1. Identify 3 vendor centric professional certifications in security. a. Checkpoint
2. Within the DoD 8570.01M directive, which professional certifications map to the 8570.01M directive? Technical Level
Other: GSEC, SCNP
Other: GSE, SCNA
Other: GISF, GSLC
Computer Network Defense (CND) Certifications
Information Assurance System Architecture and Engineering (IASAE) Certifications Level I
3. From a career perspective, which professional certifications make sense for someone wishing to perform intrusive, penetration tests? a. Profession certification to perform intrusive penetration tests would be the GIAC Penetration Tester (GPEN), GIAC Certified Intrusion Analyst (GCIA), Certified Ethical Hacker (CEH), and Licensed Penetration Tester (LPT). 4. What is the primary difference between the (ISC) SSCP and CISSP professional certifications from an information systems security career path perspective? a. SSCP certification is for an entry-level systems security analyst. The SSCP is open to all candidates with as little as one year experience, making it an ideal starting point for a new career in InfoSec or to add that layer of security you need in your current IT career. If you are SSCP certified, you have the ability to perform hands-on security countermeasures and implementation of security countermeasures. b. CISSP certification is for someone who many years of experience in the InfoSec industry. Typically someone who is CISSP certified will manage a team of SSCP’s. CISSP’s are responsible for the InfoSec throughout the entire organization. They see to it that all policies, procedures, guidelines, and standards are implemented throughout the organization. 5. Why do you think it would be important to take both vendor and vendor neutral professional certification exams for your career progression? Explain. a.
6. Pick two professional certifications that you want to pursue and explain what the pre-requisites are and in what time frame in your career path you plan on achieving them. a. CCNA Security
i. Prerequisites would be any valid Cisco CCENT, CCNA Routing and Switching, or any CCIE certifications can act as a prerequisite. b. Certified Information Security Manager
i. Submit verified evidence of a minimum of five years of information security work experience. ii. Adhere to ISACA Code of Professional Ethics
iii. Comply with continuing education policy.
7. Why would an organization that is not in the DoD but does business with the DoD choose to get its employees certified using the measuring of the DoD 8570.01M directive? a. If the organization certified their employees using the DoD 8570.01M requirements that means the employee’s certification is reputable and valid. 8. Explain in your own words: what the significance of the (ISC) Code of Ethics implies to information systems security professionals. a. The significance of the (ISC) Code of Ethics implies to information systems security professionals is integrity. (ISC) Code of Ethics Canon states; “Act honorably, honestly, justly, responsibly, and legally”. 9. What IAT levels within the DoD 8570.01M map to the hands-on, entry-level professional certifications: Security+, SSCP®, SCNP, Network+, GEAC, etc.? a. IAT Level I and IAT Level II
10. At the IASAE level within the DoD 8570.01M directive, what professional certification acts as the core foundation for Levels I, II, and III? a. CISSP Certification
11. What are 2 professional certifications that can be obtained for systems and network auditing and...
Please join StudyMode to read the full document