[DiabloHorn]

Hiya all,

I was wondering which security certificates there exist and which ones are the most apreciated?

also a little indication on costs would be nice.

thank you.

[cybrus]

security +
ethical hacking
CPTP
CISSP AND SO ON ARE WELLKNOWN CERTIFICATION IN COMUTER SECURITY

[genxweb]

I will give you the certs that I can almost guarantee you that will get you into most doors.

1) CISSP cost with boot camp close to 3 to 4gs or 500 just for self study and test.

2)CISA cost about same as the CISSP

3) CCNA cost unknown.

THese three certs could almost guaranteee you a int. Though to seal the deal I would add MCSE and CCSA or CCSE.

[obstruxtionist]

DiabloPatch, on Dec 29 2005, 04:31 PM, said:

Hiya all,

I was wondering which security certificates there exist and which ones are the most apreciated?

also a little indication on costs would be nice.

thank you.

Hey DiabloPatch,

Another great certification is the GIAC certification "Global Information Assurance Certification". This certification assists with validating the skills of security professionals. GIAC's purpose is to provide assurance that a certified individual holds the appropriate level of knowledge and skill necessary for a practitioner in key areas of information security. The SANS Institute founded GIAC in 1999. (Ref. from http://www.giac.org/)

SANS is one of the most trusted and by far one of the largest source for information security training and certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - Internet Storm Center. The SANS (SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and education organization. (Ref. from http://www.sans.org/aboutsans.php)

I would recommend tuning into this station, http://www.giac.org and spend some time researching some of the important GIAC Certification flavors. Here are some:

Certifications
GIAC Security Essentials Certification Certified Professionals (GSEC)
GIAC Certified Firewall Analyst Certified Professionals (GCFW)
GIAC Certified Intrusion Analyst Certified Professionals (GCIA)
GIAC Certified Incident Handler Certified Professionals (GCIH)
GIAC Certified Windows Security Administrator Certified Professionals (GCWN)
GIAC Certified UNIX Security Administrator Certified Professionals (GCUX)
GIAC Systems and Network Auditor Certified Professionals (GSNA)
GIAC Certified Forensics Analyst Certified Professionals (GCFA)
GIAC Information Security Fundamentals Certified Professionals (GISF)
GIAC Certified ISO-17799 Specialist Certified Professionals (G7799)
GIAC Certified Security Consultant Certified Professionals (GCSC)
GIAC Secure Internet Presence Certified Professionals (GSIP)
GIAC .Net Certified Professionals (GNET)
GIAC Information Security Officer Certified Professionals (GISO) - Retired
GIAC Securing Oracle Certification Certified Professionals (GSOC)
GIAC Security Audit Essentials Certified Professionals (GSAE)
GIAC Security Leadership Certification Certified Professionals (GSLC)
GIAC Assessing Wireless Networks Certified Professionals (GAWN)
GIAC Security Expert Certified Professionals (GSE)

Certificates
Securing Windows 2000 - The Gold Standard Certified Professionals (GGSC-0100)
Securing Solaris - The Gold Standard Certified Professionals (GGSC-0200)
GIAC HIPAA Security Implementation Certified Professionals (GHSC)
GIAC Business Law and Computer Security Certified Professionals (GBLC)
GIAC E-warfare Certified Professionals (GEWF)
GIAC Intrusion Prevention Certified Professionals (GIPS)
GIAC Reverse Engineering Malware Certified Professionals (GREM)
GIAC Cutting Edge Hacking Techniques Certified Professionals (GHTQ)
GIAC Legal Issues in Information Technologies Certified Professionals (GLIT)
Auditing Cisco Routers - The Gold Standard Certified Professionals (GGSC-0400)
GIAC Cyber Warrior Certified Professionals (GCYW)
GIAC Contracting for Data Security Certified Professionals (GCDS)
GIAC Law of Fraud Certified Professionals (GLFR)
GIAC Auditing Wireless Networks - Certificate Certified Professionals (GAWN-C)
Stay Sharp Program - Mastering Packet Analysis Certified Professionals (SSP-MPA)
GIAC Web Application Security Certified Professionals (GWAS)
GIAC Fundamentals of Information Security Policy Certified Professionals (GFSP)
Stay Sharp Program - Defeating Rogue Access Points Certified Professionals (SSP-DRAP)
Stay Sharp Program - Computer and Network Security Awareness Certified Professionals (SSP-CNSA)

Good luck, I am researching many of these certs myself so that I can do the best job I would like to do.

Regards,

Obstruxtionist

[spy.assasin]

obstruxtionist... Sounds like an ad to me (notice obstruxtionist has 1 post).

Anyway, I would tend to agree with genxweb & cybrus.

I have the study materials for the CISSP (including 10 disc's of video training and exams!) and have found it pretty cool. ;)

Forgive me if I am wrong, but I think the CISA is pre-CISSP correct???

