CISSP vs CISM
CISSP thiab CISM yog ob qhov kev tshawb nrhiav ntau tshaj plaws tom qab ntawv pov thawj cov kev pabcuam rau cov ntaub ntawv kev ruaj ntseg. Ob leeg CISSP thiab CISM npaj siab muab ib lub koom haum ntawm kev paub rau cov kws tshaj lij kev ruaj ntseg thiab cov thawj coj thoob ntiaj teb. Ob leeg CISSP thiab CISM yog cov ntawv pov thawj pom zoo rau Cov Ntaub Ntawv Pov Thawj Ua Haujlwm Txhim Kho Kev Txhim Kho.
CISSP yog dab tsi?
CISSP (Certified Information Systems Security Professional) yog daim ntawv pov thawj ntawm cov ntaub ntawv kev ruaj ntseg, tswj hwm los ntawm kev ywj pheej thiab tsis muaj txiaj ntsig (ISC)2 (International Information Systems Security Certification Consortium).(ISC)2 tau tsim nyob rau xyoo 1988, los ntawm ntau lub koom haum, uas tau coj los ua ke los ntawm SIG-CS (Tshwj xeeb Pab Pawg rau Kev Ruaj Ntseg Hauv Computer) ntawm DPMA (Data Processing Management Association) nrog rau lub hom phiaj ntawm kev tsim cov ntaub ntawv pov thawj kev ruaj ntseg. Ntau tshaj 60, 000 cov tswv cuab los ntawm 134 lub teb chaws tau txais daim ntawv pov thawj CISSP thaum Lub Xya Hli 2010. Nws yog daim ntawv pov thawj uas tau pom zoo los ntawm DoD (Department of Defense) los ntawm lawv cov IAT (Information Assurance Technical) thiab IAM (Information Assurance Managerial) cov kev pab cuam.. CISSP yog qhov yuav tsum tau ua rau ISSEP txoj haujlwm ntawm US NSA (National Security Agency).
Ntau yam ntaub ntawv ntsig txog kev nyab xeeb muaj nyob hauv CISSP. CISSP yog raws li qhov lawv hu ua Lub Koom Haum Kev Txawj Ntse (CBK). CBK yog cov ntaub ntawv kev ruaj ntseg uas siv tau los ntawm cov ntaub ntawv kev ruaj ntseg thoob ntiaj teb. Kaum CBK domains raug tshuaj xyuas hauv CISSP xws li Kev Tswj Xyuas Kev Nkag Mus Nkag, Daim Ntawv Thov Kev Txhim Kho Kev Ruaj Ntseg, uas yog raws li CIA triad (Kev tsis pub lwm tus paub, kev ncaj ncees thiab muaj).
CISM yog dab tsi?
CISM (Certified Information Security Manager) yog daim ntawv pov thawj rau cov thawj coj hauv kev ruaj ntseg cov ntaub ntawv. ISACA (Information Systems Audit and Control Association) muab daim ntawv pov thawj no. Ib tus neeg uas muaj tsawg kawg yog 5 xyoos ntawm kev paub txog kev ruaj ntseg cov ntaub ntawv (nrog rau tsawg kawg 3 xyoos ntawm kev tswj hwm) yuav tsum xeem dhau qhov kev xeem no kom tau txais daim ntawv pov thawj no. CISM daim ntawv pov thawj npaj siab muab ib lub koom haum ntawm kev paub rau cov neeg saib xyuas kev ruaj ntseg cov ntaub ntawv thoob ntiaj teb. Yog li ntawd, kev tswj hwm kev pheej hmoo ntawm cov ntaub ntawv yog lub hauv paus rau daim ntawv pov thawj no. Tsis tas li ntawd, cov ncauj lus dav xws li tswj hwm kev ruaj ntseg ntawm cov ntaub ntawv, kev txhim kho thiab kev tswj hwm cov kev pabcuam kev nyab xeeb ntawm cov ntaub ntawv thiab kev tswj xyuas qhov xwm txheej. Lub ntsiab lus tseem ceeb ntawm daim ntawv pov thawj yog kev tswj hwm kev ruaj ntseg ntawm cov ntaub ntawv raws li cov kev xav tau ntawm cov lag luam (raws li kev coj ua zoo tshaj plaws hauv kev lag luam).
Feem ntau, CISSP thiab CISA cov zej zog nyiam nrhiav tom qab CISM ntawv pov thawj. Ib qho laj thawj rau qhov no tias CISM cov ntsiab lus muaj feem xyuam nrog ISSMP (Information Systems Security Management Professional) program los ntawm (ISC)2. CISM tau dhau los ua daim ntawv pov thawj pom zoo rau Cov Ntaub Ntawv Kev Pov Hwm Kev Txhim Kho Kev Ua Haujlwm hauv 2005. Tsib thaj chaw ntawm cov ntaub ntawv kev nyab xeeb tshuaj xyuas los ntawm CISM yog cov ntaub ntawv kev nyab xeeb kev tswj hwm, Kev tswj hwm kev pheej hmoo, Cov ntaub ntawv kev ruaj ntseg kev txhim kho, cov ntaub ntawv kev ruaj ntseg kev tswj hwm thiab kev tswj qhov xwm txheej.
Qhov txawv ntawm CISSP thiab CISM yog dab tsi?
Txawm hais tias, ob qho tib si CISSP thiab CISM cov ntawv pov thawj tshuaj xyuas cov ncauj lus ntawm kev ruaj ntseg cov ntaub ntawv, lawv muaj qhov sib txawv tseem ceeb. Tsis zoo li CISSP, CISM tau tsom mus rau cov ncauj lus ntawm kev tswj hwm kev ruaj ntseg cov ntaub ntawv. Txawm hais tias, ob qho tib si CISSP thiab CISM xav kom cov tib neeg muaj tsawg kawg yog 5 xyoo ntawm kev paub txog kev ruaj ntseg cov ntaub ntawv, CISM kuj xav kom tus neeg ntawd muaj tsawg kawg yog 3 xyoo kev paub txog kev ruaj ntseg cov ntaub ntawv.