CNSS Recognition

I recently passed my CCNA Security exam which nets me the CNSS 4011 recognition.

I know to get the CNSS 4013 recognition I can pass the CCNP Security exams.

Are there any other certs that can get me any of the other CNSS levels like CNSS 4012, 4014, 4015, 4016 etc? Or would I need to take college courses or online courses to get those?

I have yet to receive the CNSS 4011 thing in the mail so I'm not entirely sure what to expect. It sounds like a letter rather than a certificate or a certification. Should I put CNSS 4011 down as a certification or just a certificate on my resume (or neither)?

Find more posts tagged with

Comments

LarryDaMan

I understand the CNSS standards and I know what the committee does but I'm a bit ignorant of the real value of this? There is some value in maybe helping you choose a sound degree/certification program, but who else cares?

Would this be something you want on your resume? Are employers requiring/verifying CNSS compliance or even caring? I think the answer is no, but I see several people listing them on this site, so maybe I am wrong.

Thoughts?

redz

I put all of my CNSS certifications on one line: "CNSS 4011, 4012, 4015, 4016A", or whichever four I have, on my resume. I never remember which ones; they don't really mean much to me.

Anyhow, I know that CNSS recognizes organizations that meet the criteria to award 40XX, but as the NIST site is down due to lolgovermints, I can't really tell you which organizations/courses are accredited to provide those certifications. It'll probably take a bit of searching on your part, or a bit of patience while waiting for the government to re-open.

EDIT:

LarryDaMan wrote: »

Would this be something you want on your resume?

It is very job-dependent. For most federal government IA work, yes, you very much want them on your resume, even though they're very unlikely to be requested. I'm not going to bother wasting the resume real estate on a resume I'm sending to a bank, though, you know?

LarryDaMan

redz wrote: »

but as the NIST site is down due to lolgovermints

and this is why I am on my couch.

I did drive by the NIST campus to get breakfast this morning though, it's still there.

Norbie

LarryDaMan wrote: »

I understand the CNSS standards and I know what the committee does but I'm a bit ignorant of the real value of this? There is some value in maybe helping you choose a sound degree/certification program, but who else cares?

Would this be something you want on your resume? Are employers requiring/verifying CNSS compliance or even caring? I think the answer is no, but I see several people listing them on this site, so maybe I am wrong.

Thoughts?

Before the government had shutdown I was in talks with a headhunter for a government IT job. If it can't help me land a job like that then I guess you are correct and it is irrelevant...but I didn't know it was irrelevant when I made the post obviously.

LarryDaMan

redz wrote: »

For most federal government IA work, yes, you very much want them on your resume

Thanks. Who knew? It has never been brought up in all of my years of federal government related work.

redz

Irrelevant is strong terminology. It has its niche, and it is a requirement for several things. I've had my 4016A verified twice since I got it in 2012. However, I no longer work for the DoD.

SephStorm

Meh, i'd be terribly surprised. CEH and some related courses (QEH) are accredited. Honestly i've never seen them on a requirements listing for a job, the mainline cert is probably more valuable. Basicly my understanding is that the "cert" just recognizes that the course meets the training requirement, its not a valuation of ability or even knowledge.

sadfjlfdo24

The relevance of NSA accreditation relates to the scholarship that DOD offers. If the school's MSIA/Cybersecurity/Digital Forensics/CS program is not accredited, you wont be able to apply for that DOD scholarship. Most schools are 4011/4013, but the really hardcore programs have 4012-4016 at (A)dvanced level. To give you an example where it becomes relevant - if you are a senior level manager applying for a promotion, you will need to have it:
"Heads of U.S. Government departments and agencies shall ensure that SSMs, viz., CIOs, DAAs, CTOs, etc., are trained to the level of proficiency outlined in this instruction, and that such training is provided to those requiring it at the earliest practicable date"

Then again, our government is so dysfunctional, most of the guidelines for senior level positions are not followed, and you have clueless senior level managers in federal government racking in $180k+ with a bachelors degree.

SephStorm

Thank you for that, Do you have any ideas on which programs are Advanced level?

I used to look at whether a school was a NSA CAE/R, again, for obvious reasons, but I wasn't aware of the CNSS designation having anything to do with it. Maybe its just now becoming well known.

sadfjlfdo24

SephStorm wrote: »

Thank you for that, Do you have any ideas on which programs are Advanced level?

I used to look at whether a school was a NSA CAE/R, again, for obvious reasons, but I wasn't aware of the CNSS designation having anything to do with it. Maybe its just now becoming well known.

Advanced level programs will have an (A) at the end - for example 4016A.

There are two lists - one that certifies the school as whether it is CAE/IAE or CAE/R and one that certifies individual programs directly:

Centers of Academic Excellence - Institutions - NSA/CSS
IA Courseware Institutions

This is the scholarship itself, which does come with strings attached - but in a good way. You would be required to work for a defense contractor after you graduate:

Information Assurance Scholarship Program (IASP)

SephStorm

Thank you, CCNP Sec is 4013A

Any idea what the "e" qualifier is? i.e 4016E

sadfjlfdo24

SephStorm wrote: »

Thank you, CCNP Sec is 4013A

Any idea what the "e" qualifier is? i.e 4016E

The E, I, or A at the end are:

ENTRY LEVEL: Given various scenarios and typical situations containing
information systems security issues, the SA will be able to describe and apply the
appropriate actions to manage and administer an IS in a secure manner. To be acceptable,
the description and application must be in accordance with applicable IA regulations,
policies, and guidelines.

INTERMEDIATE LEVEL: Given various scenarios and typical situations
containing information systems security issues, the SA will be able to explain and
implement the appropriate actions to manage and administer an IS in a secure manner. To
be acceptable, the explanation and implementation must be in accordance with applicable
IA regulations, policies, and guidelines.

ADVANCED LEVEL: Given various scenarios and typical situations containing
information systems security issues, the SA will be able to verify that the appropriate
actions are implemented to manage and administer an IS in a secure manner. To be
acceptable, verification must be in accordance with applicable IA regulations, policies,
and guidelines.