expand for answer

CISSP

Certified Information Systems Security Professional (A professional certification from ISC2)Certified Information Systems Security Professional.


Similar items:
Product of the certification effort documenting the detailed results of the certification activities. Product of the certification effort documenting the detailed results of the certification activities. The certification package includes the security plan, developmental or operational certification test reports, risk assessment report, and certifier’s statement.
[view]
Individual responsible for making a technical judgment of the system’s compliance with stated requirements, identifying and assessing the risks associated with operating the system, coordinating the certification activities, and consolidating the final certification and accreditation packages. See Certification Authority; certification agent
[view]
A combination of techniques and procedures used during a certification and accreditation process to verify the correctness and effectiveness of security controls in an information technology system. Security certification levels represent increasing levels of intensity and rigor in the verification process and include such techniques as reviewing and examining documentation; interviewing personnel; conducting demonstrations and exercises; conducting functional, regression, and penetration testing; and analyzing system design documentation.
[view]
A set of information that at least: identifies the certification authority issuing the certificate; unambiguously names or identifies its owner; contains the owner’s public key and is digitally signed by the certification authority issuing it. Digitally signed document that binds a public key with an identity. The certificate contains, at a minimum, the identity of the issuing Certification Authority, the user identification information, and the user’s public key. Endorsed copy of an individual’s public key that verifies their identity.
[view]
The individual responsible for making a technical judgment of the system’s compliance with stated requirements, identifying and assessing the risks associated with operating the system, coordinating the certification activities, and consolidating the final certification and accreditation packages.
[view]


There are no comments yet.

Authentication required

You must log in to post a comment.

Log in