Information Security Engineering
Certified Professional
Description
ISECP is a vendor-neutral information security certification developed for IT specialists dealing with security tasks, professionals whose training in information security has been achieved through self-study and on-the-job experience, or those looking for an information security career.
The exam is proctored, real time, closed book, web-based and has 40 items to be completed in 60 minutes. The minimum passing score is 60 out of 100.
Examination cost:FREE The examination is free. The certification will be recorded in the online personal transcript and will be publicly visible one month FOR FREE. During this time, you may choose to acquire the Certification Package.
Certification Package: $50 US The Certification Package includes:
- 5 years certification maintenance in the online transcript
- the paper certificate
- the printed official transcript
- usage rights for certification logo
Certification procedure
Examination topics
Information Security Administration
- basics of information security administration
- data classification
- information security control types
- incident and disaster recovery
Applications and Databases Security
- basics of applications and databases security
- application design practices and errors
- threats to application security
- DBMS models and common DBMS security
Computing Systems Security
- basics of computing systems security
- workstations security
- handheld devices security
- servers security
- operating systems security
Cryptography
- simple ciphers
- symmetric stream and block ciphers
- public key ciphers and digital signature schemes
- hash algorithms
- hybrid cryptosystems
Communication Systems Security
- basics of communication security
- wired& wirelessnetworks security
- virtual private networks
- network security protocols and remote access
- firewalls
- attacks to data networks and appropriate defenses
- data networks availability and disaster recovery
- digital voice communication security
Access Control
- basics of access control
- access types and methods
- multilevel security models
- knowledge-based identification & authentication
- biometrics-based identification & authentication
- single sign-on identification & authentication
- token based identification & authentication
- intrusion prevention, threats and detection
Study/Training Materials
In preparation for the exam, the following recommended study materials may be reviewed to build knowledge in certain topics:
Information Security Architecture: An Integrated Approach to Security in the Organization
by Jan Killmeyer |
Publisher: Auerbach Publications, 2006 / ISBN: 0849315492
Network Security Essentials: Applications and Standards
by William Stallings |
Publisher: Prentice Hall, 2006 / ISBN: 0132380331
The Executive Guide to Information Security: Threats, Challenges, and Solutions
by Mark Egan and Tim Mather |
Publisher: Addison-Wesley Professional, 2004 / ISBN: 0321304519
Applied Cryptography: Protocols, Algorithms, and Source Code in C
by Bruce Schneier |
Publisher: Wiley, 1996 / ISBN: 0471117099
Competencies This certification validates the competencies in designing, implementing, configuring and monitoring secure IT systems, applications, internal control systems and intrusion detection systems, ensuring compliance with policies and standards, securing and managing computing systems and communication infrastructures, performing information security operational functions and audits of various systems and applications, recognizing common attacks, handling incidents and responding to immediate/long term threats, as well as understanding key concepts of information security.
Job positions
An ISECP certified professional may apply for jobs such as Information Security Officer, Information Security Engineer/Analyst, Security Consultant, or Cryptographer.
