Certifiably Secure: Security University
As somebody who covers information security certifications as part of his job, I’m always delighted to learn about new, interesting, and significant security certification programs. In response to a recent revision to my vendor-neutral and vendor-specific security certification surveys for http://www.searchsecurity.com, Sondra Schneider of Security University recently contacted me to share some information about her programs. Although I never claimed to know everything about such certifications, I was stunned to learn that I had been overlooking her programs for more than three years. That’s just one reason why I’m glad to rectify that oversight here for the first time (and will be following up in all my other surveys as soon as possible).
Visit Security University’s website at http://www.securityuniversity.com and you’ll learn about its Advanced Information Security (AIS) certification program. Obtaining AIS certification requires passing 8 classes, and then tackling a single, comprehensive exam on all topics covered therein. These may be further broken down into 6 tools classes that cover information security fundamentals and related tools, technologies, and associated security techniques, and two management classes that address security policy and security architectures, as follows:
- Network penetration testing methods (5 days)
- Network firewall and VPN security (3 days)
- Virus analysis, patch management, and incident response (3 days)
- PKI, authentication, and access controls (3-day intro class, 5-day implementation course; only 5-day class required for exam)
- Intrusion detection (3-day intro class, 5-day implementation class; only 5-day class required for exam; an additional advanced ID class also available)
- Computer forensic investigations and incident response (3 days)
- Applied network security policy (3 days)
- Applied architecture security (3 days)
Like certain other security certifications—most notably, SANS—Security University follows a model wherein intensive classroom training from a top-notch faculty helps to insure proper understanding and mastery of security concepts, tools, techniques, and so forth. Security University’s training also stresses individual hands-on access to relevant tools and systems to help IT professionals attain operational mastery as well. Exams are offered only at restricted locations, rather than through global testing delivery outlets like Prometric or VUE. Because classes are required, costs are higher ($500-700 per day on average), but the training and learning are second to none.