CompTIA’s Security+ Recognized by Organizations
CompTIA’s Security+ certification has been available for less than a year, but it is growing in acceptance among IT certification vendors and organizations. Most recently, the Information Systems Audit and Control Association (ISACA) and the Information Systems Forensic Association (ISFA) have announced that they will accept the Security+ certification as equivalent to one year of job experience in IT security, helping IT professionals meet requirements for security certifications offered by the two organizations.
The Security+ certification verifies a candidate’s mastery of security job skills equivalent to two years of networking experience with a security emphasis. One exam is required, which covers communication security, infrastructure security, cryptography, access control, authentication, external attack and operational and organizational security. After earning Security+, IT professionals are prepared to follow up with more advanced training and certification.
ISACA’s Certified Information Security Manager (CISM) certification is a management-level credential for candidates who handle information security and know how to set up, implement and direct a security structure to manage risk effectively. To earn the CISM, candidates must pass the exam (until Dec. 31, 2003, candidates will also have the option of earning the credential without taking the exam under a grandfathering provision); adhere to ISACA’s Code of Professional Ethics; submit evidence of five years of information security work experience, with three years of information security management work experience in three or more job practice areas; and adhere to continuing education requirements. Candidates now have the option to apply their Security+ credential toward certification, as the equivalent of one year of experience. The credential can also be used for continuing education credits. Find out more about CISM at http://www.isaca.org/cism.htm.
The Certified Information Forensics Investigator (CIFI) certification from ISFA, is designed for experienced information forensics investigators who have experience performing investigation for law enforcement or for a corporate investigation team. One of the requirements for certification is three years of experience in each of six areas related to a common body of knowledge, including counter measures, information forensics tools and techniques, trace back, law enforcement and investigation, incident response teams and auditing. Security+-certified professionals will be credited with a year of experience in counter measures and trace back. To find out more, visit http://www.infoforensics.org/certification/certification.asp.
For more information on the Security+ certification, visit www.comptia.org/certification/security.
Emily Hollis is associate editor for Certification Magazine. She can be reached at firstname.lastname@example.org.