Tuesday, March 10, 2009

All about IT Security and related Certifications

In the computer industry, security refers to techniques which ensure that data stored in a computer cannot be read or compromised by any individual without authorization. Most security measures involve data encryption and passwords. Data encryption is the translation of data into a form that is unintelligible without a deciphering mechanism. A password is a secret word or phrase that gives a user access to a particular program or system.
IT Security is a vast domain and has various subsets as listed below:

Application Security Application Security
This encompasses measures taken throughout the application's life-cycle to prevent exceptions in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, up gradation, or maintenance of the application. Certification for application security: GIAC Web Application Penetration Tester (GWAPT).


Computer Security Computer Security
This is a branch of technology known as information security as applied to computers. The objective of computer security can include protection of information from theft or corruption, or the preservation of availability, as defined in the security policy.

Network Security Network Security
This consists of the provisions made in an underlying computer network infrastructure, policies adopted by the network administrator to protect the network and the network-accessible resources from unauthorized access, and consistent and continuous monitoring and measurement of its effectiveness (or lack) combined together.
A video on network security certification



Internet security
When a computer connects to a network and begins communicating with others, it is taking a risk. Internet security involves the protection of a computer's internet account and files from intrusion of an unknown user. Basic security measures involve protection by well selected passwords, change of file permissions and back up of computer's data.
Providing full security to the network and its users is the job of internet security professionals. The description of their job position: First, the internet security professionals design security protocols that should be followed by every user in the network; second, they work with network professionals to ensure network security through proper network design; and third, they work with application developers so that the application would be implemented according to the network’s security measures.

Important Certifications in the Security Domain (According to International Information Systems Security Certification Consortium (ISC2)).

Certified Information System Security Professional (
CISSP) - If you plan to build a career in information security – one of today’s most visible professions – and if you have at least five full years of experience in information security, then the CISSP® credential should be your next career goal.CISSP certification is not only an objective measure of excellence, but a globally recognized standard of achievement.

Systems Security Certified Practitioner (
SSCP) – ISC2 introduced the Systems Security Certified Practitioner certification in March 2001. This intermediate-level certification is meant for IT security practitioners with a minimum of one year of PROFESSIONAL experience in the field of information security. SSCP is ideal for those working towards positions such as Network Security Engineers, Security Systems Analysts, or Security Administrators.

RSA Certified Security Professional - The RSA Certified Security Professional Program offers technology professionals the knowledge, skills, and credentials necessary to deploy and maintain reliable enterprise security systems.

Cisco Certified Security Professional (
CCSP) - The CCSP certification is an advanced network security certification. With CCSP certification, a network professional demonstrates the skills required to secure and manage network infrastructures to protect productivity and reduce costs. Candidates for the certification are tested for advanced knowledge of various Cisco security products
Brainbench Internet Security Certification (BIS) - This credential identifies individuals with a good working knowledge of Internet security practices, principles, and technologies.
Brainbench Network Security Certification (BNS) - This program identifies individuals with a good working knowledge of network security practices, principles, and technologies.
Security Certified Network Professional (
SCNP) - As part of the vendor-neutral Security Certified Program (SCP) sponsored by Ascendent Learning, the SCNP is an advanced security certification designed to test knowledge of high-level security topics.

Sources
· [http://en.wikipedia.org/wiki/Application_security]
· [http://en.wikipedia.org/wiki/Computer_security]
· [http://en.wikipedia.org/wiki/Network_security]
· [http://certification.about.com/od/securitycerts/a/seccertessentls.htm]
· [http://www.hyperlessons.com]

2 comments:

  1. good................. keep it up...........it is very helpfull toooooooooooooooo..............


    keep it up........

    ReplyDelete
  2. kaam shuru ho gaya hai matlabh , all the best bro ..............
    u r a true geek

    ReplyDelete