information system security association issa buffalo niagara
DESCRIPTION
Information System Security Association ISSA Buffalo Niagara. Introduction to CISSP Study Sessions. ISSA Overview. Information Systems Security Association (ISSA) is the largest international, not-for-profit association specifically for security professionals. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/1.jpg)
www.issa.org 1
![Page 2: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/2.jpg)
www.issa.org 2
Information System Security Association
ISSA Buffalo NiagaraInformation System Security Association
ISSA Buffalo Niagara
Introduction to CISSP Study Sessions
![Page 3: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/3.jpg)
www.issa.org 3
ISSA OverviewISSA Overview
Information Systems Security Association (ISSA) is the largest international, not-for-profit association specifically for security professionals.
The association and chapter provide educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of their members.
![Page 4: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/4.jpg)
www.issa.org 4
ISSA Buffalo Niagara History and Background
• First meeting April 11, 2003• 25 dues paying members and
growing• Not yet officially recognized as
chapter, but acting like one anyway• Six months of regular meetings• Already held first full day event, 2
more scheduled
![Page 5: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/5.jpg)
www.issa.org 5
Introductions
• Name• Organization• Why achieving the CISSP
certification is important to you
![Page 6: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/6.jpg)
www.issa.org 6
CISSP Study Group
• Study the Common Body of Knowledge (CBK) domains
• Review for Exam
• Achieve certification through testing
![Page 7: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/7.jpg)
www.issa.org 7
Questions?Questions?
![Page 8: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/8.jpg)
www.issa.org 8
Overview of ISC2, CISSP
• Certification was discussed for many years among computer security practitioner
• Certification was viewed as the way to upgrade the profession.
• Certification would enhance the credibility of the computer security profession.
• Creation of the International Information Systems Security Certification Consortium, or (ISC)2, was established in mid-1989
![Page 9: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/9.jpg)
www.issa.org 9
Overview (continued)
• ISC2 as an independent, nonprofit corporation whose sole charter is to develop and administer a certification program for information security practitioners.
• Now firmly established in North America, the program is quickly gaining international acceptance.
• The Certified Information Systems Security Professional (CISSP) designation is a highly respected certification.
![Page 10: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/10.jpg)
www.issa.org 10
Overview (continued)
• CISSP Certification was designed to recognize mastery of an international standard for information security and understanding of a Common Body of Knowledge (CBK).
• It demonstrates the ability to understand a broad range of security issues in many areas.
• CISSP examination consists of 250 multiple-choice questions, each having four possible answers (only one of the answers is most correct).
![Page 11: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/11.jpg)
www.issa.org 11
Overview (continued)
• Candidates have up to six-hours to complete the examination.
• The level of knowledge required in order to pass the exam is high.
• Pass rates are higher for those that attend a CBK review seminar compared to those that study on their own
![Page 12: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/12.jpg)
www.issa.org 12
Questions?Questions?
![Page 13: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/13.jpg)
www.issa.org 13
Exam Content
• The CBK domains / outline• Not arranged into CBK sequence• Not specific to vendor or platform
![Page 14: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/14.jpg)
www.issa.org 14
Exam Content (cont)
• CBK Domains:1. Access Control Systems and Methodology2. Telecommunications and Networking Security3. Security Management Practices4. Application and Systems Development Security5. Cryptography6. Security Architecture and Models7. Operations Security8. Business Continuity and Disaster Recovery Planning9. Law, Investigation and Ethics10.Physical Security
![Page 15: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/15.jpg)
www.issa.org 15
FAQ 1
• How is the CISSP examination structured?The CISSP exam is a 250 question English language examination. Candidates are given 6 hours to complete the exam although most complete it in about 4 hours.
![Page 16: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/16.jpg)
www.issa.org 16
FAQ 2
• What are the questions like?All test questions are multiple choice with four possible answers. They are designed to test a candidate's knowledge of information security facts and concepts and their application.
