Center for Qualified CyberSecurity Excellence & Mastery

"Where Qualified Cyber Education Happens"

Text Box: Security University Testing

7 Steps to SUT Q/ISP Certification

"What do I have to do to become a SUT Q/ISP?"

One of the most common questions by potential candidates is “What do I have to do to become a SUT Q/ISP?” The SUT Q/ISP Certification process includes several stages, each one building on the other, to create a highly skilled cybersecurity professional.

1.) Are You Eligible?

First thing potential candidates need to do is determine application eligibility. Have you completed the Q/PTL, Q/FE, QND practicals? Have you passed a Q/EH (or CEH Exam) Q/SA, Q/FE, Q/ND with a score of 70 or better?
It's recommended for candidates to download the Security University Handbook Guide for more detailed information.

2.) Do I need An Accredited Degree?

The SUT Q/ISP has no academic requirement.

3.) Do You Have Enough Experience?

To demonstrate eligibility for SUT Q/ISP Certificate, a candidate must submit a resume that complies with SUT education, work experience, and professional conduct requirements:

•  Education requirement- 1 yr network, IA or cybersecurity experience.
•  1 yr Work experience requirement- network, IA, or cybersecurity
•  Agree to adhere to the SUT Code of Ethics and Professional Conduct and affirm no history of felony convictions related to the practice of IS/ IA Cybersecurity.
•  Payment of the $50 renewal application fee.

Experience in the specified certifications qualifies as security experience but does not qualify as SUT Q/ISP validated hands-on professional experience which can only be achieved from providing the required Certification Practical. Non-professional work, even in the applicable certifications does not satisfy the SUT Q/ISP validation requirement. Professional work is compensated by salary, retainer, fee, or commission or pay by per hour. SU does not exempt wage and hour workers from SUT Certifications.

4.) Send In Your Application
SUT reviews Q/ISP application materials (Official Transcripts, Particpation Certificates, Application Forms, Practical Completion Certificate).

5.) Purchase Your Exam(s)
You may purchase an examination voucher at any time on the SUT website.

6.) Sit For Your Exam(s)
SUT's Q/ISP Q/EH, Q/SA, Q/FE, Q/ND examinations provider Testrac has hundreds of test centers located around the world which are open every business day (some also have weekend and holiday hours). SUT's Q/ISP Q/EH, Q/SA, Q/FE, Q/ND Examinations are delivered via computer at the test center and authorized Security University and Securty University Testing partners. As soon as candidates submit their exam, official results are available immediatly. Candidates who fail remain eligible to purchase a new examination re-take.

7.) Pay an annual renewal fee and meet Recertification requirements
After completing all of the requirements, SUT will award candidates who pass all the SUT Q/ISP exams and Practicals the SUT Q/ISP Certificate. The SUT Q/ISP designation is awarded on an annual basis and those holding this designation must pay an annual fee in order to retain the use. An annual fee also applies to all SUT Q/ISP's who challenge the SUT Q/ISP exam, and pass the Comprehensive Practical's to earn the SUT Q/ISP credential.

SUT Q/ISPs must remain up-to-date with CPE's annually.

Code of Ethics

All qualified cybersecurity professionals who earn the SUT Q/ISP Qualification/Certification recognize that such qualification is a privilege that must be earned, validated and maintained. In support of this principle, all SUT members are required to commit to fully support this Code of Ethics and Professional Conduct (the "Code"). SUT qualified credential holders who intentionally or knowingly violate any provision of the Code will be subject to action by a peer review panel, which may result in the revocation of qualification. A Certificate candidate is obligated to follow the ethics complaint procedure upon observing any action by a SUT qualification holder that breaches the Code. Failure to do so may be considered a breach of the Code.

Before SUT grants qualification / certification under any of its Q/ISP certification programs, candidates must agree to the terms and conditions of the Q/ISP Certification Agreement before taking each exam. The candidate agreement is located on Q/ISP exam registration application on the SUT Testrac registration website.

There are 3 mandatory guidelines in the Code. By necessity, high-level guidance is not a substitute for the ethical judgment of the Qualified Cybersecurity Professional.

Guidance is provided for the Code and is intended to help IS, IA and Cybersecurity Professionals identify and resolve any ethical dilemmas they confront during the normal course of their Q/ISP Qualified/Information Security Profession (Cybersecurity) career.

Code of Ethics Preamble:

To each other requires that we adhere, and be seen to adhere, to the highest ethical standards of behavior. Strict adherence to this Code is a condition of Qualification.

Code of Ethics Guideline:

•  Protect society, the commonwealth, and the infrastructure.
•  Act honorably, justly, honestly, legally and responsibly.
•  Provide diligent and competent service to principals.
•  Advance and protect the profession.
•  Compliance with the preamble and guidelines is mandatory. If conflicts arise they should be resolved and are not intended to create ethical binds.

Guideline 1: Act honorably, responsibly, and legally

•  Tell the truth.
•  Observe all contracts and agreements, express or implied.
•  Treat all members fairly.
•  Take care to be truthful, objective, cautious, and within your competence. Give prudent advice; avoid raising unnecessary alarm or giving unwarranted comfort.

Guideline 2: Provide diligent and qualified services

•  Preserve the value of their systems, applications, and information.
•  Respect their trust and the privileges that they grant you.
•  Avoid conflicts of interest or the appearance thereof.
•  Work on systems for which you are fully qualified and validated.

Guideline 3: Advance and protect the profession

•  Sponsor for professional advancement those best qualified. All other things equal, prefer those who are qualified, validated and who adhere to these guidelines.
•  Maintain your competence; keep your hands-on security skills and knowledge current. Give generously of your time and knowledge in training others .