Firewalls: Eager to Learn more?

CISSP and CISA Certification summary:

CISSP - To complete the CISSP (Certified Information Systems Security Professional), candidates must have 3 years IT security experience, and pass an exam on the IT Security CBK (Common Book of Knowledge), which is the summary of the 40 books comprising the ITIL standards. This certification assures a security professional well rounded in all 10 IT security domains. In addition, the candidate must adhere to a strict code of ethics, and update their skills yearly or forfeit the accreditation.

CISA - To complete the CISA (Certified Information Systems Auditor) certification, candidates must have completed a comprehensive exam, and completed 5 years work experience in IT security and auditing. Information covered includes the ITIL standards, divided into the 10 IT security domains. Auditors are thoroughly trained in examination and reporting on all policies and procedures regarding IT security, data safety and integrity, and alternate processing ability. The role of the auditor in today's workplace is to examine IT practices with a depth not seen by other IT staff, and to report on the overall effectiveness and weaknesses. To complete this accreditation, candidates must take an additional oath of strict ethical guidelines.

CBCP - With extensive study, two years experience specifically in Business Continuity and Disaster Recovery Planning, and 75% on a professional certification exam, one can complete the CBCP certification. BCP follows the professional practices of the Disaster Recovery Institute of Canada, taught through about a dozen courses in business continuity planning, business impact assessments, and incident command systems for corporations.

CISM - The CISM (Certified Information Security Manager) certification has been completed, but will not be awarded until December 2003. This course trains seasoned IT security professionals who have 5 years hands-on experience, and 3 years management experience in the adherence to ITIL standards as it pertains to management decisions and analyses. Focuses include risk management, quantitative approaches to IT security management, IT leadership in an evolving environment, and IT&S reporting to senior management.

Red Hat Certified Security Specialist (RHCSS)

Red Hat introduced a new security certification recently with a specialized focus on server and client machine security.

The Red Hat Certified Security Specialist (RHCSS) certification is targeted at experienced Linux IT administrators and system engineers who are proficient at installing and running Linux-based networks. The certification program tests users in areas such as locking down services running on a Linux machine and administering policies with SELinux (a secure version of Linux included in Red Hat software). The program also tests the knowledge of users for setting up specific security-focused applications, such as creating a secure directory on a Linux machine with single sign-on, as well as configuring VPNs and firewalls with Linux.

The RHCSS program joins the vendors' other popular programs, which include the Red Hat Certified Architect (RHCA) and Red Hat Certified Engineer (RHCE) certifications. The vendor claims that over 10,000 IT pros have received Red Hat certifications since the vendor began offering the programs. Red Hat certifications are offered as Red Hat locations worldwide and cost around $150 per exam.