![Page 1: What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT](https://reader036.vdocuments.mx/reader036/viewer/2022062715/56649db15503460f94aa0107/html5/thumbnails/1.jpg)
What is CISSP Anyway?
A Presentation by:
George L. McMullin II, CISSPCOO, CorpNet Security, Inc.
Executive Director, NEbraskaCERT
![Page 2: What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT](https://reader036.vdocuments.mx/reader036/viewer/2022062715/56649db15503460f94aa0107/html5/thumbnails/2.jpg)
Where we’re headed today
• A little history
• A little certification
• And a little more
![Page 3: What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT](https://reader036.vdocuments.mx/reader036/viewer/2022062715/56649db15503460f94aa0107/html5/thumbnails/3.jpg)
The Certification Movement
• Security organizations already exist pre-’88
• Special Interest Group for Computer Security (SIG-CS) of the Data Processing Management Association (DPMA) - Nov ‘88
• Volunteers from several organizations began a joint effort to forge a certification program
– SIG-CS of the DPMA
– Information Systems Security Association (ISSA)
– Computer Security Institute (CSI)
– Canadian Information Processing Society (CIPS)
– Several agencies of the U.S. and Canadian governments
– Idaho State University
![Page 4: What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT](https://reader036.vdocuments.mx/reader036/viewer/2022062715/56649db15503460f94aa0107/html5/thumbnails/4.jpg)
Certification Realized
• International Information Systems Security Certification Consortium (ISC)² established mid-’89– nonprofit corporation
– develop a certification program for information systems security practitioners
– certification body, not a membership organization
![Page 5: What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT](https://reader036.vdocuments.mx/reader036/viewer/2022062715/56649db15503460f94aa0107/html5/thumbnails/5.jpg)
(ISC)²
• Code of Ethics established
– Canons
• Protect society, the commonwealth, and the infrastructure
• Act honorably, honestly, justly, responsibly, and legally
• Provide diligent and competent service to principals
• Advance and protect the profession
![Page 6: What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT](https://reader036.vdocuments.mx/reader036/viewer/2022062715/56649db15503460f94aa0107/html5/thumbnails/6.jpg)
(ISC)²
• Certification for Information Systems Security Professionals (CISSP)– Ten “Common Body of Knowledge” (CBK) areas defined
• Access Control Systems and Methodology
• Telecommunications and Network Security
• Security Management Practices
• Applications and System Development Security
• Cryptography
• Security Architecture and Models
• Operations Security
• Business Continuity Planning and Disaster Recovery Planning
• Law, Investigations and Ethics
![Page 7: What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT](https://reader036.vdocuments.mx/reader036/viewer/2022062715/56649db15503460f94aa0107/html5/thumbnails/7.jpg)
CISSP
• Certification for Information Systems Security Professionals (CISSP)– Examination
• Prerequisites:– Subscribe to code of ethics
– Have 3 years direct work experience in one of 10 areas of CBK
• $450 fee
• 6 hours
• 250 multiple-choice questions
– Recertification• Annual fee of $85
• Abide by code of ethics
• Earn 120 Continuing Professional Education (CPE) credits every 3 years
![Page 8: What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT](https://reader036.vdocuments.mx/reader036/viewer/2022062715/56649db15503460f94aa0107/html5/thumbnails/8.jpg)
CISSP
• Preparation
– (ISC)² CBK review seminars• Four days - $1550 (w/ exam add $275)
• Eight days - $2800 (w/ exam add $275)
– NEbraskaCERT CISSP Exam Preparation Course• Ten weeks - $1495 (discounts available)
– Self study
![Page 9: What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT](https://reader036.vdocuments.mx/reader036/viewer/2022062715/56649db15503460f94aa0107/html5/thumbnails/9.jpg)
Coming Certification . . .
• Systems Security Certified Practitioner (SSCP)– Aimed at network and systems security administrators
– Multiple examinations• Core examination - multiple choice
• Optional specialty exams specific to technologies - scenario based
• Seven areas of CBK– Access controls
– Administration
– Audit and monitoring
– Risk, response and recovery
– Cryptography
– Data communications
– Malicious code
![Page 10: What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT](https://reader036.vdocuments.mx/reader036/viewer/2022062715/56649db15503460f94aa0107/html5/thumbnails/10.jpg)
Contacting George• NEbraskaCERT
• CorpNet Security
• Cell phone
– (402) 968-6830
![Page 11: What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT](https://reader036.vdocuments.mx/reader036/viewer/2022062715/56649db15503460f94aa0107/html5/thumbnails/11.jpg)
![Page 12: What is CISSP Anyway? A Presentation by: George L. McMullin II, CISSP COO, CorpNet Security, Inc. Executive Director, NEbraskaCERT](https://reader036.vdocuments.mx/reader036/viewer/2022062715/56649db15503460f94aa0107/html5/thumbnails/12.jpg)