about netcom learning
DESCRIPTION
About NetCom Learning. Founded: 1998 Trained over 90% of the Fortune 500 Serviced over 50,000 professionals Authorized Vendor Training: over 20 leading technology vendors Microsoft, Cisco, CompTIA , PMI, Autodesk, Citrix... - PowerPoint PPT PresentationTRANSCRIPT
About NetCom Learning
• Founded: 1998• Trained over 90% of the Fortune 500• Serviced over 50,000 professionals• Authorized Vendor Training: over 20 leading technology
vendors– Microsoft, Cisco, CompTIA, PMI, Autodesk, Citrix...
• Custom training solutions at client locations & live online training
• CompTIA Platinum Training Partner• Microsoft Worldwide Partner of the Year• Inc. 5000 Fastest Growing Private Companies in US
www.netcomlearning.com
GoToWebinar Controls
2
v1.1
CASP Certification
What is the “CASP”?
• A technical security certification for the technical “lead” in an enterprise organization
• The focus is on technical, and on enterprise• Vendor neutral• Targets at least 5 years of technical security
experience• Intended for the security professional who loves the
application of security, and who is good enough, and senior enough, to be thinking about the business as a whole, and the security impact of business decisions
4
Identifying the Need for an Advanced Security Certification
5
6
2008 2010 2012
19%
7% 5%
46% 47%
33%35%
47%
62%
Lower Half Priority
Middle Priority
Upper Half Priority
Source: CompTIA’s 8th Annual Information Security Trends study Base: 1,400 IT and business executives responsible for security
Growing Global Importance of Security
7
The Rising Cost of Human Error
59%
41%
Human Error
Technology Error
Cause of security incidents / breaches
50% of respondents believe human error will
increase significantly or moderately as a factor over next two years.
Primary Sources of Human Error:- Failure to comply with
company security policies
- Lack of security expertise
- Lack of security training- Lack of resources
8
Improving the IT Security Workforce
More instructor-led training
More vendor-neutral security training
Having more IT staff complete a security certification
More recognition/financial rewards for IT staff that complete a security certification
More frequent training
More technology-specific training
59%
58%
52%
63%
62%
59%
17%
18%
24%
18%
23%
32% 91%
Net
76%
85%
81%
76%
76%
DefinitelyProbably
Key Findings – Advanced Security
9
Acceptance of the exam depends on Government general acceptance of the new certification and
applicability to 8570.
The advanced security exam should concentrate on new technologies that demand a concentration in
security aspects, such as IPv6, VoIP, and SaaS.
The exam should be part of a vendor certification (as an elective).
The exam should be performance-based.
An advanced level security exam would be good to pursue.
POLLS
10
CASP Development
The Next Step for Technical Security Professionals on the Path to CISSP/Product-Specific Certification.
The First in CompTIA’s Mastery Series of Exams
Primary market: U.SSecondary markets: Germany, Malaysia, Japan
11
Targeted at IA Technical Level III and IA Management Level II of the US
DoD Directive 8570.1-M
Designed for the Technical Security Lead in Large, Multi-location 0rganizations
Target Audience and Job Roles
12
Information Systems Security Engineer
Network Security Engineer
Security Architect
Security Consultant
Security Assessor
Security Manager or Information
Assurance Manager (IAM)
Security Analyst
ISSO, IASO (Information Systems Security Officer/Information Assurance
Security Officer)
Target Audience IT security professionals with a
minimum of 10 years experience in IT administration and at least 5
years of hands-on technical security experience
13
IT Security Job Role Major Responsibilities
Information Systems Security Engineer• Detailed design and build of security programs, systems engineering with a security perspective. • Security systems design. • Interprets security requirements to non-security staff.
Network Security Engineer• Detailed design and build of network security devices, security network programs, network engineering with a security perspective. •Security network design. Interprets network security requirements to non-security staff.
Security Architect•Creates, conceptualizes, and builds security systems to meet business drivers. •Includes application level, network level, and systems level security. •Provides end-to-end traceability between business drivers and security solutions.
