Questions tagged [certification]

We use the certification tag for questions about programs designed to vouch for an individual's competence in security-related work. Use the "compliance" tag for programs like PCI-DSS that assess the security of a server.

94 questions
29
votes
5 answers

Professional certifications for IT Security

Which credentials of the sub-list of IT certifications (as per the Information Systems Security Association) would be considered MUST HAVE for a IT Security specialist? CEH Certified Ethical Hacker CIPP Certified Information Privacy…
Eric Warriner
  • 3,251
  • 3
  • 24
  • 20
25
votes
6 answers

How to start with an Information Security Program?

I am a software tester, InfoSec is mostly tangential to my job, and people only ask me questions about InfoSec because I am not afraid to use Google or Stack Exchange when I don't know something. (which is most of the time) Our US operations manager…
Amedee Van Gasse
  • 369
  • 3
  • 10
24
votes
9 answers

Good (preferably free) resource for CISSP practice questions

I'm looking to sit for my exam in a few weeks, and I want to have a good set of practice tests to bounce against and make sure that I'm up to par with the types of questions that will be asked.
Jeff Ferland
  • 38,090
  • 9
  • 93
  • 171
19
votes
7 answers

How useful is CISSP to a recent graduate?

I am a recent graduate and would like to move into the IT Security field. My degree was just straight CS with no particular security focus. I have recently acquired a copy of a CISSP study guide and have started to work through it. Having discovered…
sjp
  • 345
  • 1
  • 2
  • 11
12
votes
7 answers

eCPPT vs. OSCP Certification

I am a soon to be college student. I am looking to become certified in pentesting for both personal interest as well as to be able to have something that would look good to future employers. Both courses are just barely in my price range, so I need…
user20854
  • 121
  • 1
  • 1
  • 3
11
votes
2 answers

Security quiz for developers

Does anyone know of a short security quiz that could be administered online, to test the security knowledge of a developer? I'm looking for something simple to administer and simple to grade, ideally something that would take a developer only a few…
D.W.
  • 98,420
  • 30
  • 267
  • 572
8
votes
3 answers

Is a Master's in infosec required to break into the security field?

So I'm going to be graduating college in January 2013, with a double major in Compsci and Cell Biology (don't ask...). I'm really looking to break into the information security field as a consultant. (Ideally, risk management) I would like to start…
gfppaste
  • 191
  • 5
8
votes
3 answers

Is industry experience the only way to a CREST certification?

I hope this question is direct enough for the stackexchange format, my apologies if it is not, please feel free to downvote to close. I'm interested in pursuing a CREST certification, however it looks to be a a chicken and egg problem - without…
AlexH
  • 371
  • 3
  • 9
8
votes
4 answers

OSCP certification for junior pen tester position any good?

Currently finishing my degree in computer security and have a few years experience in IT support and want to get into a junior pen testing job or similar. Would the OSCP certification do me any favours, does it carry any weight? Is it recognised by…
7
votes
2 answers

SANS training - worth it?

I am a programmer, doing mostly web development now, dealing also with securing the web applications in my line of work. I have reasonable knowledge of security matters, though not always staying up-to-date on the latest developments (mainly due to…
StasM
  • 1,841
  • 2
  • 15
  • 23
7
votes
4 answers

CEH or GIAC - Which one should I pursue?

After a lot of Google and forum searches, I found out CISSP is one of the few valuable certs. Unfortunately, I only have 2 years of experience and don't have any specific experience in security testing. Which should I pursue, CEH or GIAC? Are there…
Karthik
  • 2,254
  • 4
  • 19
  • 19
6
votes
1 answer

Who can certify RNG according NIST SP800-22?

I have written my own random number generator as a C library and I tested it on NIST Statistical Test Suite. Now I would like to get a certification to have a formal proof that my C library generates random numbers randomly enough according…
user1563721
  • 1,099
  • 11
  • 22
6
votes
2 answers

International pentester certification

I've looked at the questions regarding certifications on this site and they are essentially asking what to go for. I hope that my question is distinct enough that is is not considered a dupe. I travel a lot and frequently, so am looking for a…
Sonny Ordell
  • 3,476
  • 9
  • 33
  • 56
6
votes
1 answer

What Certification(s) to look for in Hard Drive destruction?

Many vendors exist to pick up old (enterprise) Hardware for recycling and offer services including sanitization and destruction (shredding). The concern is that media could potentially still contain sensitive information (through data remanence…
bfloriang
  • 205
  • 1
  • 6
6
votes
2 answers

ISO 27001:2013 certification questions

Advice/opinion appreciated. Ultimately, our company would like to achieve ISO27001:2013 certification, but that is some way off. In the interim, we want to be able to get to the point whereby we can "attest" to compliance (similar to the PCI DSS…
1
2 3 4 5 6 7