![Page 17: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/17.jpg)
www.issa.org 17
FAQ 3
• How hard is the examination?The examination tests the expected knowledge a 3-5 year practitioner should have. It is designed to test for the minimum level of competency acceptable for someone to be certified as an information systems security professional. A knowledgeable candidate should not find the examination difficult.
![Page 18: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/18.jpg)
www.issa.org 18
FAQ 4
• If the examination isn't particularly difficult, why don't more people pass it?What makes the examination difficult is the expansive knowledge base it covers. It's difficult to develop expertise in all ten domains.
![Page 19: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/19.jpg)
www.issa.org 19
FAQ 5
• Are the questions in the Study Guide really representative of examination questions?The study guide questions are good examples of the format and type of questions you would see on the exam but are not necessarily representative of the difficulty.
![Page 20: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/20.jpg)
www.issa.org 20
FAQ 6
• Which domains are the hardest? The domains that you have the least experience with. For many people these are often cryptography, system architecture, and physical security – these usually score the lowest.
![Page 21: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/21.jpg)
www.issa.org 21
FAQ 7
• Are there questions on NT or UNIX?The CISSP examination is not vendor or commercial product specific. There are questions on the security models and methodologies used by these systems but only security products that are commonly used and freely available (i.e., SATAN) are acceptable for examination questions.
![Page 22: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/22.jpg)
www.issa.org 22
FAQ 8
• What's the passing score?There is no fixed passing score for the examination. The cut score for each examination is calculated by equating the scoring values associated with each question. Passing rates estimated to be in the 70% to 80% range. Less than 8% of those tested achieve scores higher than 85%.
![Page 23: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/23.jpg)
www.issa.org 23
FAQ 9
• How detailed are the questions, what depth of knowledge is being tested? The CISSP examination is designed to evaluate the ability of a security manager, engineer or architect to properly evaluate, select, deploy and assess security measures. A candidate should have a detailed enough knowledge of security designs, measures, vulnerabilities, etc. to successfully accomplish these tasks.
![Page 24: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/24.jpg)
www.issa.org 24
Web Sites
• International Information Systems Security Certification Consortium (ISC)2 http://www.isc2.org/
• The CISSP Open Study Guide http://www.cccure.org/
• Web portal for the CISSP http://www.cissp.com
• The SANS (System Administration, Networking, and Security) Institute http://www.sans.org/newlook/home.php
![Page 25: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/25.jpg)
www.issa.org 25
Books
• CISSP All-in-One Certification Exam Guide– Shon Harris / McGraw Hill
• SRV-Publications: CISSP Exam Study and Practice Books– https://www.srvbooks.com/
![Page 26: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/26.jpg)
www.issa.org 26
Books (cont)
• Information Security Management Handbook (multiple editions, volumes)– Editors: Micki Krause, Harold F. Tipton
• Advanced CISSP Prep Guide: Exam Q&A- Ronald L. Krutz, Russell Dean Vines
![Page 27: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/27.jpg)
www.issa.org 27
Questions?Questions?
![Page 28: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/28.jpg)
www.issa.org 28
Logistics – Times
• Time?– 6:00– 6:30– 7:00
• Duration?– 1 hour– 1.5 hours– As long as needed
![Page 29: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/29.jpg)
www.issa.org 29
Logistics - Dates
• Consider– December 22– December 29
![Page 30: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/30.jpg)
www.issa.org 30
ISSA Buffalo Niagara Chapter Activities
ISSA Buffalo Niagara Chapter Activities• Monthly meetings
- Presentations based on chapter members needs • Workshops
- HIPAA was in early August
- Network Attacks and Countermeasures – Th. Oct 30 - Digital Forensics – Th. Nov 20- All based on members needs via member survey– Rotate management and technical subjects
• Certification Test Prep- Starting today!
![Page 31: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/31.jpg)
www.issa.org 31
ISSA Buffalo Niagara
www.issabuffaloniagara.org
![Page 32: Information System Security Association ISSA Buffalo Niagara](https://reader035.vdocuments.site/reader035/viewer/2022062518/56813fd2550346895daab470/html5/thumbnails/32.jpg)