Certification Listing




The Certified Information Systems Security Professional (CISSP) designation is established in 1990 and administrated by the International Information Systems Security Certification Consortium, or (ISC)2. Working with a professional testing service, (ISC)2 has developed a certification examination based on the information systems security Common Body of Knowledge (CBK). Candidates have up to 6 hours to complete the examination, which consists of 250 multiple choice questions that address the ten topical test domains of the CBK.

The information systems security test domains are:
  • Security Management Practices
  • Security Architecture & Models
  • Access Control Systems & Methodology
  • Cryptography
  • Telecommunications & Network Security
  • Physical Security
  • Operations Security
  • Application & Systems Development
  • Law, Investigations & Ethics
  • Business Continuity & Disaster Recovery Planning
In addition to passing the examination, candidates must have 4 years or 3 years with a college degree or equivalent life experience in one or more of the ten test domains of the information systems security Common Body of Knowledge (CBK), and then endorsed by a qualified third party to get certified.

Valid experience includes information systems (IS) security-related work performed as a practitioner, auditor, consultant, vendor, investigator or instructor, that requires IS security knowledge and involves direct application of that knowledge. The 3 years experience is the actual time worked; the requirement is cumulative, however, and may have been accrued over a much longer period of time.

For more information, you may visit the (ISC)2 web site www.isc2.org


Since 1978, the Certified Information Systems Auditor (CISA) program, sponsored by the Information Systems Audit and Control Association (ISACA), has been the globally accepted standard of achievement among IS audit, control and security professionals. The purpose of the examination is to evaluate a candidate’s knowledge and experience in conducting information systems audits.

The examination consists of 200 multiple-choice questions, administered during a four-hour session, examine on the 7 Process & Content Areas:

  • The IS Audit Process
  • Management, Planning, and Organization of IS
  • Technical Infrastructure and Operational Practices
  • Protection of Information Assets
  • Disaster Recovery and Business Continuity
  • Business Application System Development, Acquisition, Implementation, and Maintenance
  • Business Process Evaluation and Risk Management

A scaled score of 75 or above represents a passing score for the entire exam. After successfully completed the CISA Examination, certification is granted initially to individuals who have accumulated a minimum of five years professional information systems audit, control or security work experience. However, substitutions and waivers of such experience may be obtained:

  • A maximum of one year of information systems experience OR one year of financial or operational auditing experience can be substituted for one year of information systems auditing, control or security experience.
  • 60 to 120 completed college semester credit hours (the equivalent of an Associate or Bachelor degree) can be substituted for one or two years, respectively, of information systems auditing, control or security experience.
  • Two years as a full-time university instructor in a related field (e.g., computer science, accounting, information systems auditing) can be substituted for one year of information systems auditing, control or security experience.

For more information, you may visit the web site of ISACA www.isaca.org



About CISM

The Certified Information Security Manager (CISM) is specifically geared toward experienced information security managers and those who have information security management responsibilities. CISM is designed to provide executive management with assurance that those earning the CISM designation have the required knowledge and ability to provide effective security management and consulting.

The 4-hour CISM exam is consists of 200 multiple-choice questions that cover the 5 job practice areas created from a CISM job practice analysis and reflects the work performed by information security managers. The five information security management areas are as follows:

  • Information Security Governance
  • Risk Management
  • Information Security Program(me) Management
  • Information Security Management
  • Response Management

A scaled score of 75 or above represents a passing score for the entire exam. After successfully completed the CISM Examination, certification is granted initially to individuals who have accumulated a minimum of 5 years professional information security management, work experience.

However, substitutions and waivers of such experience may be obtained.

For more information, you may visit the web site of ISACA www.isaca.org
About Certified Ethical Hacker

The Certified Ethical Hacker (CEH) Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. This CEH certification will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in your systems and uses the same knowledge and tools as a malicious hacker.

To achieve CEH certification, you must pass the Prometric exam EC0-350 Ethical Hacking and Countermeasures that covers the standards and language involved in common exploits, vulnerabilities and countermeasures. You must also show knowledge of the tools used by hackers in exposing common vulnerabilities as well as the tools used by security professionals for implementing countermeasures.

For more information, please refer to the International Council of E-Commerce Consultants at http://www.eccouncil.org/CEH.htm






查詢請電 (24 全天候小時熱線) : (852) 2549 7978