For Small Business IT
Networks : CISSP Security Consulting
DCI offers the services of security consultants who have
earned CISSP Certification. CISSP Certification recognizes
mastery of an international standard for information security.
ANSI (American National Standards Institute) has granted the
CISSP credential accreditation in the area of information
security under ISO/IEC 17024. DCI can provide a CISSP-certified
consultant to help your enterprise in a broad range of security
areas including:
- Security Management Practices
- Security Architecture and Models
- Access Control Systems and Methodology
- Applications Development Security
- Operations Security
- Physical Security
- Cryptography
- Telecommunications, Network and Internet Security
- Business Continuity Planning
- Law, Investigation and Ethics
Security Management Practices
Security management entails the identification of
an organization's information assets and the development,
documentation, and implementation of policies, standards,
procedures, and guidelines. Management tools such as data
classification and risk assessment/analysis can be used to
identify threats, classify assets, and rate system vulnerabilities
so that effective controls can be implemented.
Security Architecture and Models
This covers the concepts, principles, structures, and standards
used to design, monitor, and secure operating systems, equipment,
networks and applications plus the controls used to enforce
various levels of availability, integrity and confidentiality.
Access Control Systems and Methodology
Access controls are a collection of mechanisms that work together
to create a security architecture to protect the assets of
the information system.
Application Development Security
This addresses the important security concepts that
apply to application software development. It outlines the
environment where software is designed and developed and explains
the critical role software plays in providing information
system security.
Operations Security
Operations Security is used to identify the controls over
hardware, media, and the operators and administrators with
access privileges to any of these resources. Audit and monitoring
are the mechanisms, tools and facilities that permit the identification
of security events and subsequent actions to identify the
key elements and report the pertinent information to the appropriate
individual, group or process.
Physical Security
This provides protection techniques for the entire
facility, from the outside perimeter to the inside office
space, including all of the information system resources.
Cryptography
This concerns the principles, means and methods of disguising
information to ensure its integrity, confidentiality and authenticity.
Telecommunications, Network and Internet Security
This area involves:
- Network Structures
- Transmission methods
- Transport formats
- Security measures used to provide availability, integrity,
and confidentiality
- Authentication for transmissions over private and public
communications networks and media.
Business Continuity Planning
The Business Continuity Plan (BCP) addresses the
preservation and recovery of business operations in the event
of outages.
Law, Investigations and Ethics
This covers:
- Computer crime laws and regulations
- The measures and technologies used to investigate computer
crime incidents
ISSAP Certification
DCI also offers the services of ISSAP-certified consultants.
The Information System Security Architecture Professional
(ISSAP) Certification indicates proven competence in the more
in-depth requirements of information security architecture,
within the broader scope of information security knowledge
required for CISSP certification.
- ISSAP Certification indicates mastery of these areas:
- Access Control Systems and Methodologies
- Telecommunications and Network Security
- Cryptography
- Requirements Analysis and Security Standards, Guidelines
and Criteria
- Technology Related Business Continuity Planning (BCP)
and Disaster Recovery Planning (DRP)
|
