Program, Courses, and Exam
The CERT organization has created its first certification program, the Certified Computer Security Incident Handler (CSIH), which is specifically for incident handling professionals (or those of whom have experience), trainers and educators. It is intended for those computer security experts, educators, and trainers who already have experience in incident handling. The CSIH certification program can be earned from the Software Engineering Institute (SEI) at Carnegie Mellon University. Interested candidates must submit the Certification Application, the Certification Recommendation Form, and send in a current resume.
The courses for the certification are as follows: (1) Fundamentals of Incident Handling, (2) Advanced Incident Handling, (3) Information Security for Technical Staff, and (4) Advanced Information Security for Technical Staff. Details about the courses (topics, prerequisites, and materials), dates and schedule, as well as course fees, can be found at the SEI Web site.
Note: SEI’s CERT Virtual Training Environment (https://www.vte.cert.org/vteWeb/) provides online courses. (Check out the SEI eLearning Portal too.)
As part of the incident-response certification, an exam must be taken. The exam consists of 46 multiple choice questions and one essay question. A score of at least 80% is required to pass. Individuals are allotted 3-hours to complete the exam. Examination Fee: $499 (USD). (That price covers the cost to take the examination to become certified.)