CISSP.com is defined as a web portal for the certified information systems security professionals.It is used to help promote the CISSP Certification, share knowledge and communication amongst certified information system security professionals and is an information service website to help information security professionals who are seeking to become CISSPs.

CISSP concentrations are fresh new air flowing around. This exam creating fuzz everywhere even into US Army.

This time i will focus on ISSMP i.e. Information Systems Security Management Professional. This concentration requires that a candidate demonstrate two years of professional experience in the area of management, considering it on a larger enterprise-wide security model. This concentration contains deeper managerial elements such as project management, risk management, setting up and delivering a security awareness program, and managing a Business Continuity Planning program. A CISSP-ISSMP establishes, presents, and governs information security policies and procedures that are supportive to overall business goals, rather than a drain on resources. Typically the CISSP-ISSMP certification holder or candidate will be responsible for constructing the framework of the information security department and define the means of supporting the group internally.

CISSP-ISSMP professionals have a far more well-rounded and complete comprehension of
information security than other popular management credentials.

Domains of ISSMP:

• Security Management Practices
• Systems Development Security
• Security Compliance Management
• Understand Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)
• Law, Investigation, Forensics and Ethics

CISSP concentrations are fresh new air flowing around. This exam creating fuzz everywhere even into US Army.

This time i will focus on ISSAP i.e. Information Systems Security Architecture Professional. This concentration requires a candidate to demonstrate two years of professional experience in the area of architecture and is an appropriate credential for Chief Security Architects and Analysts who may typically work as independent consultants or in similar capacities. The architect plays a key role within the information security department with responsibilities that functionally fit between the C-suite and upper managerial level and the implementation of the security program. He/she would generally develop, design, or analyze the overall security plan. Although this role may typically be tied closely to technology this is not necessarily the case, and is fundamentally the consultative and analytical process of information security.

Recognition for Advanced Expertise in Information Security Engineering
ISSEP: Information Systems Security Engineering Professional is a new part of the ISC2 CISSP concentration cert. This concentration was developed in combination with the U.S. National Security Agency (NSA) to provide tools for any systems security engineering professional. CISSP-ISSEP is the guide for incorporating security into projects, applications, business processes, and all information systems. Security professionals are hungry for workable methodologies and best practices that can be used to integrate security into all facets of business operations. The four major domains of the CBK covered by CISSP-ISSEP certification are:

• Certification and Accreditation
• Systems Security Engineering
• Technical Management
• U.S. Government Information Assurance (IA) Regulations

How many of CISSP credential holders think that we came up here by studying vast domain on security? Atleast I am. I always think that does it really matter to companies of different field that I am CISSP certified. That make me very specific with my skills.

Fortunately, ISC2 came up with excellent answer. CISSP-CONCENTRATION. They quoted “After the original conception of the CISSP, and the continuous evolution of information security, (ISC)² discovered a need to develop credentials which address the specific needs of our members. With this in mind.” ISC2 developed CISSP Concentrations in the functional areas of:

• Architecture (ISSAP)
• Engineering (ISSEP)
• Management (ISSMP)

CISSP-concentration prove the long awaited proven expertise credentials in specific domain of CISSP certificate holders.

I am sure most of CISSPians out there waiting for this opportunity.

Click here for more information

Is CISSP certification is easy?

This is pretty controversial topic, some people think that it is easy but most of the people find it real hard. You should have experience of at least 3 years in IT security before you apply for the exam. You are required to come up with an extremely wide area of IT security such as physical security, very few people will have any experience in. And you will be expected to do enough reading and studying to get through CISSP certification exam: 250 questions to be answered in 6 hours. Hard to keep upwith much fun.

Get certified, sit back and enjoy.

The answer is big NO. After you pass the exam you are expected to earn CPE credits in order to keep your certification active. If you don’t then you are required to resit the exam after 3 years to keep the certification. Getting CPEs is fairly straightforward: if you publish papers, attend seminars, do some presentations, and basically remain active in the IT security arena then you should have no problem here. But it takes a little work: this isn’t a get-it and forget-it sort of certification.

You will get more money/better job/more recognition.

In actual fact, you probably won’t. I have found that many employers and even employment agencies have no idea what a CISSP is. They tend to think in terms of the product-certifications; you know, the Cisco CCNA and Checkpoint CCSE sort of thing. They have no idea that you need 3 years of experience to get a CISSP, and they have no idea that it is an ongoing professional-level certification like a CPA (Chartered Accountant). Ergo, you probably won’t get a better job or more money from waving your CISSP certificate around.

So, why would you want a CISSP? Its not easy to get, it takes maintenance, and may not gain you much. Why would you want to go through all that hassle? Here’s some good reasons:

1. To expand your knowledge in security concepts and practices.
2. To show a dedication to the security discipline.
3. To meet a growing demand for security professionals, and to work in a thriving field.
4. To join a professional organisation and to link up with like-minded individuals.

If you’re genuinely interested in IT security (cryptography, practices, ethics, etc), and you feel you need a driver to learn more then the CISSP is for you. Book the exam, then start learning as much as possible. On the other hand, if you just want a better job/more money then get an MCSE or CCNA

“Necessity is the Mother of all Inventions”, sophistication of digital environment lead to the discovery of Computer Forensics. Computer Forensics is an investigative process of collecting and examining of electronic evidence to form a structured report which can be produced in a court as a evidence. Computer Forensic is introduced when crime is facilitated either by using computer or on Computer or Network itself. Computer Forensic also deals with the issue, such as Privacy, Copy Infringement, and Software ownership. For the collection of Electronic Evidence, it is required to follow certain pre-established procedure and steps, which ensures the identity of culprit. By following such methodologies, computer crime investigation can be done effectively and efficiently.

