Canadian Centre for Cyber Security

From: Canadian Centre for Cyber Security

Alternate format: Certifications in the field of cyber security - 2020 (PDF, 1 MB)

Foreword

The Certifications in the Field of Cyber Security is an UNCLASSIFIED publication. The guide provides information about many of the certifications available for prospective students and cyber security professionals. The intent is not to recommend any certification body or certification in particular, but to provide a listing of some of the different certifications that may help advance an individual’s career in the field of cyber security.

Information is sourced from the websites of the certification bodies referenced in this guide.

Disclaimer: The Communications Security Establishment does not endorse or recommend any of the certification bodies or certifications listed in this document. Information provided is intended to be a general summary of publicly available information and is provided for informational purposes only.

Revision history

Revision history table
Revision	Amendments	Date
1	First release	November 2020

1.0 Introduction
2.0 Globally Recognized certifications bodies
3.0 Cyber Security certification listings and descriptions

List of Tables

Table 1 CertNexus certification listing and descriptions
Table 2 Cisco Systems certification listing and descriptions
Table 3 CompTIA certification listing and descriptions
Table 4 CREST certification listing and descriptions
Table 5 CWNP certification listing and descriptions
Table 6 EC Council certification listing and descriptions
Table 7 GIAC certification listing and descriptions
Table 8 (ISC)2 certification listing and descriptions
Table 9 ISACA certification listing and descriptions
Table 10 itSM Solutions certification listing and descriptions
Table 11 McAfee Institute certification listing and descriptions
Table 12 Offensive Security certification listing and descriptions
Table 13 SECO Institute certification listing and descriptions

1.0 Introduction

There continues to be a growing demand for qualified cyber security professionals and practitioners in Canada and around the world. With the increasing need for cyber security professionals, the value of IT certification is also increasing. The right certification can give you an advantage over other job candidates. Organizations are looking for talent with superior training and real-world experience.

Obtaining a certification demonstrates to future employers that an individual is competent, skilled, and experienced in certain areas. Additionally, given the time and financial investment that many certifications require, some employers see certification as a measure of commitment to a career in the field.

Certifications are not only a great supplement to a professional’s other qualifications; it can also lead to a salary increase. According to a study conducted by Global Knowledge, an individual with a certification can earn up to 15% more than those without it^{Footnote 1}. Furthermore, maintaining certification often requires meeting continuing education requirements, ensuring that certificate holders are keeping up to date on the latest technologies and can continue to keep their organizations safe from emerging cyber security threats.

1.1 The Canadian Centre for Cyber Security

The Canadian Centre for Cyber Security (Cyber Centre), a part of the Communications Security Establishment, was officially launched in October 2018. The Cyber Centre’s Academic Outreach and Engagement team works with universities, colleges, educational associations, education ministerial boards and private sector educators to build cyber security talent and capacity in Canada. The team also works with educators to enhance the community’s understanding of cyber security. Its mission is to ensure Canada is a global leader in cyber security by elevating cyber education.

1.2 Purpose

The primary audience for this guide is prospective cyber security students or professionals looking to advance their careers in the field. The guide highlights some of the more in-demand, globally recognized certifications offered by providers around the world. A complete list of certifications can be found at the end of the guide (Table 1 CertNexus certification listing and descriptions).

Every effort has been made to ensure accuracy of information, however, due to the dynamic nature of curricula and cyber security, this guide will be reviewed on a regular basis to ensure it reflects the most current certification offerings. New certifications and other suggested changes can be submitted by email to contact@cyber.gc.ca

Top of page

2.0 Globally recognized certifications bodies

The following highlights some of the more popular and well-known cyber certifications available, in alphabetical order. A more comprehensive list of certifications can be found in the attached tables.

The Communications Security Establishment is not endorsing, supporting, or promoting any of the following certifications or certification bodies. This guide is solely for information purposes and should only be a starting point for anyone interested in obtaining a certification. We recommend that individuals do more in-depth research, while considering their own interests and career goals, time commitments and financial resources, before deciding which certification is right for them.

It should also be noted that while most of the certification bodies are American, their certifications are recognized around the world. Furthermore, candidates can find training through local providers, and many of the certification exams can be written at local testing centres, such as Pearson VUE, or taken online in your own home.

2.1 CertNexus

CertNexus offers certifications and micro-credentials in emerging technologies, such as Internet of Things, Artificial Intelligence, and human-machine interfaces. Their four cyber security certifications are valid for three years.

The Certified First Responder (CRF) certificate validates the knowledge and skills required to protect critical information and systems before, during, and after an incident. It is DoD 8140 approved.
Cyber Safe certification demonstrates that the holder can identify the most common risks involved in using mobile and cloud technologies, and to protect themselves and their organizations from cyber threats.
Cyber Secure Coder (CSC) certificate holders have learned about the vulnerabilities that undermine security, identification, and remediation of those vulnerabilities, as well as strategies for dealing with security defects.
The IRBIZ micro-credential is for IT leaders and executives who are responsible for complying with incident response legislation. Successfully completing the course and exam certifies that the candidate has the necessary skills to assess and respond to security threats, as well as operate a system and network security analysis platform.

A complete list of cyber security certifications offered by CertNexus can be found in Section 3.1.

2.2 Cisco Systems

Cisco Systems is a worldwide leader in networking hardware and solutions and most of today’s Internet traffic travels over Cisco-build network pathways. Obtaining one of their certifications demonstrates that you know how to work with Cisco solutions. There are five levels of certification in Cisco’s program:

Entry: The starting point for individuals interested in starting a career as a networking professional.
Associate: Individuals master the essentials needed to launch a career and expand job possibilities with the latest technologies.
Professional: Individuals select a core technology track and a focused concentration exam to customize their professional level certification.
Expert: Certification is accepted worldwide as the most prestigious certification in the technology industry.
Architect: Demonstrates the architectural expertise of a network designer.

A complete list of cyber security certifications offered by Cisco Systems can be found in Section 3.2.

2.3 Computing Technology Industry Association

The Computing Technology Industry Association (CompTIA) issues certifications in over 120 countries with over 2.2 million recipients. The organization also releases 50 industry studies each year tracking trends and changes. They offer numerous certifications covering a wide range of IT fields, including cyber security, some of which are DoD approved to meet Directive 8140 requirements. The renewal process includes meeting continuing education requirements and paying the annual fees.

CompTIA Advanced Security Practitioner (CASP+) is a performance-based certification for practitioners, rather than managers, at the advanced skill level of cyber security. CASP+ recipients have advanced-level knowledge of risk management, enterprise security operations and architecture, as well as research and collaboration.
CompTIA Cyber Security Analyst (CySA+) certification is a security analyst certification that covers advanced persistent threats in a post-2014 cyber security environment. It validates one’s expertise in security analytics, intrusion detection, and response.
CompTIA PenTest+ is for cyber security professionals who are responsible for penetration testing and vulnerability management. Certification holders have demonstrated their up-to-date hands-on ability and knowledge to test devices in new environments, like cloud or mobile, as well as traditional desktops and servers.
CompTIA Security+ is an entry-level certification. Certificate holders are experts in threat management, cryptography, identity management, security systems, security risk identification and mitigation, network access control, and security infrastructure. Candidates must have 2 years’ experience in network security and have already obtained their Network+ certification.

A complete list of cyber security certifications offered by CompTIA can be found in Section 3.3.

2.4 Council for Registered Ethical Security Testers

The Council for Registered Ethical Security Testers (CREST) is a not for profit organization that provides internationally recognized certification and accreditation for companies and individuals. It has chapters in the UK, United States, Australia, Singapore, and Hong Kong. They provide examinations in Penetration Testing, Threat Intelligence, Incident Response, Security Architecture. The Incident Response has been approved by GCHQ. CREST exams have three levels of accreditation for individuals:

Practitioner – Entry into profession
Registered – Competent to work independently without supervision
Certified – Technically competent to run major projects and teams

A complete list of cyber security certifications can be found in Section 3.4.

2.5 Certified Wireless Network Professionals

Certified Wireless Network Professionals (CWNP) is a vendor-neutral wireless LAN certification program. CWNP offers four levels of enterprise WLAN certifications, from novice to expert. Their certification programs prepare IT professionals and wireless LAN administrators to specify, design, and manage wireless LAN infrastructure and applications.