CISA = Certified Information Systems Auditor
CISSP = Certified Information Systems Security Professional

CCNA and most Cisco Certs. are very sought after in the industry right now!

Best thing to do would be to find some job postings for companies you are interested in working for and see what certifications they want a successful candidate to have...

I'm sure you will see a pattern of the most wanted certs! Good luck with your cert. venture!

[Sano]

Quote

CISA = Certified Information Systems Auditor
CISSP = Certified Information Systems Security Professional

I would disagree. The CISSP is a good overview of Security and the CISA is focused on Auditing. I have my CISSP and I'm studing off and on for my CISA. The CISA does go over the same information as the CISSP. For exapmle, DR/BCP, Access controls, CIA, Network security, etc.

IMO, having a CISSP is helping me with my CISA. I don't have to relearn some of the topics and I can focus more on auditing procedures.

my .02

[Dr-Cipher]

the CCNA and CCNP courses cost me 1000 british pounds,
so i guess its 500 a course (home study).



Thanks,

[UtmostBastard]

I agree with Ph03n1xPr0j3c7 (CP :) Now that I have the CISSP and CEH I am going to add on the CISA. A GIAC cert or two are on the list after that. More certs + more job offers = More $$$. I don't know about you guys but I surely don't work for fun !

[Twistar]

Many Certs will get you past the HR department on your way to an interview.
CISSP certainly will.

CISSP and CEH on their own will not get you the job. You have to have experience to back you up. Both of these Certs have plenty of brain dumps etc to make acquisition easier which would make me look at a person credentials a lot closer.

CISSP is a management level Cert. and if the person holding one does have experience to back them up this Cert will indeed open doors.

The GIAC series of certifications are for people that deal with issues where the rubber meets the road. They can handle "real" issues.

The problem with the GIAC certifications is the huge expense. There is almost no way to acquire one with out spending $3000 US.
I am preparing to challenge the Intrusion Analyst Exam (GCIA) and it will cost me $800 US just to challenge the exam with out any course material. I've been preparing for 2 months and I think I'll be ready in 4 months from now.
It will cost me money as well to write a practise test which I have to do at some point in order to get a feel for the depth of knowledge required in any one area.

GIAC wasn't always this pricey but somewhere along the way GIAC decided to focus on the corporate education/certification market. I don't like it and I don't have anything nice to say about their pricing strategy.
But at the end of the day, if I was put on the spot, given 2 resumes ( 1 with just CISSP and the other with just GIAC ), told to make a decision based soley off the resumes and asked to select one for a security position, it would be the GIAC.
The individual with the GIAC I am positive will be able to handle CISSP with ease or grow into the position if required. The person with just the CISSP gives me no strong indication that they can handle "real world" IT security issues.

[DiabloHorn]

wow thank you very much for the nice replies here.

This will certainly help me out.

thanks again.

[ultra]

IMHO,GIAC - is much more better than CISSP,beacause first one is more difficult and serious than second.

[ultra]

royal, on Feb 21 2006, 07:13 PM, said:

Nothing is better.

:blink:

BN says: Nothing IS better, so I deleted Royal's post; that's why you don't see it. :)

[KevnDcks]

Dr-Cipher, on Feb 11 2006, 01:51 AM, said:

the CCNA and CCNP courses cost me 1000 british pounds,
so i guess its 500 a course (home study).



Thanks,

Darn that appears to be costly, im doing my CCNA certification in about 4 months at collage, but the downside is i have to pay £1200 a year for the course.

[obstruxtionist]

Just so everyone knows in case anyone cares, obstruxtionist is not an advertisement, I actually just signed up with GovSec in Feb. If you noticed, my post wasn't to shortly after. My reason to post was to be helpful which all the information I provided is actaully very useful if interested in true certs.

I am always interested in new certs or like to research them anyway so I happen to know about some of the most valuable certs so I posted them.

No harm no foul! I would like to post more but haven't had any time to get into the forums like I wish. You'll see me some more just not as quickly and as much as I would prefer.

spy.assasin, on Feb 9 2006, 11:55 AM, said:

obstruxtionist... Sounds like an ad to me (notice obstruxtionist has 1 post).

Anyway, I would tend to agree with genxweb & cybrus.

I have the study materials for the CISSP (including 10 disc's of video training and exams!) and have found it pretty cool. ;)

Forgive me if I am wrong, but I think the CISA is pre-CISSP correct???

CISA = Certified Information Systems Auditor
CISSP = Certified Information Systems Security Professional

CCNA and most Cisco Certs. are very sought after in the industry right now!

Best thing to do would be to find some job postings for companies you are interested in working for and see what certifications they want a successful candidate to have...

I'm sure you will see a pattern of the most wanted certs! Good luck with your cert. venture!