Investigating Computer Crimes

If any forensic investigation involves Computer in one way or another, then the investigation is coined as Computer Forensic Investigation. Development of technology from the last two decades is so rapid that it made lot easier for criminals to hide information about their crimes, one advantage enjoyed by investigators is that any type of Computer Crime results in some type of clue and evidence stored on computer but still there are number of Cyber Crimes which requires Computer Forensic investigation, some of them are:

• Unauthorized access
• Property Theft (misuse of information)
• Forgery
• Privacy breach
• Computer fraud.
• Child pornography

Methodology of Forensic Investigation
First and Foremost step of Investigation process is Complaint. Investigation will never going to occur if it remain un-noticed, unless appropriate authorities are not aware of the crime being committed, criminal gets away with crime. There are some fundamental steps involved in forensic investigation,

Preparation (of the investigator, not the data)

Computer Forensic Investigators must be prepared with the tools and procedures used during investigation, these tools include Hardware as well as Software which are used to secure evidence and data.

Collection (the data)

Next important step is to collect damaged data as efficiently as possible, damaged data typically includes deleted files, formatted hard disk, deleted partitions or any other form of electronic storage medium like compact disk, USB drives etc. Special care must be taken when handling computer evidence: most digital information is easily changed, and once changed it is usually impossible to detect that a change has taken place (or to revert the data back to its original state) unless other measures have been taken.

Analysis

This step involves proper examination and evaluation of gathered information. During analysis it is very important that the collected data and information aren’t modified in any way, otherwise property of data will change. Therefore it is very necessary to use tools that won’t modify data. Chiefly Forensic Analysis consists of manual review of material on the media, reviewing the Windows registry for suspect information, discovering and cracking passwords, keyword searches for topics related to the crime, and extracting e-mail and images for review.

Reporting

After the completion of Analysis, a detailed report is generated enlisting all possible evidences and information. This Report is produced as a legal evidence before court whenever required.

The Role of Evidence

Collection of Evidence is the sole reason behind the Forensic Investigation; therefore Evidence plays a vital role in Computer Forensic Investigation. The Digital Evidence should be properly studied, preserved and presented. These Evidences are presented in court during legal process and questioning. Collection of Evidence is done in several steps, first of which is Identification of Evidence followed by the Recovery of Evidence, this is accomplished viewing log files, recovering data using different forensic tools. One more important point which should be kept in mind during Investigation is security of Data, Digital Evidence and Data must be secured throughout the investigation.

Volatile Evidence

Data stored in temporary storage media [Random Access Memory(RAM), Cache Memory, Onboard memory of different peripherals like Graphics and video card etc ) are termed as Volatile Memory because data stored in it depends on the electricity for their existence, as soon as the system is powered off, stored data will be permanently vanished. It is therefore very important to collect such data first.

Acquiring Evidence

This is the next step of processing evidence. Acquisition process involves in making exact copy of digital evidence. It is very important that the original data isn’t altered, damaged or destroyed in doing so.

Disk Imaging

This technique is used to preserve the original evidence as it was seized. Disk imaging is different from back up of a disk in a way that while creating backup, only active files of a system are copied. Whereas during disk imaging exact replica of original disk is formed.

Retaining Data and Timestamp:

Retaining the Date and Time of creation and modification of Data is a vital factor to be kept in mind in criminal issues. Timestamp in a file are very important evidence, since the timestamp is according to the system clock which is in turn depends on the time zone. It should always investigated that which time zone is configured on the system, it may be possible that criminal deliberately change the time zone so that the data does not co-relate with the real time.

Investigating Company Policy Violations

Investigation Process of Companies are totally different from the other types of Investigations. Normally when Cyber crime occurs on house computers, police are called for proper investigation. In a Corporate World a team of some specialized skilled peoples are formed which is known as Incident Response Team. This team is responsible for finding the type of Cyber crime occurred and eventually contact police for further investigation, depending upon the type of crime occurred and what is found in investigation. This Incident Response Team also deal with the internal matter of the company like security breach by company employee, unauthorized access to company’s computer etc. It is not always necessary to include police investigation when policies are violated, sometime it is dealt by company itself by taking disciplinary action against the accused employee. But still Forensic Investigations is important because these procedures create a tighter case, thus leaving no point to argue the facts.

Certified Information Systems Security Professional (CISSP) is an independent information security certification governed by the not-for-profit International Information Systems Security Certification Consortium, commonly known as (ISC)2. In June, 2004, the CISSP was the first information security credential accredited by ANSI ISO/IEC Standard 17024:2003 accreditation, and, as such, has led industry acceptance of this global standard and its stringent requirements.It is formally approved by the U.S. Department of Defense (DoD) in both their Information Assurance Technical (IAT) and Managerial (IAM) categories. The CISSP has been adopted as a baseline for the U.S. National Security Agency’s ISSEP program. (ISC)2 promotes the CISSP certification as the “international gold standard” against which other security certifications are measured.

IT professionals with security expertise are often in high demand, and the CISSP is one metric by which that expertise can be demonstrated. A 2006 Certification Magazine salary survey also ranked the CISSP credential highly at $94,070 per year, and ranked CISSP concentration certifications as the top best paid credentials in IT, with CISSP-ISSAPs averaging at $114,210 per year and CISSP-ISSMP at $111,280 per year. These numbers correlate with compensation advantages enjoyed by IT security professionals in general, as well as with advantages accruing to the seniority and management roles that intersect with the concentration certificates.