Professional Documents
Culture Documents
❖
Vagner Nunes
Copyright © 2017
phpsilva@hotmail.com 19 Nov 2021
Disclaimer
FOREWORD
❖
Not only that, cyber-crime now costs billions and citizens are
mostly helpless.
But it’s also why there has been a dramatic rise in salaries, all
around the world.
SUMMARY
❖
The issue of cyber-security has been paid less attention over the
years, but in the light of the massive technological
advancement, which also comes with a lot of cybercrime
advancement, companies, government of nations and other
institutions are now paying a lot of attention to the subject of
cyber security and the safety of information within their
organization.
Chapter One
▪ Cyber crime
▪ Cyber war
▪ Types of Cyber Security
Chapter Two
Chapter Three
▪ Why is the Cyber Security Shortage Occurring?
▪ Social Engineering
▪ Why the Shortage of Cyber Security Experts is hitting
businesses hard
This chapter explains the reason for shortage in cyber security
professionals with facts and figures. It also talks about social
engineering and the types of social engineering methods
deployed to attack cyber space.
Chapter Four
▪ What is needed to Thrive in the Cyber Security Field?
▪ Ethics in Cyber Security
Chapter Five
▪ Why you should trust (ISC)²
▪ Training delivery methods
▪ What the (ISC)² certification is for
▪ The certification process at (ISC)²
phpsilva@hotmail.com 19 Nov 2021
This chapter talks about the organization (ISC)² where you can
become a professional cyber security expert. The chapter points
out the ethics of the organization and how it is run to deliver
top notch service to their students. It also contains an outline of
the courses and procedures (ISC)² offers to their prospective
students.
phpsilva@hotmail.com 19 Nov 2021
Table of Contents
FOREWORD .............................................................................................. 4
SUMMARY ............................................................................................... 10
INTRODUCTION ....................................................................................... 1
CHAPTER THREE.......................................................................................... 29
Why the shortage of Cyber Security Experts is hitting businesses hard ....44
Harrowing Headlines...........................................................................56
CISSP................................................................................................76
CISSP-ISSAP ....................................................................................81
CISSP-ISSMP ...................................................................................84
CISSP-ISSEP ....................................................................................87
SSCP .................................................................................................92
CAP...................................................................................................96
CSSLP .............................................................................................100
CCFP...............................................................................................104
HCISSP ...........................................................................................109
CCSP ...............................................................................................113
CONCLUSION ................................................................................117
INTRODUCTION
❖
The Facts
Page 1
phpsilva@hotmail.com 19 Nov 2021
Page 2
phpsilva@hotmail.com 19 Nov 2021
CHAPTER ONE
❖
The Basis
Page 3
phpsilva@hotmail.com 19 Nov 2021
Page 4
phpsilva@hotmail.com 19 Nov 2021
Cyber Crime
Page 5
phpsilva@hotmail.com 19 Nov 2021
Cyber War
Cyber Terror
Page 6
phpsilva@hotmail.com 19 Nov 2021
Here are some threats you really should avoid. They are as
dangerous as they come:
▪ Trojan
Page 7
phpsilva@hotmail.com 19 Nov 2021
family include Zeus and Spy Eye. How Trojan works is this: It
can conceal itself from antivirus detection and steal banking
information to compromise financial balance. In the event that
the Trojan is truly intense, it can assume control over the whole
security system. Thus, a Trojan can bring about many sorts of
harm beginning from your own computer to your online record.
▪ Virus
In times past and as of ten years ago, Virus was something truly
mainstream. Virus is a malevolent program that duplicates itself
with the aim of pulverizing a computer. A definitive objective
of a virus is to guarantee that the casualty's computer will never
have the capacity to work properly or even work at all by any
means. It is not all that mainstream today on the grounds that
malware is intended to acquire cash over obliteration. Thus,
virus is accessible for individuals who need to utilize it for
some kind of requital reason.