Certified Wireless Network Expert (CWNE) is the highest-level certification in the CWNP program. Certificate holders have the most advanced skills available in today’s enterprise Wi-Fi market. Candidates must pass four certification exams, complete commercial wireless LAN deployments, provide three recommendations, meet experience and publication requirements, and pass a peer review by the CWNE Board of Advisors.
Certified Wireless Security Professional (CWSP) is a professional level wireless LAN certification for the CWNP program that validates an individual’s ability to assess the vulnerability of a network and help prevent attacks before they happen, perform WLAN security audits and implement compliance monitoring solutions, and design a network’s security architecture. Candidates must obtain Certified Wireless Network Administrator (CWNA) certification before they can earn CWNP certification.

A complete list of cyber security certifications offered by CWNP can be found in Section 3.5.

2.6 EC Council

EC Council is a cyber security technical certification board and operates in 145 countries. It is endorsed by the US Government, National Security Agency, and the Committee on National Security Systems (CNSS).

The Certified Ethical Hacker (ANSI) credential certifies one’s competence in the five phases of ethical hacking: reconnaissance, enumeration, gaining access, maintaining access, and covering tracks. Certification requires passing a 4-hour exam consisting of 125 questions.
The Certified Ethical Hacker (Practical) designation targets the application of CEH skills to real-world security audit challenges and related scenarios. Candidates must complete a 6-hour exam featuring 20 case studies and obtain a 70% score.
A Certified Ethical Hacker (Master) holds both the ANSI and Practical certifications.
The Computer Hacking Forensics Investigator (CHFI) is another universally recognized certification that validates that the recipient is skilled in the areas of anti-hacking, digital forensics, and penetration testing.
The Certified Network Defender (CND) certificate demonstrates a solid understanding of defensive security and the required expertise to secure data.
The EC Council Disaster Recovery Professional (EDRP) certificate holders have the foundation for securing and resorting networks in the event of a disaster like malicious attacks.
The Licensed Penetration Tester (LPT) certification is given only to those who have mastered cybersecurity techniques and is arguably the pinnacle of cybersecurity certifications.

A complete list of cyber security certifications offered by EC Council can be found in Section 3.6.

2.7 Global Information Assurance Certification

Global Information Assurance Certification (GIAC), founded by the SANS institute, specializes in technical and practical certification. Its certifications are linked to training courses provided by SANS and are recognized worldwide. Candidates for Expert Status certification are only required to pass an exam to obtain certification, which is valid for 4 years. To be eligible to renew at the end of the 4-year period, certificate holders must have 36 continuing education credits and pay the recertification fee or re-take the exam. Individuals wishing to pursue Gold Status certification must research and write a technical report or white paper. Gold Status indicates the holder has a deeper knowledge of a subject area.

GIAC Security Essential Certification (GIAC) validates an individual’s knowledge information security beyond the simple terminology and concepts. Recipients are skilled in active defense, cryptography, security policy and plans, incident handling, securing networks, etc.
GIAC Certified Intrusion Analyst (GCIA) validates a practitioner's knowledge of network and host monitoring, traffic analysis, and intrusion detection. Certificate holders are qualified to configure and monitor intrusion detection systems, and to analyze network traffic.
GIAC Certified Incident Handler (GCIH) demonstrates one’s ability to detect, respond, and resolve computer security incidents using a wide range of essential security skills. An individual with GCIH certification has a solid understanding of common cyber-attack techniques and how to defend against them.

A complete list of cyber security certifications offered by GIAC can be found in Section 3.7.

2.8 International Information Systems Security Certification Consortium

The International Information Systems Security Certification Consortium, or (ISC)2, is a non-profit member organization that provides support to members with credentials, resources, and leadership to address cyber, information, software, and infrastructure security. It is a large IT Security organization, with more than 140,000 members worldwide, almost 6,000 of which are Canadian.

(ISC)2 Certifications meet the US Department of Defense (DoD) Cyber Workforce Management directive (Directive 8140)^{Footnote 2}. (ISC)2 offers one of the most popular cyber security certifications:

Certified Information Systems Security Professional (CISSP) designation is often required for the most in-demand cyber security jobs and is considered the ‘gold standard’ of security certifications. Requirements for this advanced level certification include a minimum of 5 years of experience in at least two of (ICS)2’s eight common body of knowledge domains, or 4 years of experience and a college degree or approved credentials. Candidates are also required to pass a 3-hour written exam. Re-certification is required every 3 years. To recertify, candidates must earn 120 continuing professional education credits within the three-year cycle and pay an annual fee.

A complete list of cyber security certifications offered by (ISC)2 can be found in Section 3.8.

2.9 ISACA

ISACA, formerly known as the Information Systems Audit and Control Association, is an international professional association focused on IT governance. It has more than 140,000 members and professionals holding ISACA certifications in 180 countries. Its 200+ chapters provide members with training, and networking and resource sharing opportunities.

Candidates must pass written exams to obtain any of ISACA’s professional certifications, all of which are valid for three years. To maintain certification, credential holders are required to obtain at least 120 continuing professional education credits over the three-year period, and pay an annual membership fee, or re-take the exam. ISACA Cyber Security Certifications include the following:

The Certified Information Security Manager (CISM) credential is aimed at leaders of Cyber Security teams, IT professionals responsible for managing, developing, and overseeing information security systems in enterprise-level applications, or for developing best organizational security practices. In addition to the written exam, candidates must have at least 5 years of security experience and submit a written application.
Certified in Risk and Information Systems Control (CRISC) certification demonstrates the ability to identify, evaluate, and respond to IT risks. Candidates must have 3 years of professional-level risk management and control experience and perform the tasks of at least two CRISC domains. For this certification, education is not an acceptable substitute for work experience.
Cyber Security Nexus Practitioner (CSX‑P) recognizes individuals who can act as first responders for security incidents. Created in 2015, tests one’s ability to perform globally validated cyber security covering the five core functions of the NIST Cyber Security Framework; Identify, Protect, Detect, Respond, and Recover. To obtain certification, candidates must pass a 4-hour performance-based exam consisting of simulated security incidents. At the end of the 3-year certification period, holders must take the latest version of the exam to recertify.

A complete list of cyber security certifications offered by ISACA can be found in Section 3.9.

2.10 itSM Solutions

Built around NIST Cyber Security Framework, itSM Solutions certifications validate that cybersecurity professionals have the baseline skills to design, build, test and manage a cybersecurity program using the NIST Cybersecurity Framework.

NCSF Foundations: For executives, business and IT professionals who need a basic understanding of NCSF to perform their jobs
NCSF Practitioner: Teaches how to build and design a technology focused cyber security program and risk management program. Gives you a deeper understanding of the NCSF and how to adapt and operationalize it.

A complete list of cyber security certifications offered by itSM Solutions can be found in Section 3.10.

2.11 McAffee Institute

McAfee Institute offers several industry-recognized board certifications in the areas of cyber intelligence and investigations, digital forensics, and cryptocurrency investigations. The United States Department of Homeland Securities National Initiative for Cyber Security Careers and Studies (NICCS) lists McAfee Institute as a provider of professional cyber security certifications. Certificate holders come from some of the top law enforcement and government agencies like the U.S Air Force and Army, Federal Bureau of Investigation (FBI) and the New York Police Department (NYPD).

Certified Cyber Intelligence Professional (CCIP) certification was developed in conjunction with the Depart of Homeland Security’ National Cyber Security Workforce Framework. Certification demonstrates that an individual can identify persons of interest, conduct timely cyber investigations, and prosecute cyber criminals. Candidates must hold a bachelor’s degree or higher, and three years of experience in investigations, IT, fraud, law enforcement, forensics, criminal justice, law, and loss prevention.

A complete list of cyber security certifications offered by McAfee Institute can be found in Section 3.11.

2.12 Offensive Security

Offensive Security is an international company that provides security counselling and training for technology companies, including practical performance-based certification programs, virtual lab access, and open source projects.

Offensive Security Certified Professional (OSCP) certification is considered one of the hardest to obtain due to its difficult exam. Candidates are required to successfully attack and penetrate live machines in a safe, lab environment over a 24-hour period. Because of its hands-on nature, it is intended for penetration testers with strong technical and ethical hacking backgrounds. Prior to attempting the exam, candidates must complete the Penetration Testing training course offered by Offensive Security. Obtaining the certificate also qualifies the recipient for 40 (ISC)2 continuing education credits. Unlike many of the other cyber security certifications, the OSCP certificate never expires.

