Network / Systems Administration
What you should be aware of
| Security Fundamentals | Access Control | Ethical Hacking |
| Network Security | Identity Management | Social Engineering |
| Operations Security | Cryptography | Penetration Testing |
| Application Security | Database Security | Vulnerability Assessment |
| Threats | Data Security | Countermeasures |
| Vulnerabilities | Data Backup | Secure Internet Access |
| Virus | Restoring Backup | Internet Filtering Software |
| Trojans | OS Hardening | Digital Certificate |
| Worms | Windows Administration | Digital Signature |
| Spyware | Windows Registry | File Transfer Protocol |
| Adware | Boot Sector Virus | Incident Response |
| Keylogger | Corrupted Registry | Port Scanning |
| Phishing | Desktop Security | Packet Sniffing |
| Spamming | Denial of Service | Password Cracking |
Suggested certifications: Network+, Security+, MCSA, MCSE, MCP, CCNA, CCNP
Certifying organizations: CompTIA, Microsoft, Cisco
Network / Application Security Assessment
What you should be aware of
| Network Security Testing | Cryptography | Ethical Hacking |
| Web Application Security Testing | Public Key Infrastructure | Social Engineering |
| Operating System Security | Data Encryption Standard | Penetration Testing |
| Patch Management | Advanced Encryption Standard | Vulnerability Assessment |
| Perimeter Defense | Directory Traversal | Countermeasures |
| Reconnaissance | Code Analysis | Digital Certificate |
| Footprinting | Code Injection Attack | Digital Signature |
| Enumeration | Cross Site Scripting | Steganography |
| Google Hacking | Cross Site Request Forgery | System Hacking |
| Identify Theft | Metasploit Framework | Session Hijacking |
| Malware | Privilege Escalation | Man in the middle attack |
| Keystroke Loggers | SQL Injection | Password Cracking |
| Firewall Architecture | Thread Modeling | Wireless Sniffers |
| Intrusion Analysis | Threat Profiling | Wireless Traffic Analysis |
| IDS / IPS | Denial of Service | Wireless Security Layers |
| Unified Threat Management | Distributed Denial of Service | Wireless ARP Poisoning |
Suggested certifications: Security+, GISF, CEH, GPEN, GWAPT, GAWN, CWNA, CWSP
Certifying organizations: CompTIA, EC-Council, SANS
Incident Response & Computer Forensics
What you should be aware of
| Electronic Evidence | Data Acquisition and Duplication | Incident Response |
| Digital Forensics | Event Correlation | Cyber Crime |
| Digital Media | File Recovery Tools | Cyber Law |
| Intrusion Analysis | File Signature Analysis | Cyber Warfare |
| IDS Architecture | Hash Analysis | Live Response |
| Intrusion Prevention System | Image File Forensics | Security Incident Report |
| Security Monitoring | Mobile Forensics | Investigation Process |
| Network Traffic Analysis | Network Forensics | Operating System Forensics |
| Log Capturing | Windows Forensics | Kerberos Authentication Process |
| Log Analysis | Windows Registry Analysis | Denial of Service |
| Packet Decode | Signature Analysis | Email Fraud |
| Intruder Footprints | Static Analysis Process | Steganography |
| False Positives | Emergency Response Team | Unified Threat Management |
Suggested certifications: Security+, CEH, GPEN, CHFI, GCFA, GCIA, GCIH, GREM
Certifying organizations: CompTIA, EC-Council, SANS
Information Security Management
What you should be aware of
| CIA Triad | Security Practices | Asset Management |
| Network Security | Security Policy | Asset Valuation |
| Operations Security | Security Strategy | Risk Assessment |
| Physical Security | Security Architecture and Design | Privacy Laws |
| Access Controls | Security Roles and Responsibilities | Regulatory Compliance |
| Identity Management | Information Security Controls | Risk Evaluation |
| Software Development Security | Information Security Framework | Risk Management |
| Database Security | IS Program Development | Risk Mitigation Strategies |
| Cryptography | IS Steering Group | Information Risk Management |
| Source Code Security | Enterprise Security Requirements | Configuration Management |
| Threat Modeling | Enterprise Governance Framework | Incident Management |
| Penetration Testing | BCP / DR | Problem Management |
| Vulnerability Assessment | System Resilience | Service Level Management |
| Telecommunication Security | Computer Crime Investigation | Cost Benefit Analysis |
Suggested certifications: Security+, GSEC, CISSP, CISM, ISMS
Certifying organizations: CompTIA, SANS, ISACA, ISC2, IRCA
For specific information on various certifications and their pre requisites visit our training synopsis on Information Security Management.
The first step to choosing a career in Information Security Management (ISM) is to determine the area of interest in information security.
- Do you want to focus on securing code?
- Or is your interest more in computer forensics?
- Or handling security audits of networks and systems?
- Maybe, a security researcher who identifies vulnerabilities in products or applications?
- Or a security consultant who implements international standards such as ISMS?
Certifications can be a great help, since you will learn a lot about information security and also validate your knowledge of the domain.
Those interested in security should first pursue certifications that will help them gain general IT skills.
Network certifications such as Network+ from the Computing Technology Industry Association (CompTIA) and the Cisco Certified Network Associate (CCNA) will help provide a good foundation of general network knowledge on which to build the security skills.
In addition to network certifications, for those who wish to work with Windows operating systems, the Microsoft Certified Systems Engineer (MCSE) can be very useful.
For general security practitioners, a good entry-level certification is the Security+ certification from CompTIA. It provides the basic knowledge required for securing a network, and is slowly gaining popularity and recognition. The GIAC Security Essentials Certification (GSEC) from SANS Institute is also good for representing broad security knowledge.
Perhaps the most recognized certification for general security practitioners is the Certified Information Systems Security Professional (CISSP) from the International Information Systems Security Certification Consortium (ISC)2. This certification is highly recognized and respected in the security community since it requires candidates not only demonstrate knowledge of 10 domains of information security but also document at least four years of security experience.
A thorough understanding of each of these domains is not required, so this is a good certification for anyone interested in the security field, and even if you wish to specialize in a certain aspect, the wide range of knowledge is beneficial.
For those interested in more-specific security certifications, SANS Institute as well as EC-Council offer many highly regarded certifications, such as, GIAC Certified Penetration Tester (GPEN) and Certified Ethical Hacker (CEH), GIAC Certified Forensics Analyst (GCFA) and GIAC Certified Incident Handler (GCIH) and Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA) provide more detailed coverage for precise areas of information security.
The Information Systems Audit and Control Association (ISACA) offers the Certified Information Security Manager (CISM), a certification for those interested in managing and overseeing enterprise-level information security and the Certified in Risk and Information Systems Control (CRISC), a certification for those responsible for managing business risk for enterprises and capable of implementing appropriate IS controls.
A good understanding of how to implement international standards such as ISO 27001 Information Security Management Systems (ISMS) is considered quite important for those aspiring to for a career in information security.