▪ Worms
Page 8
phpsilva@hotmail.com 19 Nov 2021
▪ Spyware
▪ Scareware
▪ Key logger
Page 9
phpsilva@hotmail.com 19 Nov 2021
▪ Adware
▪ Backdoor
▪ Wabbits
Page 10
phpsilva@hotmail.com 19 Nov 2021
▪ Exploit
▪ Botnet
▪ Dialer
Page 11
phpsilva@hotmail.com 19 Nov 2021
▪ Dropper
▪ Fake Antivirus
▪ Phishing
A fake site which is intended to look practically like the real site
Page 12
phpsilva@hotmail.com 19 Nov 2021
▪ Cookies
▪ Bluesnarfing
▪ Blue jacking
Page 13
phpsilva@hotmail.com 19 Nov 2021
▪ DDoS
It is a virus that places its codes into computer DOS boot sector
or otherwise called the Master Boot Record. It will begin if it is
infused amid the boot up period where the harm is high but hard
to contaminate. All the casualty needs to do in the event of a
boot segment infection is to evacuate all the bootable drives so
that this specific infection won't have the capacity to boot.
▪ Browser Hijackers
Page 14
phpsilva@hotmail.com 19 Nov 2021
▪ Chain letters
▪ Virus Document
▪ Mousetrapping
Page 15
phpsilva@hotmail.com 19 Nov 2021
the route catch, it will likewise divert you back. If you attempt
to close your program and re-open it, it will set the landing page
to that site and you can never escape this danger unless you
expel it.
▪ Obfuscated scam
▪ Pharming
▪ Crime ware
Page 16
phpsilva@hotmail.com 19 Nov 2021
▪ SQL Injection
Page 17
phpsilva@hotmail.com 19 Nov 2021
Page 18
phpsilva@hotmail.com 19 Nov 2021
for their criminal activities, despite the fact that the same
research uncovered that the normal UK cyber-criminal makes
simply over £20,000 every year (a normal of £8600 per attack).
These are not over the top measures of cash and are lower than
one would have expected, particularly when you consider a
cyber-security expert can make up to four-times that much in
wages. This suggests that cyber-hackers will probably center
their endeavors on brisk, simple focuses with reasonable
budgetary payouts.
With the data breach ticking higher than at any other time in the
world today, it shows plainly that cyber security is one of the
greatest difficulties confronting organizations today. Also, with
every breach affecting at least 20,000 individual records,
consumers can no longer choose not to see.
Here are four focuses that are at the highest point of hackers'
list:
▪ Identity
Page 19
phpsilva@hotmail.com 19 Nov 2021
The Veda 2015 Cybercrime and Fraud Report found that almost
60 percent increment in fake credit applications including
identity takeovers in Australia in the previous two years and a
17 for every penny increment took place in the previous year.
Furthermore, with every data breach of consumer information,
identity theft turns into a very easy thing.
▪ Company Information
Page 20
phpsilva@hotmail.com 19 Nov 2021
▪ Medical
Gossipy titbits around the strength of the late Steve Jobs created
a sharp fall in Apple stocks and it was later uncovered that
Charlie Sheen's HIV diagnosis was initially revealed in the
Sony hack. In any case, you don't need to be a big name or
prominent focus to be a casualty of hackers utilizing your very
individual data for their own gain.
Page 21
phpsilva@hotmail.com 19 Nov 2021
Consumers take a huge risk each time they trust their own
information to poorly prepared and underprepared organization
and they're beginning to take note. A late review found that,
while considering new innovations, privacy is presently the
greatest concern toward more than 66% of customers in the
world.
Page 22
phpsilva@hotmail.com 19 Nov 2021
CHAPTER TWO
❖
The GAP
Page 23
phpsilva@hotmail.com 19 Nov 2021
Page 24
phpsilva@hotmail.com 19 Nov 2021
A Forbes article noted that “For newbies in the tech field who
are contemplating a career in cyber security, they will often
start out as information security analysts. U.S. News and World
Report ranked a career in information security analysis eighth
on its list of the 100 best jobs for 2015. They state the
profession is growing at a rate of 36.5% straight through 2022.
Many information security analysts earn a bachelor’s degree in
computer science, programming or engineering”.
Page 25
phpsilva@hotmail.com 19 Nov 2021
You might have seen the headline in the wake of the alleged
hack of the 2016 electoral process by Russians were it said
"Donald Trump Advised to Train 100,000 Hackers to Protect
the US".