A complete list of cyber security certifications offered by Offensive Security can be found in Section 3.12.

2.13 SECO Institute

Security & Continuity Institute (SECO) is a European institute that offers high-level security and continuity certifications. The SECO certification program consists of seven different certification tracks, each focusing on a specific field of expertise, such as IT Security, Data Privacy, and Ethical Hacking. Tracks starts at the Foundation level, followed by Practitioner and Expert levels. Candidates can then apply for Certified Officer level certifications which are the highest achievable qualification in each certification track.

Ethical Hacking Foundation (S‑EHF) is an entry-level certification for professionals seeking to enter the career field. Certificate holders understand the fundamentals of ethical hacking and can perform basic penetration testing. While there are no prerequisites, it is recommended that candidates have a basic understanding of Linux.
Ethical Hacking Practitioner (S‑EHP) is aimed at professionals who already have solid knowledge of ethical hacking basics. It is recommended that candidates obtain S-EHF certification first. Obtaining certification demonstrates that an individual has a full understanding of the penetration testing process and is familiar with common penetration testing techniques.

A complete list of cyber security certifications offered by SECO can be found in Section 3.13.

2.14 Cyber Credentials Collaborative

Cyber Credentials Collaborative (C3) was created in 2011 to promote the benefits of certifications in the skills development of information security professionals around the world. C3 provides awareness of and advocacy for vendor-neutral credentials in information security, privacy, and other IT disciplines. By providing a forum for members to collaborate on issues of shared concern, C3 aims to advance IT careers, better prepare the workforce, and ensure that IT certifications are developed to meet the needs of government, private organizations, and educational institutions.

The below listed certification bodies are all members of C3:

CertNexus
Computing Technology Industry Association
EC-Council
Global Information Assurance Certification
International Information Systems Security Certification Consortium
ISACA

Top of page

3.0 Cyber Security certification listings and descriptions

The tables below offer a more fulsome list of the different cyber security certifications available to individuals, in alphabetical order.

Prior to attempting a certification exam, candidates can purchase training (in-class, online, or self-paced courses) and other exam preparation materials, such as practice exams, through the vendors and training providers listed in the last column. Some vendors also offer course bundles that include exam fees.

3.1 CertNexus

Table 1 CertNexus certification listing and descriptions^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
Certified First Responder (CFR)	Validates a candidate’s knowledge of analyzing threats, designing secure computing and network environments, proactively defecting networks and responding to/investigating cyber security incidents DoD approved (Directive 8140) Candidates should have 3-5 years of experience working in a computing environment protecting critical information systems before, during, and after an incident Exam consists of 100 multiple choice questions Valid for 3 years 2 options for re-certification: Take the most recent version of the exam Earn 90 continuing educated credits within the 3 years and paying annual fees	System Administrators Network Administrators Incident Responders Cyber Crime Investigators IT Auditors Security Analysts Network Analysts Information Systems Security Engineers	Fast Lane Global Knowledge Learning Tree New Horizons Providers that also offer courses in French: Eccentrix
Certified IoT Security Practitioner (CIoTSP)	Validates a candidate’s knowledge, skills, and ability to secure network environments for IoT devices, analyze vulnerabilities and determine reasonable controls against threats and effectively monitor IoT devices and respond to incidents Candidates should have a fundamental understanding of IoT ecosystems Exam consists of 100 multiple choice questions	Network Administrators Software Development Engineer Solution Architects Cyber Security Analysts Web Developers Cloud Engineers	Deloitte Global Knowledge New Horizons Providers that also offer courses in French: Eccentrix
Cyber Secure Coder (CSC)	Demonstrates that a candidate has learned about the vulnerabilities that undermine security, identification and remediation of those vulnerabilities, and strategies for dealing with security defects. Candidates should have some programming experience (developing desktop, mobile, web, or cloud applications) Exam consists of 80 multiple choice questions Valid for 3 years	Lead Developers Junior Programmers Application Testers QA Testers Software Designers Software Architects	Global Knowledge New Horizons Providers that also offer courses in French: Eccentrix
CyberSafe	Validates that a candidate can identify the most common risks involved in using mobile and cloud technologies, and to protect themselves and their organizations from cyber threats No prerequisites for exam but candidates should have experience with basic technology (computers, smartphones, email, internet etc.) Exam is only 10 questions and has no time limit	Non-technical computer end-users	New Horizons Saskatoon Business College Providers that also offer courses in French: Eccentrix
IRBIZ micro credential	Certifies that a candidate has the necessary skills to assess and respond to security threats, and operation a system and network security analysis platform. Candidates should have a general understanding of cyber security Exam consists of 10 multiple choice and true/false questions Valid for 3 years	IT leaders and Executives responsible for incident response legislation compliance	New Horizons Providers that also offer courses in French: Eccentrix

3.2 Cisco Systems

Table 2 Cisco Systems certification listing and descriptions^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
Cisco Certified CyberOps Associate	Certification prepares candidates to begin working with associate-level cybersecurity analysts within security operations centers No prerequisites DoD approved (Directive 8570) Candidates must pass two 2 exams to receive certification Valid for 3 years Recertification requires taking a recertification exam, or completing learning activities and 30 earning continuing education credits	Cyber Security Analysts Security Operations Centre Team members	Global Knowledge Centennial College NetCom Learning
Cisco Certified Network Associate Security (CCNA Security)	Validates a candidate’s ability to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats. Candidates should already have a valid Cisco CCENT, CCNA Routing and Switching, or any CCIE certification DoD approved (Directive 8570.01) Valid for 3 years Recertification requires taking a recertification exam, or completing learning activities and 30 earning continuing education credits	Network Administrators Network Engineers	Cybrary InfoSec Centennial College NetCom Learning Providers that also offer courses in French: AFI Expertise Collège de Maisonneuve Eccentrix

3.3 CompTIA

Table 3 CompTIA certification listing and descriptions^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
Advanced Security Practitioner (CASP+)	Advanced level certification The only performance-based certifications for practitioners rather than managers, at the advanced level of cyber security Validates advanced-level competency in risk management, enterprise security operations and architecture, research and collaboration, and integration of enterprise security DoD approved (Directive 8140/8570) Candidates require 10 years of experience in IT administration; 5 of which are hands-on technical security experience Exam consists of 90 multiple choice and performance-based questions Valid for 3 years Renewal requires obtaining 75 continuing education credits during the 3-year period	Security Architect Technical Lead Analyst Security Engineer Application Security Engineer	Global Knowledge Intrinsec Learn IT Canada SecureNinja Skills Build Canada Ultimate IT Courses Providers that also offer courses in French: Eccentrix
Cyber Security Analyst (CySA+)	Intermediate level cybersecurity analyst certification The most up to date security analyst certification covering advanced persistent threats in a post-2014 cyber security environment. Validates a candidate’s expertise in security analytics, intrusion detection, and response Candidates should have 3-4 years of information security or related experience, and Network+ or Security+ certification, or equivalent knowledge Approved by US Department of Defence Exam consists of 85 multiple choice and performance-based questions Valid for 3 years Renewal requires obtaining 60 continuing education credits during the 3-year period	IT Security Analyst Security Operations Centre Analyst Cyber Security Specialist Threat Intelligence Analyst Security Engineer Cyber Security Analyst	CertFirst CLC Technical Training New Horizons SecureNinja Providers that also offer courses in French: Eccentrix
Network+	Validates a candidate’s knowledge and skills in designing and implementing functional networks Prerequisites are A+ certification and 9-12 months of networking experience Good to have for developing a career in IT infrastructure (troubleshooting, configuring, managing networks) Exam consists of 90 multiple choice and performance-based questions Valid for 3 years Renewal requires obtaining 30 continuing education credits during the 3-year period	Entry-level positions Junior Network Administrator Computer technician Junior System Engineer	AFI Expertise CertFirst CLC Technical Training Global Knowledge Providers that also offer courses in French: AFI Expertise Collège de Maisonneuve Eccentrix
PenTest+	Intermediate level certification Validates a candidate’s ability and knowledge to test devices in new environments, like cloud or mobile, as well as traditional desktops and servers Candidates should have 3-4 years of hands-on information security or related experience Exam consists of a maximum of 85 multiple choice and performance-based questions Renewal requires obtaining 60 continuing education credits during the 3-year period	Penetration Tester Vulnerability Tester Security Analyst Network Security Operations	Global Knowledge Learning Tree Udemy Providers that also offer courses in French: Eccentrix
Security+	Entry-level certification Validates baseline cyber security skills needed to perform core security functions Certificate holders are experts in threat management, network access control, and security infrastructure. Candidates must have 2 years of experience in network security and obtained Network+ certification Valid for 3 years Renewal requires obtaining 50 continuing education credits during the 3-year period	Systems Administrator Network Administrator Security Administrator Junior IT Auditor Penetration Tester Security Engineer	CertFirst CLC Technical Training Cybrary New Horizons SecureNinja Providers that also offer courses in French: AFI Expertise Eccentrix Global Knowledge

