|
This certification aims at presenting a structured way of assessing the level of security awareness amongst users and user management in organizations that use networked information systems. It has been repeatedly established in many surveys that the biggest threats to security comes from the uninitiated and untrained users. Globally the shift is towards creating security awareness amongst users of information systems such that they don’t contribute towards security infractions. This certification tests if the users of information systems have assimilated the requisite ‘best-practices’ required to be adhered to while accessing and using the information systems securely. The focus of certification workshop for this certification and the certification examination itself would be driven by the contents of ISSAF section on information security awareness. No pre-requisite is prescribed. Candidates can attain this credential by passing a one-hour examination containing 60 MCQs and attaining 70% grade.
Those who want to be certified to teach this course at ATPs and at OISSG organized certification workshop events must pass this examination with 85% grade.
|
|
|
This certification focuses on the full range of knowledge that would constitute security domain for IT professionals who are not working in security processes but for whom knowledge of security is a sure value addition. This certification tests the ability of the candidate to apply ISSAF methodologies implementing basic security paradigms and in adhering to essential security requirements in organizations. While the focus will be on comprehensiveness of understanding all aspects of security, candidates will be expected to demonstrate good understanding of the contents of ISSAF document. A year of experience in networking and / or security would be beneficial while taking the examination, though not a pre-requisite. Candidates can attain this credential by passing a two-hour examination containing 150 MCQs and attaining 70% grade.
Those who want to be certified to teach this course at ATPs and at OISSG organized certification workshop events must pass this examination with 85% grade.
|
|
|
This certification focuses on advanced level of penetration testing of networks and technical assessment of security architecture of an organization’s complex and distributed security process. This certification tests the ability of the candidate to apply ISSAF methodologies in carrying out penetration testing and in assessing and certifying complex security architecture in organizations. While the focus will be on the assessment and certification, candidates will be expected to demonstrate good understanding of the penetration testing process itself as discussed in the sections on technical assessment in the ISSAF document. Candidates for this certification should have a minimum of two year of experience in penetration testing and assessing and certifying complex security architecture and should self certify such experience. At random, OISSG would select a small percentage of candidates for this examination and verify their experience independently. Candidates can attain this credential by passing a two-hour examination containing 150 MCQs and attaining 70% grade and meet the following additional condition as well:
· After passing the exam as described above, candidates would be expected to demonstrate their capability to actually carry out a penetration test in a lab environment which will simulate a real time network. Proctors at this lab examination would certify whether or not the candidate has made the passing grade for candidates to get the ICPTE credential
Those who want to be certified to teach this course at ATPs and at OISSG organized certification workshop events must pass this examination with 85% grade and the proctor certificate at the lab shall also state that the candidate has met the trainer grade.
|
|
|
This certification focuses on penetration testing of networks and technical assessment of the security architecture of an organization’s security process. This certification tests the ability of the candidate to apply ISSAF methodologies in carrying out penetration testing and in assessing and certifying security architecture in organizations. While the focus will be on assessment and certification of the security architecture in place, candidates will be expected to demonstrate good understanding of the penetration testing process itself as discussed in the sections on technical assessment in the ISSAF document. While a year of experience in penetration testing would be beneficial while taking the examination, it is not a pre-requisite. Candidates can attain this credential by passing a two-hour examination containing 150 MCQs and attaining 70% grade.
Those who want to be certified to teach this course at ATPs and at OISSG organized certification workshop events must pass this examination with 85% grade.
|
|
|
This certification focuses on the Business Continuity and Disaster Recovery parts of the security process. This certification tests the ability of the candidate to apply ISSAF methodologies in assessing and certifying business continuity and disaster recover plans and processes in organizations. While the focus will be on assessment and certification of the BCP and DRP processes, candidates will be expected to demonstrate good understanding of the BCP and DRP process itself as discussed in the ISSAF document. While a year of experience in BCP and DRP would be beneficial while taking the examination, it is not a pre-requisite. Candidates can attain this credential by passing a two-hour examination containing 150 MCQs and attaining 70% grade.
Those who want to be certified to teach this course at ATPs and at OISSG organized certification workshop events must pass this examination with 85% grade.
|
|
|