Page 26
phpsilva@hotmail.com 19 Nov 2021
most recent couple of years". Also, you may have seen different
features, similar to this one from Forbes toward the beginning
of this current year: "One Million Cyber Security Job Openings
In 2016". This is an issue that is contrarily affecting
governments, organizations, non-benefits, and even shoppers
(lacking IT security staffing can prompt to information ruptures
that uncover your data).
Taking a look at all that has been said above about the market
development and occupation figures, what is there to take
away? Basically, the cyber security work deficiency will
deteriorate before it shows signs of improvement. Businesses
need to get ready for this coming storm.
Page 27
phpsilva@hotmail.com 19 Nov 2021
Page 28
phpsilva@hotmail.com 19 Nov 2021
CHAPTER THREE
❖
The Reasons
Page 30
phpsilva@hotmail.com 19 Nov 2021
There are a few more reasons behind these shortage issues. One
is the changing way of cyber-attacks. It used to be emails that
were most normally focused on. For example, counterfeit
messages from banks advising individuals they are expected to
email their banking details to reboot their online access because
of maintenance work. Others scams where individuals were
advised they were to get a vast entirety of cash, yet expected to
send some money first. The modernity of the technology and
strategies utilized by online criminals – and their constant
endeavours to rupture systems and take information – have
Page 31
phpsilva@hotmail.com 19 Nov 2021
Page 32
phpsilva@hotmail.com 19 Nov 2021
Social Engineering
Page 33
phpsilva@hotmail.com 19 Nov 2021
Page 34
phpsilva@hotmail.com 19 Nov 2021
Page 35
phpsilva@hotmail.com 19 Nov 2021
▪ Phishing
Page 36
phpsilva@hotmail.com 19 Nov 2021
Page 37
phpsilva@hotmail.com 19 Nov 2021
Page 38
phpsilva@hotmail.com 19 Nov 2021
Page 39
phpsilva@hotmail.com 19 Nov 2021
Page 40
phpsilva@hotmail.com 19 Nov 2021
Page 41
phpsilva@hotmail.com 19 Nov 2021
Page 42
phpsilva@hotmail.com 19 Nov 2021
Page 43
phpsilva@hotmail.com 19 Nov 2021
Page 44
phpsilva@hotmail.com 19 Nov 2021
Page 45
phpsilva@hotmail.com 19 Nov 2021
▪ People Cost
Page 46
phpsilva@hotmail.com 19 Nov 2021
▪ Operational Costs
▪ Reputational cost
Page 47
phpsilva@hotmail.com 19 Nov 2021
Page 48
phpsilva@hotmail.com 19 Nov 2021
Page 49
phpsilva@hotmail.com 19 Nov 2021
CHAPTER FOUR
❖
The Profile
Page 50
phpsilva@hotmail.com 19 Nov 2021
Page 51
phpsilva@hotmail.com 19 Nov 2021
▪ An Instructor's aura:
▪ Collaboration:
Page 52
phpsilva@hotmail.com 19 Nov 2021
▪ Consultative Thinking:
Page 53
phpsilva@hotmail.com 19 Nov 2021
Page 54
phpsilva@hotmail.com 19 Nov 2021
Page 55
phpsilva@hotmail.com 19 Nov 2021
Harrowing Headlines
Page 56
phpsilva@hotmail.com 19 Nov 2021
Page 57
phpsilva@hotmail.com 19 Nov 2021
Page 58
phpsilva@hotmail.com 19 Nov 2021
Page 59
phpsilva@hotmail.com 19 Nov 2021
Page 60
phpsilva@hotmail.com 19 Nov 2021
Page 61
phpsilva@hotmail.com 19 Nov 2021
Who do we fault?