3.4 Council for Registered Ethical Security Testers (CREST)

Table 4 CREST certification listing and descriptions^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
Certified Infrastructure Tester	Validates a candidate’s ability to assess a network for flaws and vulnerabilities at the network and operating system layer Exam consists of a multiple-choice written portion, and two 6hr hands-on practical components Valid for 3 years To recertify, candidates must re-write the exam	System Administrators Penetration Testers Information Security Managers Incident Handlers	Accenture CISCO Firebrand
Certified Web Application Tester	Assesses a candidate’s ability to find vulnerabilities in bespoke web applications. Exam consists of a multiple-choice written portion, and two 6hr hands-on practical components Valid for 3 years To recertify, candidates must re-write the exam	Penetration Testers Ethical Hackers	Accenture CISCO Cobalt Labs Cyber Management Alliance
CREST Certified Wireless Specialist (CCWS)	Validates a candidate’s knowledge and skills in performing traditional wireless security reviews, RFID, Bluetooth and other wireless technologies Prerequisite is successful completion of one of the core CREST certification exams 2-part exam: 120 multiple choice questions and practical tasks Valid for 3 years To recertify, candidates must re-write the exam	Senior professionals	7Safe Cyberskills Training
Practitioner Security Analyst (CPSA)	Entry-level certification Validates a candidate’s knowledge in assessing operating systems and common network services at a basic level Candidates must demonstrate that they have the knowledge to perform basic infrastructure and web application vulnerability scans and interpret the results to locate security vulnerabilities. Exam consists of multiple-choice questions Valid for 3 years To recertify, candidates must re-write the exam	System Administrators Penetration Testers Information Security Managers Incident Handlers	Crucial Academy ICSI Ltd iHack Labs Ltd Immersive Labs Net Security Training Ltd QA
Registered Penetration Tester (CRT)	Validates a candidate’s ability to carry out basic vulnerability assessment and penetration testing tasks. During the exam, candidates are required to find known vulnerabilities across common network, application and database technologies; includes a multiple-choice section Pre-requisite is the CPSA certification Valid for 3 years To recertify, candidates must re-write the exam	System Administrators Penetration Testers Information Security Managers Incident Handlers	6Point6 Crucial Academy ICSI Ltd iHackLabs Ltd Immersive Labs Net Security Training Ltd QA Trustwave Spider Labs

3.5 Certified Wireless Network Professions (CWNP)

Table 5 CWNP certification listing and descriptions^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
Certified Wireless Network Expert (CWNE)	Advanced-level certification Less than 200 CWNE certificate holders in the world Validates that a candidate has mastered all the relevant to administer, install, configure, troubleshoot and design wireless networks, and has a deep understanding of protocol analysis, intrusion detection and prevention. Candidates are required to have 3-years of experience related to Wi-Fi networks Application requirements include endorsement from 3 people and written submissions (essays and publications) Candidates must pass 4 exams and complete commercial wireless LAN deployments Valid for 3 years Renewal requires paying a renewal fee and obtaining 60 continuing education credits over a 3-year period	Individuals in senior WLAN positions	N/A
Certified Wireless Security Professional (CWSP)	Validates a candidate’s ability to assess the vulnerabilities of a network, help prevent attacks before they happen, perform WLAN security audits, and implement compliance monitoring solutions. Candidate must have already obtained Certified Wireless Network Administrator (CWNA) certification Exam consists of 60 multiple choice questions Valid for 3 years Recertification requires having valid CWNA certification and passing the current version of the exam or pass the CWNE exam.	IT Networking Professionals	NetCert Expert WiFi Training

3.6 EC Council

Table 6 EC Council certification listing and descriptions^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
Advanced Network Defence CAST 614	Advanced-level certification Validates a candidate’s knowledge of fundamental network defense, secure enterprise architecture and malware defense Candidates must have 2 years of related work experience in Information Security Exam consists of 50 written and 10 practical questions Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Firewall Administrator System Architect System Administrator Windows Administrator	Firebrand Global Knowledge
Advanced Penetration Tester (APT)	Advanced-level certification Validates a candidate’s advanced penetration testing skills Prepares a candidate for the Licensed Penetration Tester (Master) exam Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Ethical Hacker Penetration Tester Network Server Administrator Risk Assessment Professionals	iClass Learning Tree Providers that also offer courses in French: Eccentrix
Certified Application Security Engineer (CASE)	Two streams: JAVA and .NET Validates that a candidate has the critical security skills and knowledge required throughout a typical software development life cycle (SDLC) Candidates require 2 years of Java Development or .NET development experience Valid for 3 years Exams consist of 50 multiple choice questions To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Individuals responsible for developing, testing, managing, or protecting wide area of applications Developers who want to become Application Security Engineers, Analysts or Testers	Global Knowledge iClass Learning Tree Providers that also offer courses in French: Eccentrix
Certified Chief Information Security Officer (CCISO)	Candidates require five years of Information Security Management experience in all five CCISO domains, or completion of EC Council Information Security Manager (EISM) Program CCISO program is aimed at producing top-level information security executives DoD approved (Directive 8140) Meets GCHQ Certified Training standard Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Chief Information Security Officers	Ferro Technics iClass Learning Tree Providers that also offer courses in French: Eccentrix
Certified Ethical Hacker (ANSI)	Entry-level credential Certifies competence in the 5 phases of ethical hacking: reconnaissance, enumeration, gaining access, maintaining access, and covering tracks. Candidates are required to have 2 years of work experience in information security Meets GCHQ Certified Training standard Exam consists of 125 questions Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Security Officers IT Auditors Site Administrators	CertBolt Global Knowledge iClass Learning Tree SimpliLearn Providers that also offer courses in French: Eccentrix Kereon
Certified Ethical Hacker (Master)	Candidate holds both the ANSI and Practical CEH certifications Meets GCHQ Certified Training standard Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Security Officers IT Auditors Site Administrators	CertBolt Global Knowledge iClass Learning Tree SimpliLearn Providers that also offer courses in French: Eccentrix
Certified Ethical Hacker (Practical)	Entry-level credential Targets the application of CEH skills to real-world security audit challenges and related scenarios Meets GCHQ Certified Training standard 6-hour exam features 20 case studies Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Security Officers IT Auditors Site Administrators	CertBolt iClass Learning Tree SimpliLearn Providers that also offer courses in French: Eccentrix Global Knowledge
Certified Network Defence Architect (CNDA)	Entry-level certification superficially designed for Government and Military agencies around the world Candidates must have at least 2 years of experience in Information Security, hold valid CEH certification and be employed by a government or military agency, or be a contract employee of the government No exam Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Security Officer IT Auditor Site Administrator	MindHub ProTech
Certified Network Defender (CND)	Demonstrates that a candidate has a solid understanding of defensive security and the required expertise to secure data Candidates require 2 years of work experience in IT Security Exam consists of 100 multiple choice questions Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Network Administrators Security Analysts Security Operators Network Security Engineers	Global Knowledge iClass InfoSec Learning Tree Providers that also offer courses in French: Eccentrix
Certified Secure Computer User (CSCU)	Validates that a candidate can identify information security threats and mitigate them effectively No prerequisites Exam consists of 50 multiple choice questions Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Anyone 13 and over who uses a computer for work, study, or play	Ethical Hacking Interwork Providers that also offer courses in French: Eccentrix
Certified SOC Analyst (CSA)	Candidates require 1 year of work experience in Network Admin/Security Validates a candidate’s comprehensive understanding of the tasks required as a SOC Analyst Exam consists of 100 multiple choice questions Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Tier 1 and Tier 2 Security Operations Centre Analysts Cyber Security Analysts Network and Security Administrators	Global Knowledge iClass Near Secure Providers that also offer courses in French: Eccentrix
Certified Threat Intelligence Analyst (CTIA)	Demonstrates that a candidate has mastered the knowledge and skills required for threat intelligence Candidates require 2 years of work experience in IT Security Exam consists of 50 multiple choice questions Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Ethical Hackers Digital Forensic and Malware Analysts Threat Hunters Threat Intelligent Analysts Incident Response Team Members	Global Knowledge iClass InfoSec Providers that also offer courses in French: Eccentrix
Computer Hacking Forensics Investigator (CHFI)	Universally recognized certification Specialist-level program for those dealing with cyber threats on a regular basis Validates a candidate is skilled in areas of anti-hacking, digital forensics, and penetration testing Candidates are IT/forensics professionals with basic knowledge of IT/cyber security, computer forensics, and incident response It is recommended that candidates obtain the CEH certification first DoD approved (Directive 8140) Exam consists of 150 multiple choice questions Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Ethical Hackers Threat Intelligence Analysts Digital Forensic and Malware Analysts Law enforcement personnel	Global Knowledge iClass InfoSec Learning Tree Providers that also offer courses in French: Eccentrix Kereon
EC Council Disaster Recovery Professional (EDRP)	Validates that a candidate has the foundation for securing and restoring networks in the event of a disaster such as a malicious attack Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	IT Directors and CISOs IT Risk Managers Business Continuity and Disaster Recovery Consultants	Global Knowledge iClass Near Secure Providers that also offer courses in French: Eccentrix
EC-Council Certified Encryption Specialist (ECES)	Entry-level certification Demonstrates that a candidate is proficient in the skills and techniques needed to protect their systems and valuable data Candidates must have at least 1 year of related work experience in Information Security It is recommended, but not required, that you obtain CEH certification prior to attempting ECES training and exam Exam consists of 50 multiple choice questions Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Cryptanalyst Cryptographer Ethical Hackers Penetration Testers	Global Knowledge iClass SimpliLearn Providers that also offer courses in French: Eccentrix
EC-Council Certified Incident Handler (ECIH)	Validates that a candidate can create incident handling and response policies, deal with various types of computer security incidents such as network security incidents, malicious code incidents, and insider attack threats Candidates require 1-year work experience in IT Security Exam consists of 100 multiple choice questions Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Incident Handlers Risk Assessment Handles Penetration Testers System Administrators Network Managers	Global Knowledge iClass Learning Class Learning Tree Providers that also offer courses in French: Eccentrix
EC-Council Certified Security Analyst (ECSA)	Entry-level certification Candidates must have 2 years of related work experience in Information Security Meets GCHQ Certified Training standard Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Ethical Hacker Penetration Tester Firewall Administrator Security Testers Network Server Administrator	CertBolt iClass Learning Tree Providers that also offer courses in French: Eccentrix
EC-Council Certified Security Specialist (ECSS)	Entry-level certification Validates that a candidate understands the fundamental concepts of information security, computer forensics, and network security. Candidates are required to have 1-year work experience in IT Security Exam consists of 50 multiple choice questions Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Individuals interested in learning the fundamentals of information security, network security, and computer forensics	Global Knowledge Kaplan Udemy Providers that also offer courses in French: Eccentrix
Licensed Penetration Tester (LTP)	Advanced-level certification Recipients have mastered cyber security techniques Exam is the capstone to EC-Council’s information security track Valid for 3 years To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees	Ethical Hacker Penetration Tester Network Server Administrator Risk Assessment Professionals	Global Knowledge Learning Tree Providers that also offer courses in French: Eccentrix

