The Certified Windows Security Specialist (CWSS) certification is designed to assess the knowledge and skill set of designing, implementing, maintaining a security Windows operating system environment. Candidates should have experience in the following areas in order to sit for the exam:
- Windows vulnerabilties and common exploits
- Familiarity with malware and it's attack vector
- Implementation Best Practices on multiple Windows Operating Systems
- Passive traffic identification
- Policies, standards, and guidelines of Windows machings and networks
- Network Security Fundamentals
- Privilege Escalation Opportunities
- .Net Secure Remoting
- Windows Forms Security
- Domain Impersonation of Windows Named Pipes
- SQL Server: Exploitation and Defense
- ASP.NET Security
- Running in RAM vs. on disk
- Advanced SQL Injection
- .Net Security tokens, XML signature, XML canonicalization, and XML encryption
- .Net WS-Trust and WS-SecureConversation
- Error Control Verbosity Abuse
The IACRB is:
- An industry standard organization.
- Formed by information security professionals.
- A not-for-profit legal entity with a sole mission to certify individuals.
- Requires all exam candidates to pass a hands-on practical examination.
All certifications offered by the IACRB are composed of a traditional multiple choice exam, as well as a hands-on practical exam. The goal of this two step process is to determine if a certification candidate possesses the required knowledge of theories and concepts. Additionally, the second step is designed to rigorously test the ability of the candidate to perform job relevant, hands-on technical skills related to information assurance.
Skilled information assurance professionals are the most important piece in the information security puzzle. Candidates that achieve a certification that requires proficiency beyond book knowledge is a valuable method of differentiating skill levels of information assurance professionals.
Benefits of IACRB certification to the Professional:
- Demonstrates theoretical knowledge of information assurance.
- Confirms commitment to information assurance profession.
- Serves as a differentiator in the highly competitive information security job market.
- Provides access to a network of certified individuals.
Benefits of IACRB certification to the Employers:
- Establishes a base-line skill level requirement for highly technical positions.
- Ensures that individuals have required hands-on skills to perform on the job.
- Access to a network of subject matter experts.