Page 62
phpsilva@hotmail.com 19 Nov 2021
Page 63
phpsilva@hotmail.com 19 Nov 2021
CHAPTER FIVE
❖
A Global Body
Page 64
phpsilva@hotmail.com 19 Nov 2021
There are very few cyber security institutions out there, but
with over 25 years of service, students are in great hands with
(ISC)². The company which reflects on the achievements of its
founders and members and how they have help shaped the
information security profession. The company’s vision is to
inspire a safe and secure cyber world, and their mission is to
support and provide members and constituents with credentials,
Page 65
phpsilva@hotmail.com 19 Nov 2021
Page 66
phpsilva@hotmail.com 19 Nov 2021
▪ Up-to-date courseware
▪ Student handbook
Page 67
phpsilva@hotmail.com 19 Nov 2021
Training Seminars
CERTIFICATION # OF DAYS
CISSP 5 days
SSCP 5 days
CAP 5 days
CSSLP 5 days
CCFP 5 days
HCISPP 3 days
CCSP 5 days
CISSP-ISSAP 4 days
CISSP-ISSEP 4 days
CISSP-ISSMP 5 days
Page 68
phpsilva@hotmail.com 19 Nov 2021
▪ Student handbook
Page 69
phpsilva@hotmail.com 19 Nov 2021
Page 70
phpsilva@hotmail.com 19 Nov 2021
Page 71
phpsilva@hotmail.com 19 Nov 2021
So, you might as well be asking the question ‘What are the
benefits of learning at (ISC)²? To become certified, it is more
than just passing an exam. Candidates must meet an experience
requirement and be endorsed by an (ISC)² member, confirming
their professional experience.
One major reason you need (ISC)² is because of their drive. The
(ISC)² programs are designed to cover current global topics and
also certifications which are industry focused and industry
driven. They always ensure their certifications remain very
relevant, as they update the certification and the process as a
whole every two to three years by conducting a job task
analysis (JTA). Required or Preferred by the Most Security
Conscious Organizations (ISC)² certifications are listed on the
most job boards for security positions. Seven of our
certifications are listed on the U.S. DoD Directive 8570.1.
Page 72
phpsilva@hotmail.com 19 Nov 2021
In a world fraught with security threats, the need for skilled and
knowledgeable information security professionals has never
been greater. Your experience in the field is an important
component of your value to an employer, but experience isn’t
enough. Employers need something quantifiable and verifiable
to show them you have the expertise they need.
Page 73
phpsilva@hotmail.com 19 Nov 2021
Page 74
phpsilva@hotmail.com 19 Nov 2021
Page 75
phpsilva@hotmail.com 19 Nov 2021
CISSP
❖
CISSP® - Certified Information Systems Security
Professional
Page 76
phpsilva@hotmail.com 19 Nov 2021
The CISSP is ideal for those working in positions such as, but
not limited to:
▪ Security Consultant
▪ Security Manager
▪ IT Director/Manager
▪ Security Auditor
▪ Security Architect
▪ Security Analyst
▪ Director of Security
▪ Network Architect
Page 77
phpsilva@hotmail.com 19 Nov 2021
▪ Asset Security
▪ Security Engineering
▪ Security Operations
Page 78
phpsilva@hotmail.com 19 Nov 2021
Study tools
▪ Exam Outline
▪ Interactive Flashcards
Page 79
phpsilva@hotmail.com 19 Nov 2021
Page 80
phpsilva@hotmail.com 19 Nov 2021
CISSP-ISSAP
❖
CISSP®-ISSAP®: Information Systems Security Architecture
Professional
▪ System architect
Page 81
phpsilva@hotmail.com 19 Nov 2021
▪ Business analyst
Domains Weights
Cryptography 11%
Page 82
phpsilva@hotmail.com 19 Nov 2021
Page 83
phpsilva@hotmail.com 19 Nov 2021
CISSP-ISSMP
❖
CISSP®-ISSMP®: Information Systems Security
Management Professional
Page 84
phpsilva@hotmail.com 19 Nov 2021
Domains Weights
Page 85
phpsilva@hotmail.com 19 Nov 2021
Page 86
phpsilva@hotmail.com 19 Nov 2021
CISSP-ISSEP
❖