3.7 Global Information Assurance Certification (GIAC)

Table 7 GIAC certification listing and descriptions^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
GIAC Advanced Smartphone Forensics (GASF)	Advanced-level certification Validates a candidate is qualified to perform forensic examinations on devices such as mobile phones and tablets; and has an understanding of the fundamentals of mobile forensics, device file system analysis, mobile application behaviour, event artifact analysis and the identification and analysis of mobile device malware Valid for 4 years Exam consists of 75 questions Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Digital Forensic and Malware Analyst Cyber Defense Forensic Analysts and Investigators Penetration Testers Exploit Developers Threat Hunters	No training required, but SANS Institute offers exam prep
GIAC Assessing and Auditing Wireless Networks (GAWN)	Advanced-level certification Demonstrates knowledge of the different security mechanisms for wireless networks, the tools and techniques used to evaluate and exploit weaknesses, and techniques used to analyze wireless networks. Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Auditors Ethical Hackers Penetration Testers Network Security Professionals Wireless System Engineers	No training required, but SANS Institute offers exam prep
GIAC Certified Detection Analyst (GCDA)	Advanced-level certification Validates a candidate’s ability to collect, analyze, and tactically use modern network and endpoint data sources to detect malicious or unauthorized activity GCDA certificate holders are qualified for hands-on leadership positions that deal with Security Information and Event Management (SIEM) Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Security Analysts Security Architects Senior Security Engineers Security Operations Centre Engineers and Analysts Cyber Threat Investigators	No training required, but SANS Institute offers exam prep
GIAC Certified Enterprise Defender (GCED)	Advanced-level certification Validates a candidate’s knowledges and abilities in the areas of defensive network infrastructure, packet analysis, penetration testing, incident handling, and malware remove Exam consists of 115 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Incident Responders Penetration Testers Security Operations Centre Engineers and Analysts Network Security Professionals	No training required, but SANS Institute offers exam prep
GIAC Certified Forensic Analyst (GCFA)	Advanced-level certification Validates that a candidate has the knowledge, skills, and ability to conduct formal incident investigations and handle advanced incident handling scenarios, such as internal and external data breach intrusions or advanced persistent threats. Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Incident Response Team Members Security Operations Centre Analysts Federal Agents and Law Enforcement Professionals Digital Forensics Analysts	No training required, but SANS Institute offers exam prep
GIAC Certified Forensic Analyst (GCFA)	Advanced-level certification Validates a candidate’s ability to conduct formal incident investigations and handle advanced incident handling scenarios such internal/external data breach intrusions, advanced persistent threats, and complex forensic cases. Exam consists of up to 115 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Incident Response Team members Threat Hunters SOC Analysts Digital Forensic Analysts	No training required, but SANS Institute offers exam prep
GIAC Certified Forensic Examiner (GCFE)	Intermediate-level certification Validates a candidate’s knowledge of computer forensics analysis, including core skills needed to collect and analyze data from Windows systems Exam consists of 115 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Information Security professionals Law enforcement members Digital Forensics and Malware Analysts Cyber Defense Forensic Analysts and Investigators	No training required, but SANS Institute offers exam prep
GIAC Certified Incident Handler (GCIH)	Intermediate-level certification Demonstrates one’s ability to detect, respond, and resolve computer security incidents using a wide range of essential security skills Exam consists of 100-150 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Incident Response Team Members Cyber Defence Incident Responder	No training required, but SANS Institute offers exam prep
GIAC Certified Intrusion Analyst (GCIA)	Advanced-level certification Validates a candidate’s knowledge of network and host monitoring traffic analysis, and intrusion detection Certificate holders are qualified to configure and monitor intrusion detection systems, and to analyze network traffic Exam consists of 100-150 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Individuals who are responsible for network and host monitoring, traffic analysis, or intrusion detection Threat Hunters Security Operations Centre Analysts Incident Response team members	No training required, but SANS Institute offers exam prep
GIAC Certified Perimeter Protection Analyst (GPPA)	Advanced-level certification Demonstrates that a candidate has the knowledge, skills, and abilities to design, configure, and monitor routers, firewalls, and perimeter defense systems. Exam consists of 75 questions Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period Validates a candidate’s knowledge of the 8 domains of cybersecurity knowledge as determined by (ISC)2 that form a critical part of their CISSP exam Demonstrates the candidate’s knowledge of asset security, communications and network security, identity and access management, security and risk management, security assessment and testing, security engineering, security operation, and software development security. Some experience in information systems and networking is required Exam consists of 250 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	System Administrators Security Administrators Network Administrators Security Managers	No training required, but SANS Institute offers exam prep
GIAC Certified UNIX Security Administrator (GCUX)	Advanced-level certification Validates a candidate’s knowledge of hardening Linux/Unix systems, Linux application security, and Linux/UNIX digital forensics Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Individuals responsible for installing, configuring, and monitoring UNIX and/or Linux systems Auditors Incident Responders	No training required, but SANS Institute offers exam prep
GIAC Certified Web Application Defender (GWEB)	Advanced-level certification Demonstrates that a candidate has mastered the security knowledge and skills needed to deal with common web application errors that lead to most security problems. Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Application Developers Application Security Analysts Application Architects Penetration Testers Individuals in roles requiring PCI compliance	No training required, but SANS Institute offers exam prep
GIAC Certified Windows Security Administrator (GCWN)	Advanced-level certification Validates a candidate’s ability to secure Windows clients and servers, and knowledge of configuring and managing the security of Microsoft operating systems and applications Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Individuals responsible for installing, configuring, and securing Microsoft Windows clients and servers	No training required, but SANS Institute offers exam prep
GIAC Continuous Monitoring Certification (GMON)	Advanced-level certification Validates a candidate’s ability to deter intrusions and quickly detect anomalous activity Exam consists of 115 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Security Architects Security Operations Centre Analysts and Managers Technical Security manager Security Engineers	No training required, but SANS Institute offers exam prep
GIAC Critical Controls Certification (GCCC)	Advanced-level certification The only certification that is based on the Critical Security Controls, a prioritized, risk-based approach to security. Validates a candidate’s knowledge and skills to implement and execute the Critical Security Controls recommended by the Council on Cybersecurity and perform audits based on the standard. No prerequisites Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	IT Administrators DoD personnel Network Security Engineers Security Vendors Security Auditors, CIOs, and Risk Officers	No training required, but SANS Institute offers exam prep
GIAC Critical Infrastructure Protection (GCIP)	Advanced-level certification Validates a candidate has the knowledge and skills needed to understand the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) regulations and plan practical implementation strategies to achieve regulatory compliance. Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Security Operations Analysts Team Leaders and Managers Incident Response Analysts ICS Cyber Security Practitioners	No training required, but SANS Institute offers exam prep
