Company| Course Calendar| Services| News| Security Alerts| Enrollment| Contact Us


Certification Listing
About CISSP
The Certified Information Systems Security Professional (CISSP) designation is established in 1990 and administrated by the International Information Systems Security Certification Consortium, or (ISC)2. Working with a professional testing service, (ISC)2 has developed a certification examination based on the information systems security Common Body of Knowledge (CBK). Candidates have up to 6 hours to complete the examination, which consists of 250 multiple choice questions that address the ten topical test domains of the CBK.

The information systems security test domains are:
  • Security and Risk Management
  • Asset Security
  • Security Engineering
  • Communication and Network Security
  • Identity and Access Management
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security
In addition to passing the examination, candidates must have 5 years or 4 years with a degree or equivalent life experience in two or more of the ten test domains of the information systems security Common Body of Knowledge (CBK), and then endorsed by a qualified third party to get certified.

Valid experience includes information systems (IS) security-related work performed as a practitioner, auditor, consultant, vendor, investigator or instructor, that requires IS security knowledge and involves direct application of that knowledge. The 3 years experience is the actual time worked; the requirement is cumulative, however, and may have been accrued over a much longer period of time.

For more information, you may visit the (ISC)2 web site www.isc2.org
About CISA
Since 1978, the Certified Information Systems Auditor (CISA) program, sponsored by the Information Systems Audit and Control Association (ISACA), has been the globally accepted standard of achievement among IS audit, control and security professionals. The purpose of the examination is to evaluate a candidate’s knowledge and experience in conducting information systems audits.

The examination consists of 200 multiple-choice questions, administered during a four-hour session, examine on the 5 Process & Content Areas:

  • The Process of Auditing Information Systems (14%)
  • Governance and Management of IT (14%)
  • Information Systems Acquisition, Development and Implementation (19%)
  • Information Systems Operations, Maintenance and Support (23%)
  • Protection of Information Assets (30%)

ISACA uses and reports scores on a common scale from 200 to 800. A score of 450 or higher represents a passing score for the entire exam. After successfully completed the CISA Examination, certification is granted initially to individuals who have accumulated a minimum of 5 years professional information systems audit, control or security work experience. However, substitutions and waivers of such experience may be obtained.

For more information, you may visit the web site of ISACA www.isaca.org
About CISM
The Certified Information Security Manager (CISM) is specifically geared toward experienced information security managers and those who have information security management responsibilities. CISM is designed to provide executive management with assurance that those earning the CISM designation have the required knowledge and ability to provide effective security management and consulting.

The 4-hour CISM exam is consists of 200 multiple-choice questions that cover the 5 job practice areas created from a CISM job practice analysis and reflects the work performed by information security managers. The 5 information security management areas are as follows:

  • Information Security Governance (23%)
  • Information Risk Management (22%)
  • Information Security Program Development (17%)
  • Information Security Program Management (24%)
  • Incident Management and Response (14%)

ISACA uses and reports scores on a common scale from 200 to 800. A score of 450 or higher represents a passing score for the entire exam. After successfully completed the CISM Examination, certification is granted initially to individuals who have accumulated a minimum of 5 years professional information security management work experience.

However, substitutions and waivers of such experience may be obtained.

For more information, you may visit the web site of ISACA www.isaca.org
About GCIH
Global Information Assurance Certification (GIAC) was founded in 1999 by The SANS Institute. While there are competing certifications at the entry or management level, GIAC is a group of information security certifications for advanced technical subject areas. GIAC is unique in not only testing the knowledge of candidates, but also their ability to put that knowledge into practice in the real world.

GCIH is designed for individuals responsible for incident handling and who require an understanding of the current threats to systems and networks, along with effective countermeasures. The GCIH title demonstrates the knowledge, skills, and abilities of an individual in managing incidents; understanding common attack techniques and tools; and defending against and/or responding to such attacks when they occur.

There are now two types of GCIH certification: Silver and Gold. A candidate can obtain a Silver certification after passing two 2-hour examinations. Each examination contains 75 or more questions and a score of 70% or better means a pass. After earning Silver certification, one can apply for Gold certification which requires a technical paper that demonstrates real-world, hands-on mastery of subject skills. Re-certification is required for every 4 years.

For more information, visit the web site of GIAC www.giac.org
About GCFA
GIAC Certified Forensic Analyst (GCFA) is another certification from the Global Information Assurance Certification (GIAC). GCFA is designed for individuals responsible for forensic investigation/analysis, advanced incident handling, or formal incident investigation. Holders of GCFA demonstrate their knowledge, skills, and abilities to handle advanced incident handling scenarios, conduct formal incident investigations, and carry out forensic investigation of networks and hosts.

There are two types of GCFA certification: Silver and Gold. A candidate can obtain a Silver certification after passing two 2-hour examinations. After earning Silver certification, one can apply for Gold certification which requires a technical paper that demonstrates real-world, hands-on mastery of subject skills. Each examination contains 75 or more questions and a score of 70% or better means a pass. Re-certification is required for every 4 years.

Visit the web site of GIAC www.giac.org for more details.
About i-TotalSecurity
A pioneer in information systems control and security education and consultancy who bring the best knowledge, skills and practices to meet the certification and working needs of individuals and corporations.

Since 1995, our qualified and no-nonsense security specialists are teaching information security with students from leading corporations, government and military organizations internationally.
Enquiry
Call us at +852 2965.4445 or e-mail info@i-TotalSecurity.net