Accessibility Links

Accessibility Links

English 繁體版 简体版

Navigation Menu 1

General UsersYoungsters & StudentsParents and TeachersIT ProfessionalsSME
FAQ Search :
Change text size: Text Size: Default Size (A) Text Size: Larger (A) Text Size: Largest (A)
general user youngsters and students parents and teachers IT professionals sme

Navigation Menu 2




Security Certifications

There are numerous studies available in the field that focuses on information security as a professional qualification. They are some commonly recognised international, national or industry certificates but do not mean to be exhaustive. The listed certifications below does not in any way imply endorsement by the Government of the Hong Kong Special Administrative Region, but some examples categorising into Product Neutral and Product Oriented ones for reference:

Product Neutral Certifications

Certified Information Security Professional – Hong Kong (CISP-HK)
This certification is issued by the China Information Technology Security Evaluation Centre (CNITSEC).  CISP-HK is fully localised for applicants in Hong Kong.

Certified Internet Webmaster (CIW) Certifications
CIW offers vendor-neutral Web technology certification programs for professional, including Web design, Web development and Web security. The CIW Web Security series include three certifications:

  • CIW Web Security Associate certification
  • CIW Web Security Specialist certification
  • CIW Web Security Professional certification.

CESG Certified Professional Scheme (CCP)
The CESG Certified Professional (CCP) scheme is the UK Government’s approved standard of competence for cyber security professionals and provides an independent assessment and verification process for those working in Information Assurance (IA). The UK government’s National Technical Authority for Information Assurance (CESG) is the information security arm of Government Communications Headquarters of UK. Please visit the website of BCS for more details.

Computing Technology Industry Association (CompTIA) Certifications
CompTIA has developed training and certification exams for computing support, networking, security, open-source (Linux) development, cloud and mobility. The professional certifications on cyber security include:

  • CompTIA Security+
  • CompTIA CySA+
  • CASP+
  • CompTIA PenTest+

CREST provides various levels of professional certifications in cyber security. It provides examinations in mainly three levels, namely Practitioner, Registered and Certified. Following categories of examinations are being provided:

  • Penetration Testing Examinations
  • CBEST / Simulated Target Attack and Response (STAR) Examinations
  • Certified Functional Continuity Professional (CFCP)
  • Incident Response Examinations
  • Security Architecture Examination

DRI International 's Business Continuity Professional Certifications
DRI International provides various levels of certification for business continuity planners. Here are some examples:

  • Associate Business Continuity Planner (ABCP)
  • Certified Business Continuity Vendor (CBCV)
  • Certified Functional Continuity Professional (CFCP)
  • Certified Business Continuity Professional (CBCP)
  • Master Business Continuity Professional (MBCP)

EC-Council Certifications
EC-Council is a cyber security technical certification body。The professional certifications include:

  • Certified Chief Information Security Officer (CCISO)
  • Certified Ethical Hacker (CEH)
  • Computer Hacking Forensics Investigator (CHFI)
  • Certified Security Analyst (ECSA)

(ISC)2 Information Security Certifications
(ISC)2 offers several information security certifications and concentrations related to specific certifications. Here are some examples:

  • CAP - Certified Authorization Professional
  • CCFP - Certified Cyber Forensics Professional
  • CCSP - Certified Cloud Security Professional
  • CISSP - Certified Information Systems Security Professional
  • CISSP Concentrations
    • ISSAP - Information Systems Security Architecture Professional
    • ISSEP - Information Systems Security Engineering Professional
    • ISSMP - Information Systems Security Management Professional
  • CSSLP - Certified Secure Software Lifecycle Professional
  • SSCP - Systems Security Certified Practitioner
  • Associate of (ISC)2 Designation
  • Fellow of (ISC)2

These are vendor-neutral programs. CISSP is targeted at executives, while CISSP Concentrations are targeted for experienced information security professionals and SSCP is appropriate for security specialists in the field. CAP credential is to measure the professionals' knowledge, skills and abilities involved in the process of certifying and accrediting the security of information systems. There are also Associate Programs for CISSP and SSCP for those who pass these examinations but without the experience required for the certifications.

Information Systems Audit and Control Association (ISACA) Certifications
The program is designed for IS audit, control and security professionals. It offers four certifications:

  • Certified Information Systems Auditor (CISA)
  • Certified Information System Manager(CISM)
  • Certified in the Governance of Enterprise IT (CGEIT)
  • Certified in Risk and Information Systems Control (CRISC)
  • CSX Practitioner (CSX)

ISO/IEC 27001 Lead Auditor
The ISO/IEC 27001 Lead Auditor certification consists of a professional certification for auditors specializing in information security management systems (ISMS) based on the ISO/IEC 27001 standard and ISO/IEC 19011.

Offensive Security Certifications
Offensive Security provides penetration testing courses and certifications for information security professionals. Its certifications include:

  • Offensive Security Certified Expert (OSCE)
  • Offensive Security Certified Professional (OSCP)
  • Offensive Security Exploitation Expert (OSEE)
  • Offensive Security Web Expert (OSWE)
  • Offensive Security Wireless Professional (OSWP)

SANS Global Information Security Assurance Certification (GIAC)
The first ever vendor-neutral security certifications for IT security professionals. GIAC currently offers certifications for over 20 job-specific responsibilities instead of general purpose information security knowledge. It covers various IT/IT Security job disciplines such as Security Administration, Management, Audit and Software Security. Here are some examples:

  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Security Expert (GSE)
  • GIAC Systems and Network Auditor (GSNA)
  • GIAC Web Application Penetration Tester (GWAPT)

Product Oriented Certifications

Check Point Certified Security Administrator (CCSA) & Check Point Certified Security Expert (CCSE)
A CCSA possesses the skills to define and configure security policies that enable secure access to information across corporate networks. The CCSE certification is recognised as the industry standard for Internet security certifications as CCSEs possess expertise to configure VPN-1/FireWall-1 as an Internet security solution and virtual private network (VPN) that securely connects corporate offices and remote workers, protecting information exchange and granting access to network resources.

The Cisco Certified Network Professional (CCNP) Security and Cisco Certified Internetwork Expert (CCIE) Security
CCNP SeCCNP Security requires a Cisco Certified Network Associate designation and proficiency with Cisco firewalls, intrusion detection systems and VPNs; whereas Cisco Certified Internetwork Expert (CCIE) Security covers IP, IP routing, and specific security components.

The Juniper Networks Certification Program (JNCP) Junos Security Certification
Juniper Networks offers this program that allows participants to demonstrate competence with Juniper Networks technology. Successful candidates demonstrate thorough understanding of security technology in general and Junos software for SRX Series devices.

Symantec Certifications
Symantec offers specialist certification credentials for its security products, including Symantec Certified Specialist (SCS), etc.

Back back to topTop

Footer Menu

Sitemap | Contact Us | Privacy Policy | Important Notices
General Users Youngsters & Students Parents & Teachers IT Professionals SME