GIAC Cyber Threat Intelligence (GCTI)	Advanced-level certification Validates a candidate’s ability to understand and analyze complex threat analysis scenarios; identify, create, and validate intelligence requirements through threat modelling. Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Incident Response Team members Threat Hunters Intelligence Analysts	No training required, but SANS Institute offers exam prep
GIAC Defending Advanced Threats (GDAT)	Advanced-level certification Validates that a candidate has advanced knowledge of how adversaries penetrate networks and what security controls are effective to stop them. Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Security Architects Security Engineers Technical Security Managers	No training required, but SANS Institute offers exam prep
GIAC Defensible Security Architecture (GDSA)	Advanced-level certification Validates that a candidate’s real-world, hands-on skills dealing with network-centric and data-centric approaches to defensible security architecture, hardening applications across the TCP/IP stack, and secure environment creation with private, hybrid, or public clouds Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Security Architects Network Engineers Security Analysts Cyber Threat Investigators Senior Security Engineers Security Analysts	No training required, but SANS Institute offers exam prep
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)	Advanced-level certification Validates a candidate’s ability to find and mitigate significant security flaws in systems and networks Exam consists of 55-75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Vulnerability Testers Security Analysts Vulnerability Assessment Analysts	No training required, but SANS Institute offers exam prep
GIAC Information Security Fundamentals (GISF)	Introductory-level certification Validates a candidate’s knowledge of security’s foundation, computer functions and networking, introductory level cryptography, and cyber security technologies Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Management Information Security Officers System Administrators Professionals who need an introduction to cyber security fundamentals	No training required, but SANS Institute offers exam prep
GIAC Information Security Professional (GISP)	Intermediate-level certification for Managers and Leaders Validates a candidate’s knowledge of the 8 domains of cybersecurity knowledge, asset security, communications and network security, identity and access management, security and risk management, security assessment and testing, security engineering, security operations, and software development security. Candidate should have some experience in information systems and networking Exam consists of 250 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	System Administrators Security Administrators Network Administrators Security Managers	No training required, but SANS Institute offers exam prep
GIAC Mobile Device Security Analyst (GMOB)	Advanced-level certification Validates a candidate’s to properly secure mobile devices that are accessing vital information Demonstrates knowledge of assessing and managing mobile device and application security, and mitigating against malware and stolen devices Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Information Security Analysts Penetration Testers Ethical Hackers Network and System Administrators	No training required, but SANS Institute offers exam prep
GIAC Network Forensic Analyst (GNFA)	Advanced-level certification Validates a candidate’s ability to perform examinations employing network forensic artifact analysis Exam consists of 50 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Law Enforcement members Digital Forensic and Malware Analysts Cyber Defence Analysts Incident Response team members Security Operations Centre team members	No training required, but SANS Institute offers exam prep
GIAC Penetration Tester (GPEN)	Advanced-level certification Validates a candidate’s ability to properly conduct a penetration test, using best practice techniques and methodologies Exam consists of up to 115 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Penetration Tester Exploit Developers Network Security personnel Ethical Hackers	No training required, but SANS Institute offers exam prep
GIAC Response and Industrial Defence (GRID)	Advanced-level certification Demonstrates that a candidate understands the Active Defence Approach, ICS-specific attacks, and how these attacks inform mitigation strategies Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Industrial Control System Incident Response Team leads and members Security Operations Centre Team leads and Analysts Active Defenders	No training required, but SANS Institute offers exam prep
GIAC Response and Industrial Defense (GRID)	Advanced-level certification Validates a candidate’s understanding of the Active Defense approach, ICS-specific attacks and how these attacks inform mitigation strategies. Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	ICS Incident Response team members Active Defenders Security Operations Centre Team Leads and Analysts	No training required, but SANS Institute offers exam prep
GIAC Reverse Engineering Malware (GREM)	Advanced-level certification Validates a candidate’s knowledge and skills to reverse-engineer malware that targets common platforms such as Microsoft Windows and web browsers Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	System and Network Administrators Auditors Security Managers Forensic Investigators	No training required, but SANS Institute offers exam prep
GIAC Security Essentials Certification (GSEC)	Entry-level certification Validates an individual’s knowledge of information security beyond simple terminology and concepts Recipients are skilled in active defense, cryptography, security policy and plans, incident handling and securing networks. Exam consists of 180 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Security Professionals	No training required, but SANS Institute offers exam prep
GIAC Security Expert (GSE)	Less than 250 GSE certificate holders in the world Validates that a candidate has mastered the wide variety of skills required by top security consultants and practitioners Pre-requisites are GSEC, GCIH, GCIA with 2 Gold certifications Exam consists of 2 parts: 24 VM-based hands-on questions and a practical lab Valid for 4 years Recertification requires taking the current version of the exam Renewing GSE certification renews all other active GIAC certifications	Top Security Consultants and Practitioners	No training required, but SANS Institute offers exam prep
GIAC Security Leadership (GSLC)	Advanced-level certification for Managers and Leaders Validates a candidate’s knowledge of governance and technical controls focused on protecting, detecting, and responding to security issues. Exam consists of 115 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Managers/Supervisors of Information Security teams IT Managers	No training required, but SANS Institute offers exam prep
GIAC Systems and Network Auditor (GSNA)	Advanced-level certification for Managers and Leaders Validates a candidate’s ability to apply basic risk analysis techniques and to conduct technical audits of essential information systems Exam consists of 115 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Technical staff responsible for securing and auditing information systems Auditors Network Administrators Managers of Audit or Security teams	No training required, but SANS Institute offers exam prep
GIAC Web Application Penetration Tester (GWAPT)	Advanced-level certification Validates a candidate’s ability to better secure organizations through penetration testing and thorough understanding of web application security issues. Demonstrates knowledge of web applications exploits and penetration testing methodologies Exam consists of 75 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Penetration Testers Vulnerability Testers Security Analysts Vulnerability Assessment Analysts Ethical Hackers Website Designers	No training required, but SANS Institute offers exam prep
Global Industrial Cyber Security Professional (GICSP)	Advanced-level certification Assesses a candidate’s base level of knowledge and understanding across a diverse set of professionals who engineer or support control systems and share responsibility for the security of these environments No perquisites Exam consists of 115 questions Valid for 4 years Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period	Security Engineers Industry Managers Security Analysts	No training required, but SANS Institute offers exam prep

