1, CISP (national registered information security professional)
CISP is an authoritative certification in China. After all, it has a government background to endorse certification. If you want to work in the government, state-owned enterprises, key industries and enterprises, you can obtain information security service qualification and participate in network security projects. This certification is very important.
2.CISP Pte Ltd (national registered penetration test engineer)
This certification is the first penetration test certification in China launched on 20 17, and the certificate was also the national test certification at the beginning, so the operation with the qualification of applying for safety service has a great feature, that is, the examination is practical.
3.CISP-A (National Certified Information System Auditor)
CISP-A is the audit direction certification introduced by 20 17 national examination. China Information Security Evaluation Center will issue information system audit service qualification for enterprises in the future, just as enterprises need CISP to apply for national security service qualification, the number of CISP-A will also be mandatory in the audit service qualification, so the work units providing audit services can pay attention to it.
4.CISSP (International Registered Information Security Expert)
This certification is basically well-known in the security industry, and the issuing agency is ISC. This certification is also recognized as difficult to authenticate. First of all, it covers a wide range and has many knowledge points. The other is authentication. Even if you pass the exam, if you want to get a certificate, you need the applicant to have five years of relevant work experience in at least two of the eight fields. This threshold is a bit high. However, if you have insufficient work experience, you can also take the exam and apply for certification by maintaining your grades until you have enough work experience.
5.CISA (International Certified Information System Auditor)
The issuing authority of CISA is ISACA, which also has CISMCRISCCOBIT5.0 and other certifications. CISA, like CISP, needs 5 years working experience, including at least 2 years working experience in audit/control field. Compared with CISP, the work experience is a little loose, the experience of deducting points for academic qualifications can be up to 3 years, and the results are valid for 5 years. You can take the exam first and then apply for the certificate.
6.CISM (International Registered Information Security Manager)
The issuing authority of CISM is ISACA, which is the same as the issuing authority of CISA mentioned above. This certification is comparable to CISSP, and even more difficult than CISSP. CISM is different from other information security certifications, and its experience requirements and implementation focus on the work of information security managers. Other information security certifications focus on specific technologies, operating platforms or product information. Only CISM is aimed at information security managers, and the focus is no longer on individual technology or skills, but on information security management of the whole enterprise. CISM aims at individuals who manage and supervise enterprise information security, and many of them may already hold relevant certifications in other fields. Because management needs to be emphasized and work experience is relatively important, CISM requires at least five years of information security management experience, and the examination content also focuses on the daily work of information security managers.
7, security+(information security technology experts)
Security+ is a certificate issued by CompTIA, an American computer society. This certification is mainly based on information security technology, and the learning content is relatively shallow, which is suitable for people who have just graduated or have little experience and need to change careers to do information security. This is a good stepping stone to enter the security industry, especially foreign-funded enterprises recognize this certification. What's more attractive is that there is no work experience and education requirement for those who take the exam.
8.iso 2700 1 Basic Certification
APMG certification 1027001Foundation. As the most famous international standard in the field of information security management-ISO/IEC 27001+0 (ISMS for short), it can guide our practical work.
Expand small knowledge
1. Website security certificate?
In fact, the network security certificate I mentioned is a proof that we guarantee network security. If we do network, we need to have a network security certificate, so that our network will be relatively safer, so that the information of ourselves and our customers will not be leaked. When we transmit data, we also have certain security, so this security certificate is very important in the network. If you want to do network, you must carry out network security certification.
Second, what certificate is suitable for the network security industry?
Generally speaking, the research of network security industry mainly depends on what direction you are going. Internationally, if you are in the direction of safety management, you should give priority to CISSP, and if you are in the direction of safety technology, you should give priority to OSCP. At present, similar safety certificates in China are mainly CISP certification system introduced by China Information Security Evaluation Center. Such as CISP, PTE, PTS, IRE, DSG, etc. Again, if the security management direction chooses CISP, the security technology direction chooses CISP-PTE certificate.
In addition, because network security has the special attribute of national security, it is suggested that you give priority to the certificate of domestic authority when time, energy and financial resources are limited.