CompTIA;

CompTIA was founded in 1982 and established a third-party IT certification independent of the manufacturer in 1993. Nowadays, CompTIA has become a globally recognized organization providing industry-leading certification. Around the world, nearly 2 million professionals have obtained CompTIA certification, including apple, HP, IBM and many other world top 500 companies that recommend to verify employees' IT capabilities through CompTIA.

Qualification introduction: Security + is for the certification of information security basic level practitioners, focusing on technical practice. Security + is an effective way to enter the information security industry, whether it's a newly graduated student, or an operation and maintenance personnel or a developer who has already taken up a job.

Security + covers network security, compliance and operational security, threats and vulnerabilities, application, database and host security, access control, identity authentication management, and privacy and confidentiality.

Prerequisites: No, but candidates need to have a CompTIA Network + certificate or 2 years of experience in IT security management;

Exam: CompTIA Security + (exam duration: 90 minutes; maximum 90 questions; pass score is 750 / 900;)

Giac Security Essentials (gsec)

Certification authority: giac;

Global information assurance certification (giac) is a leading provider and developer of network security certificates. It mainly investigates five professional fields (including security management) and has several levels (including silver, gold and platinum). The organization provides both certification and certification. The certificate is usually based on one or two days of sans training course materials and contains only one test; while the certificate is based on a one week course and needs to pass two tests and is replaced every four years.

Qualification introduction: giac Security Essentials certification (gsec) is for technical professionals, such as practice managers, new employees and other personnel in this field. References need to have a wide range of security knowledge, including IP packets, network protocols, DNS, TCP, policy framework, network mapping, authentication, event response, viruses and malicious code.

Prerequisites: No;

Examination: giac safety factor certification (examination duration: 5 hours; 180 questions; 74% of the total score is qualified)

CCSP (the certified Cloud Security Professional)

Certification authority: (ISC) 2

Qualification introduction: in April 2015, (ISC) 2 and Cloud Security Alliance (CSA) launched a new qualification certification for cloud security practitioners around the world, namely "(ISC) 2 Registered cloud security expert certification (CCSP) "aims to meet the key needs of cloud computing market for qualified security talents, that is, to ensure that cloud security professionals have the key knowledge, skills and capabilities required to audit, evaluate and protect cloud computing infrastructure. CCSP is based on the existing information security certification and cloud security education programs, namely (ISC) 2 CISSP certification and CSA ccsktm, which are also beneficial supplements to the two certifications and certificates.

The csaccsk certificate provides an excellent index of benchmark cloud security knowledge, which is suitable for almost any IT practitioners. CCSP certification, based on many knowledge fields covered by CCSK, integrates deeper information security and cloud computing practical experience knowledge, which can verify the practical skills and knowledge of professionals whose daily work involves cloud security architecture, design, operation and service arrangement. CCSP certification is designed for professionals who are highly involved in cloud security and are responsible for protecting enterprise architecture security.

Applicants should have at least five years of IT industry experience, including three years of information security related experience and one year of cloud computing related experience. All candidates must demonstrate and prove the following professional capabilities in six CBK knowledge areas: cloud computing architecture concept and design requirements, cloud data security, cloud platform and infrastructure security, cloud application security, cloud computing operation security, cloud computing related laws and regulations and compliance;

Prerequisites: No;

Examination: cloud security expert certification (examination duration: 4 hours; 125 questions; 70% of the total score is qualified)

(the above parts are from Baidu, cncisa, (ISC) 2)

Please forgive me for not introducing some safety certificates.


Each of the above (ISC) 2 certification has its own mission. At the same time, they also have very strict requirements for certification. They need to have full-time working experience in the same field for 1-2 years and experience in (CBK), etc. (for details, please go to the (ISC) 2 Chinese official website)

CISP can go to China Information Security Evaluation Center

CWSP wireless security authentication can go to CWNP official website

At last, it concludes that every certificate has its own master and mission. It is not the best one to choose the certificate that is the most powerful, but the best one for oneself. The certificate represents a kind of ability. Whether you can use the certificate to create the value belonging to the certificate depends on you.