3.8 International Information Systems Security Certification Consortium

Table 8 (ISC)2 certification listing and descriptions^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
Certified Cloud Security Professional (CCSP)	Co-developed with Cloud Security Alliance (CSA) Recognizes IT and information security leaders who have the knowledge and skills with cloud security architecture, design, operations, and service orchestration Candidates require a minimum of 5 years work related experience in IT; at least 3 of those years must be in information security and 1 year in one of the 6 domains of CCSP Common Body of Knowledge Exam consists of 125 multiple choice questions Valid for 3 years Recertification requires obtaining 90 continuing education credits during 3-year period	Enterprise Architect Systems Engineer Systems Architect Security Administrator IT and Information Security Leaders	Beyond20 Cyper Deloitte Farro Technics Global Knowledge Knowledge Academy Learning Tree Providers that also offer courses in French: Eccentrix
Certified Information Systems Security Professional (CISSP)	Advanced-level certification Candidates require a minimum of 5-years related work experience in at least 2 of the 8 (ISC)2 common body of knowledge of domains; or 4-years of work experience and a college degree or other approved credential US Department of Defense (DoD) approved (Directive 8750.1) Exam consists of 100-150 item computer adaptive testing Valid for 3 years Recertification requirements include obtaining 120 continuing professional education credits during the 3-year period Three concentrations are also available to those possessing valid CISSP certification: CISSP-ISSAP (Architecture) CISSP-ISSEP (Engineering) CISSP-ISSMP (Management)	Chief Information Security Officer Chief Security Officer Security Analyst/Auditor Director of Security IT Director/Manager	Beyond 20 Cyper Deloitte Fanshaw College Ferro Technics Global Knowledge Knowledge Academy Learning Tree Ryerson University Seneca College York University Providers that also offer courses in French: Collège de Maisonneuve Eccentrix Hec Montreal
Healthcare Information Security and Privacy Practitioner (HCISPP)	Validates knowledge and skills to implement, manager, or assess security and privacy controls for healthcare and patient information Designed for practitioners and consultants in healthcare information security and privacy Candidates require a minimum of 2-years work experience Exam consists of 125 multiple choice questions Valid for 3 years Recertification requires obtaining 60 continuing education credits during the 3-year period	Compliance Officer Medical Records Supervisor Practice Manager Information Security Manager Health Information Manager	Cyper Intrinsec Learning Tree
Systems Security Certified Practitioner (SSCP)	Global IT security certification Entry-level certification Demonstrates that the holder has the technical skills and knowledge to implement, monitor, and administer an IT infrastructure. Designed for practitioners in operational IT roles or in information security Candidates must have 1 year of cumulative work experience in one or more of the 7 domains of SSCP Common Body of Knowledge; a 1-year experience waiver will be granted to candidates who hold a bachelor’s or master’s degree in Cyber Security Exam consists of 125 multiple choice questions Valid for 3 years Recertification requires obtaining 60 continuing education credits during the 3-year period	Network Security Engineer Systems Administrator Security Analyst Systems/Network Analyst Security Consultant IT Administrators, Directors, or Managers	Beyond20 Cyper Ferro Technics Global Knowledge Learning Tree Providers that also offer courses in French: Eccentrix

3.9 ISACA

Table 9 ISACA certification listing and descriptions^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
Certified Cybersecurity Practitioner (CSX‑P)	New certification created in 2015 Recognizes individuals who can act as first responders for security incidents The only certification that tests one’s ability to perform globally validated cyber security covering the 5 core functions of the NIST Cyber Security Framework; Identify, Protect, Detect, Respond, and Recover Candidates must pass a performance-based exam consisting of simulated security incidents. Valid for 3 years Recertification requirements include obtaining 120 hours of continuing professional education during 3-year period	Security Practitioners Incident Handlers	Global Knowledge Intrinsec Security Learning Tree
Certified in Risk and Information Systems Control (CRISC)	Recognizes those who identify, evaluate, and manage risk through the development, implementation, and maintenance of information systems controls Candidates must have 3-years of professional-level risk management and control experience, no education substitutes Valid for 3 years Recertification requirements include obtaining 120 hours of continuing professional education during a 3-year period	IT and Business professionals Risk and Compliance professionals Business Analysts Project Managers Security directors	Global Knowledge Knowledge Academy Learning Tree Providers that also offer courses in French: 2AB & Associates
Certified Information Security Manager (CISM)	Management focused certification Recognizes candidates who manage, design, oversee, and assess an enterprise’s information security Candidates require a minimum of 5-years of information security experience gained within the 10-year period before writing the exam Written application is required Exam consists of 150 questions / 4 hours long Valid for 3 years Recertification requirements include obtaining 120 hours of continuing professional education during 3-year period	Information security managers and directors IT Security Analysts Risk Analysts IT Auditor Information Systems Security Manager	Global Knowledge Knowledge Academy Learning Tree University of Toronto Providers that also offer courses in French: 2AB & Associates
Certified Information Systems Auditor (CISA)	Globally recognized certification Validates a candidate’s audit experience, skills and knowledge, and ability to assess vulnerabilities, report on compliance and institute controls within the enterprise Candidates require 5 years of professional IS auditing, control or security work experience; some education substitutes Exam consists of 150 questions Certificate holders are required to take at least 120 hours of continuing education during the 3-year period	IS audit control, assurance, and security professionals	Ferro Technics Global Knowledge Knowledge Academy Learning Tree Netcom Learning NobleProg SimpliLearn Providers that also offer courses in French: 2AB & Associates

3.10 itSM Solutions

Table 10 itSM Solutions certification listing and descriptions^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
NCSF Foundation	Entry-level certification Validates that a candidate has the knowledge and ability to operationalize the NIST Cyber Security Framework (NCSF) No prerequisites but basic computing skills and security knowledge are recommended Exam consists of 100 multiple choice questions	Security, IT, Risk Management professionals Auditors Other professions who need to understand the basics of cyber security, the components of the NIST CSF and how it aligns to risk management	Knowledge Peak LRS Education Services University of Connecticut
NCSF Practitioner	Validates a candidate’s skills and abilities to design, build, test, manage, improve a cyber security program based on NCSF Candidates must complete the NCSF Foundation training/exam before attempting the exam Exam consists of 100 multiple choice questions	IT and Cyber Security Professionals	Knowledge Peak LRS Education Services University of Connecticut

3.11 McAfee Institute

Table 11 McAfee Institute certification listing and descriptions^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
Certified Counterintelligence Threat Analyst (CCTA)	Validates a candidate’s ability to identify and investigate cyber criminals, conduct cyber counterintelligence investigations to mitigate threats, and investigate and prosecute hackers and cyber criminals Prerequisites: Bachelor’s degree or higher and 3 years of experience in a related field, or associate degree and 4 years of experience Candidates must pass a background check Exam consists of 200 questions Valid for 2 years To renew, candidates must pay a renewal fee and obtain continuing education credits	Individuals in cyber security, law enforcement, loss prevention roles	N/A
Certified Cyber Intelligence Investigator (CCII)	Validates a candidate’s ability to conduct cyber investigations, utilize methodologies to prosecute cyber criminals, apply mobile and digital forensics, recognize fraud and hacking, and develop intelligence gathering. Perquisites: Bachelor’s degree or higher and 1 year of experience in a related field, or an associate degree and 2 years of experience Candidates must pass a background check Exam consists of 200 questions Valid for 2 years To renew, candidates must pay a renewal fee and obtain continuing education credits	Individuals in cyber security, law enforcement, loss prevention roles	N/A
Certified Cyber Intelligence Professional (CCIP)	Validates a candidate’s ability to conduct cyber investigations, utilize methodologies to prosecute cyber criminals, design and implement a cyber program, understand mobile and digital forensics, and recognize fraud and hacking Perquisites: Bachelor’s degree or higher and 3 years of experience in a related field, or an associate degree and 4 years of experience Candidates must pass a background check Exam consists of 200 questions Valid for 2 years To renew, candidates must pay a renewal fee and obtain continuing education credits	Individuals in cyber security, law enforcement, loss prevention roles	N/A
Certified Expert in Cyber Investigations (CECI)	Validates a candidate’s ability to recognize and identify cyber criminals, conduct cyber counterintelligence investigations to mitigate threats, protect an organization’s assets and information, and investigate and prosecute hackers and cybercriminals Prerequisites: Bachelor’s degree or higher and 4 years of experience in a related field, or an associate degree and 6 years of experience Candidates must pass a background check Exam consists of 200 true/false, multiple choice, and scenario-based questions. Valid for 2 years To renew, candidates must pay a renewal fee and obtain continuing education credits	Individuals in cyber security, law enforcement, loss prevention roles	N/A