CISSP®-ISSEP®: Information Systems Security Engineering
Professional
▪ Technical Management
Page 87
phpsilva@hotmail.com 19 Nov 2021
▪ Student handbook
Page 88
phpsilva@hotmail.com 19 Nov 2021
Learning Objectives
Page 89
phpsilva@hotmail.com 19 Nov 2021
Domains Weights
Page 90
phpsilva@hotmail.com 19 Nov 2021
Study tools
▪ Exam outline
Page 91
phpsilva@hotmail.com 19 Nov 2021
SSCP
❖
SSCP® - Systems Security Certified Practitioner
▪ Systems/Network Administrator
Page 92
phpsilva@hotmail.com 19 Nov 2021
▪ Security Analyst
▪ Systems Engineer
▪ Security Consultant/Specialist
▪ Security Administrator
▪ Systems/Network Analyst
▪ Database Administrator
▪ Access Controls
Page 93
phpsilva@hotmail.com 19 Nov 2021
▪ Cryptography
Study tools
Page 94
phpsilva@hotmail.com 19 Nov 2021
▪ Exam Outline
▪ Interactive Flashcard
Page 95
phpsilva@hotmail.com 19 Nov 2021
CAP
❖
CAP® - Certified Authorization Professional
Page 96
phpsilva@hotmail.com 19 Nov 2021
knowledge in:
▪ IT security
▪ Information assurance
▪ Certification
▪ Systems administration
Page 97
phpsilva@hotmail.com 19 Nov 2021
Study tools
Page 98
phpsilva@hotmail.com 19 Nov 2021
▪ Interactive Flashcards,
▪ Exam outline
Page 99
phpsilva@hotmail.com 19 Nov 2021
CSSLP
❖
CSSLP® - Certified Secure Software Lifecycle Professional
Page 100
phpsilva@hotmail.com 19 Nov 2021
delivery delays
▪ Software Architect
▪ Software Engineer
▪ Software Developer
▪ Penetration Tester
Page 101
phpsilva@hotmail.com 19 Nov 2021
▪ Project Manager
▪ Security Manager
▪ IT Director/Manager
▪ Software Acceptance
Page 102
phpsilva@hotmail.com 19 Nov 2021
Study tools
▪ CSSLP eLearning,
▪ Interactive Flashcards,
▪ Exam outline
Page 103
phpsilva@hotmail.com 19 Nov 2021
CCFP
❖
CCFP® - Certified Cyber Forensics Professional
Page 104
phpsilva@hotmail.com 19 Nov 2021
For those who qualify, the CCFP exam will test their
competence in the 6 CCFP domains of the (ISC)² CBK, which
Page 105
phpsilva@hotmail.com 19 Nov 2021
cover:
▪ Investigations
▪ Forensic Science
▪ Digital Forensics
▪ Application Forensics
Page 106
phpsilva@hotmail.com 19 Nov 2021
examination.
Exam Availability
Page 107
phpsilva@hotmail.com 19 Nov 2021
Page 108
phpsilva@hotmail.com 19 Nov 2021
HCISSP
❖
HCISPP® - HealthCare Information Security and Privacy
Practitioner
▪ Healthcare Industry
▪ Regulatory Environment
Page 109
phpsilva@hotmail.com 19 Nov 2021
Page 110
phpsilva@hotmail.com 19 Nov 2021
▪ Compliance officer
▪ Privacy officer
▪ Compliance auditor
▪ Risk analyst
▪ Practice manager
▪ Hospitals
Page 111
phpsilva@hotmail.com 19 Nov 2021
▪ Group practices
▪ Regulatory agencies
▪ Claims processors
Study tools
▪ Exam outline,
▪ Interactive Flashcards
Page 112
phpsilva@hotmail.com 19 Nov 2021
CCSP
❖
CCSP® - Certified Cloud Security Professional
Page 113
phpsilva@hotmail.com 19 Nov 2021
▪ Enterprise Architect
▪ Security Administrator
▪ Systems Engineer
▪ Security Architect
▪ Security Consultant
▪ Security Engineer
▪ Security Manager
Page 114
phpsilva@hotmail.com 19 Nov 2021
▪ Systems Architect
For those who qualify, the CCSP exam will test their
competence in the six CCSP domains of the (ISC)² Common
Body of Knowledge (CBK), which cover:
▪ Operations
Page 115
phpsilva@hotmail.com 19 Nov 2021
Study Tools
▪ OnDemand Training
▪ Interactive Flashcards
▪ Exam Outline
Page 116
phpsilva@hotmail.com 19 Nov 2021
CONCLUSION
Final Words
❖
Page 117
phpsilva@hotmail.com 19 Nov 2021
ABOUT
The Author
Vagner Nunes is the lead Business Development
and Corporate Relations Manager for (ISC)² in
Latin America. He is an (ISC)² executive with a
comprehensive background in information
Technology, product management and strategic planning.
Page 118