Security Consultant •Provides advice and guidance related to interpreting, implementing and complying with security best practices, while addressing complex situations and issues.
Security Assessor •Evaluates compliance and assesses vulnerabilities.
Security Manager or Information Assurance Manager (IAM)
•Decision maker, has overall responsibility for maintaining security in his/her area of responsibility.
Security Analyst • Analyzes security practices, controls and operational security events. Configures and monitors security services.
ISSO, IASO (Information Systems Security Officer, Information Assurance Security
Officer)• Security generalist that performs auditing, security design, provides security advice/consulting, reviews change requests, and addresses operational security.
Job Roles and Responsibilities
CASP Exam Focus
15
Design and Build of Security
Solutions
Why Security
Measures are Taken
Security Impact of Business Decisions
Application rather than Definition
CASP Focus
CompTIA Exam Overview
Exam Coverage Enterprise Security Risk Mgmt, Policy/Procedure and Legal Research & AnalysisIntegration of Computing, Communications, and Business Disciplines
1 Blended ExamMultiple choiceScenario based
Performance based
ANSI/ISO Accreditated in Anticipation of 8570
Approval
16
CASP Knowledge and Skills
• The CASP exam will certify that the successful candidate has the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments.
• The candidate applies critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers
Subjects includeIPV6 and VOIP. Address
SAAS in an objective that includes Security in SLA’s with vendors providing
services.
CASP Exam Information
17
• 1 exam, blended format
Exam Requirement
• Part Number: CAS-001• Number of Questions: Up to 80• Exam Length: 150 minutes
Exam Detail
• 5 years of technical security experience at the enterprise level.
Recommended Experience
• Introductory Price$329 Non-Member.
Price
• English initially
Languages
CASP Objectives
18
Domain Percent of Examination
Enterprise Security 40%
Risk Mgmt, Policy/Procedure and Legal 24%
Research & Analysis 14%
Integration of Computing, Communications, and Business Disciplines
22%
Total 100%
Performance Based Questions
19
•For performance based items, the CASP candidate will be given a scenario/problem, and will be prompted to push a button to launch a simulated environment that is created via software.
•The simulated environment should be familiar to a security professional with the level of experience recommended for the CASP exam.
•Once the simulation is launched, the candidate will need to perform whatever tasks s/he believes appropriate, based on the given scenario and the tools/information that are provided in the question.
Performance- Based Question
Description
Highlights
CASP Discussion Points
20
•The exam will have up to 80 questions. One of several “forms” of the exam is presented to each candidate. The number of questions may vary from one form to the next, up to 80.
•All forms are internally balanced for objective weight and question difficulty, but the number of questions may differ.
•For this reason, a single scaled score for the CASP exam is not workable, and a Pass or Fail score will be awarded.
•All candidates will receive a report showing the objective areas where questions were missed and further study or experience is needed.
Pass Fail Exam
Highlights
CASP certified – as of March 2012
• Global launch of the CASP, with courseware available, on February 21, 2012
• 219 CASP certified professionals (including beta participants)
• Early movers – security professionals from
– U.S. government contractors
• SAIC, Northrop Grumman, General Dynamics, Booz Allen
– U.S. Air Force, Army, Navy, Dept. of Homeland Security
– CenturyLink, Rackspace, Hewlett-Packard, Microsoft, IBM
21
CASP Testimonial
22
CASP learning
23
Printed courseware for Instructor and Student
CompTIA Platinum Training Partner
Authorized CASP Certification Training
• ComTIA Advanced Security Practitioner (CASP)– 5 days certification training– Books included– Testing center in the training facility– CompTIA Certified Instructors
• Class Dates– May 14th New York City (LOT compatible)– May 21st Las Vegas (LOT or Travel Package)– July 9th New York (LOT compatible)
24
World Innovation ForumNew York 2012
World Innovation Forum 2012 (www.netcomlearning.com/wif)
• June 20th – June 21st 2012, New York City Center• 11 world renowned experts and practitioners
www.netcomlearning.com
Q & A
26