3.12 Offensive Security

Table 12 Offensive Security certification listing and descriptions^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
Offensive Security Certified Expert (OSCE)	Demonstrates that a candidate has a mastery of advanced penetration testing skills; analyze, correct, modify, and port exploit code; and craft binaries to evade antivirus software Candidates should have prior knowledge of Windows exploitation techniques, Linux experience, and a solid understanding of TCP/IC and networking Candidates must complete the Cracking the Perimeter course before attempting exam Exam has a 48-hour time limit and consists of hands on penetration testing in an isolated VPN network; must also submit a comprehensive test report	Penetration Testers Security Professionals	N/A
Offensive Security Certified Professional (OSCP)	Validates the knowledge and skills needed to identify vulnerabilities and execute organized attacks in a controlled and focused manner Intended for penetration testers with strong technical and ethical hacking backgrounds, and a solid understanding of TCP/IP networking Candidates must first complete the Penetration Testing training course Certification is hard to obtain due to its notoriously difficult exam Candidates must pass a 24-hour exam where they are required to attack and penetrate live machines in a safe lab environment; must also submit a comprehensive penetration test report Certification never expires	Penetration Testers Network Administrators Network Security Professionals	N/A
Offensive Security Exploitation Expert (OSEE)	Requires significant time investment Validates a candidate’s ability to analyze vulnerable software, find problematic code, develop sophisticated exploits under various modern Windows operating systems Candidates should have experience in developing windows exploits and understand how to operate a debugger Candidates must complete the Advanced Windows Exploitation course before attempting the exam Candidates should obtain OSCE certification first Exam consists of developing and documenting exploits during a 72-hour period; must also submit a comprehensive penetration test report Certification qualifies the recipient for 40 (ISC)2 continuing education credits Certification never expires	Penetration Testers	N/A
Offensive Security Web Expert (OSWE)	Validates that a candidate has practical knowledge of web application assessment and hacking process; and ability to review advanced source code in web applications, identify vulnerabilities, and exploit them Candidates should have familiarity with coding languages and Linux, ability to write scripts, experience with web proxies, a general understanding of web app attack vectors, theory and practice, and a solid understanding of TCP/IP and networking Candidates are required to take the Advanced Web Attacks and Exploitation course before attempting the exam 48-hour exam consisting of hands-on web application assessment in an isolated VPN network; successful candidates must also submit an assessment report Certification never expires	Penetration Testers Web Application Security Specialists Software Engineers Web Developers	N/A
Offensive Security Wireless Professional (OSWP)	Validates a candidate’s ability to identify existing encryptions and vulnerabilities in 802.11 networks, circumvent security restrictions and recover encryption keys in use Candidates must have a solid understanding of TCP/IP and the OSI model, familiarity with Linux Candidates must complete the Offensive Security Wireless Attacks course before attempting the exam 4-hour exam requires that candidate to conduct wireless info gathering, and implement various attacks to get access to the target networks; must also submit a penetration test report Certification never expires	Network Administrators Penetration Testers	N/A

3.13 SECO Institute

Table 13 Listes et descriptions des certifications du SECO Institute^{Footnote 3}
Certification	Certification Overview	Intended Candidates	Vendors/Training Providers
Certified Ethical Hacker (S‑EHE)	Program is currently being re-designed	N/A	N/A
Dark Web Foundations	Entry-level certification Developed by the Netherlands Organisation for Applied Scientific Research in collaboration with INTERPOL Demonstrates that a candidate understands how to use the dark web in a secure way Exam consists of 40 multiple choice questions Valid for 3 years	IT Security Professionals Law Enforcement Policy makers and Government Officials	APMG International Innovative Learning Security Academy
Ethical Hacking Foundations (S‑EHF)	Entry-level certification Validates that a candidate has an in-depth understanding of basic penetration testing techniques and possesses fundamental hacking skills Exam consists of 40 multiple choice questions	Web Developers Computer Software Engineers Security Administrator Network Engineer Ethical Hackers	Global Knowledge Security Academy
Ethical Hacking Practitioner (S‑EHP)	Validates that a candidate has a full understanding of the penetration testing process and familiarity with common penetration testing techniques Candidates should have a good understanding of ethical hacking fundamentals S-EHF certificate (or equivalent) is recommended 3-part exam: 10 multiple choice questions, 5 essay type questions and 1 case study To renew, candidates must pay annual membership fees and obtain 60 continuing education credits over the 3-year period	Web Developers Security Administrators Network Engineers Computer Software Engineers Aspiring Penetration Testers	Global Knowledge Security Academy
IT Security Expert/SOC (S-ITSE/SOC)	Validates that a candidate has acquired the knowledge and skills necessary to assume responsibility for threat detection, analysis and response, and can improve an organization’s overall security poster Candidates should have a basic understanding of TCP/IP, operating system fundamentals and common security concepts, and 2 years of experience in a SOC Prerequisite is the S-ITSP or equivalent Valid for 3 years To renew, candidates must pay annual membership fees and obtain 120 continuing education credits over the 3-year period	Individuals that want to become Tier 1/Tier 2 Soc Analysts Future SOC Managers System Engineers Security Analysts	Global Knowledge Security Academy
IT Security Foundation (S‑ITSF)	Entry-level certification Validates that a candidate has a basic understanding of computer architecture, common hardware vulnerabilities and security measures No prerequisites and suitable for beginners with basic understanding of computers and technology Exam consists of 40 multiple choice questions Valid for 3 years	Network or System Administrator Individuals looking to start a career in IT Security	APMG International Global Knowledge Mangates Security Academy
IT Security Practitioner (S‑ITSP)	Validates a candidate’s technical competencies in vulnerability management, firewall and network security, security architecture and penetration testing Candidates should have a good understanding of fundamental IT security terms, concepts and principle IT Security Foundation certificate (or equivalent) is recommended Exam includes 10 multiple choice questions, 5 open questions, and 1 case study Valid for 3 years To renew, candidates must pay annual membership fees and obtain 60 continuing education credits over the 3-year period	Security Administrators Security Analysts Security Architects Security Auditors Future Security Operations Centre Analysts	Global Knowledge Security Academy

Top of page

Footnotes

Footnote 1

Reference: Cyber Crime Magazine,“10 Hot Cybersecurity Certifications for IT Professionals to Pursue in 2020”, 24 May 2020.

Return to footnote 1 referrer

Footnote 2

Formerly DoD 8750; DoD Cyber Workforce Management Directive, for personnel who support DoD intelligence, security, and law enforcement missions in cyberspace, aims to unify the cyberspace workforce and establish specific workforce elements to standardize cyberspace work roles, qualifications, and training requirements

Return to first footnote 2 referrer

Footnote 3

Every effort has been made to ensure the accuracy of the information in this table; however, the information is subject to change at any time.

Return to footnote 3 referrer

Language selection

Search

Certifications in the field of cyber security - 2020

Foreword

Revision history

Table of contents

List of Tables

1.0 Introduction

1.1 The Canadian Centre for Cyber Security

1.2 Purpose

2.0 Globally recognized certifications bodies

2.1 CertNexus

2.2 Cisco Systems

2.3 Computing Technology Industry Association

2.4 Council for Registered Ethical Security Testers

2.5 Certified Wireless Network Professionals

2.6 EC Council

2.7 Global Information Assurance Certification

2.8 International Information Systems Security Certification Consortium

2.9 ISACA

2.10 itSM Solutions

2.11 McAffee Institute

2.12 Offensive Security

2.13 SECO Institute

2.14 Cyber Credentials Collaborative

3.0 Cyber Security certification listings and descriptions

3.1 CertNexus

3.2 Cisco Systems

3.3 CompTIA

3.4 Council for Registered Ethical Security Testers (CREST)

3.5 Certified Wireless Network Professions (CWNP)

3.6 EC Council

3.7 Global Information Assurance Certification (GIAC)

3.8 International Information Systems Security Certification Consortium

3.9 ISACA

3.10 itSM Solutions

3.11 McAfee Institute

3.12 Offensive Security

3.13 SECO Institute

Thank you for your help!