Center for Qualified CyberSecurity Excellence & Mastery

"Where Qualified Cyber Education Happens"

Text Box: Security University Testing

SUT Certificate Programs of Mastery and Certificaions

Q/ISP ® Qualified/ Information Security Professional
Q/EH ® , Q/SA ®, Q/FE ® , Q/ND ® identifies and certifies persons who subscribe to a rigorous requirement for maintaining their knowledge and proficiency with validated cybersecurity skills.

Q/ISP  Q/EH  Q/SA  Q/FE  Q/ND

Q/ISP® Certification Exam CNSS 4011/4012/4013/4015/4016A
Q/EH® Qualified/ Ethical Hacker Certification
Q/SA® Qualified/ Security Analyst Certification.
Q/FE® Qualified/ Forensic Expert Certification
Q/ND® Qualified/ Network Defender Certification

Who Should Apply?

SUT Q/ISP (Q/ISP exam is a 125 question multiple choice - true false online certification exam) and related Q/EH, Q/SA, Q/FE, Q/ND (micro-badge certification) exams has been created for Information Security Professionals including, Cybersecurity Professionals, Network Engineers, Vulnerability and Threat Analysis Professionals, Computer Network Incident Handling and Incident Responder Professionals, Computer Security Incident Response Team (CSIRT) members, Network Security Architects, Network Cyber Defenders and technical staff including system and network administrators with cyber security experience who want to earn a CyberSecurity Skills Certification. The SUT Q/ISP certification is recommended for computer security professionals with a minimum of 6 months of experience in network security or equivalent security-related experience. Membership in an association is never required for eligibility in any SUT Certificate or Certification.

More specifically, it supports individuals who:

Are knowledgeable and skilled in the latest qualified hands-on practices in the cyber security field;
Have the hands-on cyber security skills to help an organization reach its security goals;
Have completed an industry-leading hands-on performance based qualification track that validates their security skills;
Are committed to a professional code of conduct that raises them above all "certified but non validated" practitioners in the field; and
Ensure that their organizations stay current on recent threat risk, and threat reduction and security innovations/ research in the computer security field.

SUT provides information security certifications for Industry IT managers and Information Security (IS) professionals. SUT was founded in 1999 to validate the real-world hands-on tactical security skills of IT security professionals. SUT's purpose is to validate and provide assurance that a certified individual has tactical knowledge and hands-on cyber security skills in key areas of computer (cyber) security and information assurance. SUT offers IS and IA and cyber certifications for job-specific responsibilities that reflect the current practical requirements of information security under the DoD 8570 IA Workforce Directive and the NSA's CNSS 4011, 4012, 4013A, 4015, 4016E,I and A standards. SUT is unique as the first certification to measuring, test and validate specific tactical security skills knowledge areas, instead of general purpose information security knowledge. SUT certifications are classified in four subject areas:

Qualified/ Information Security Professional and related Certifications:
Qualified/ Ethical Hacking (Q/EH)
Qualified/ Security Analysis & Penetration Testing (Q/SA)
Qualified Penetration Testing License (Q/PTL)
Qualified/ Forensic Expert (Q/FE)
Qualified/ Network Defense (Q/ND)

There is no particular order in which SUT Q/ISP certifications should be earned, however we recommend that candidates start with a review of the Q/ISP certification objectives and topic areas which are outlined for each of the four Q/ISP certification exams. Once an individual earns a SUT certification, he or she can build upon this knowledge of tactical security skills by focusing on the three remaining SUT Certifications to ultimately earn Security University's Certification.

Students who earn their Q/ISP are Highly Qualified Experts who have earned SU's CyberSecurity Master Certification or SU's Information Security and Information Assurance Graduate Certification (provided they have a Bachelor's Degree from an Accredited University program).

What is a SUT Certification:

Earning a SUT certification requires passing one proctored certification exam. SUT certifications assure that an individual has learned the tactical real-world security skills covered by specific certification objectives. For example, if an individual wants to hire someone who knows how to properly secure a firewall, a Q/ND certification holder would be a good candidate for the job. http://Security University.net/certifications

What is a Q/ISP:

Earning a SUT Q/ISP certification requires passing four proctored certification exams (Q/EH, Q/FE, Q/SA, Q/ND) and completing three hands-on Q/ISP practical's (Q/PTL, Q/FE, Q/ND). SUT certifications assure that an individual has learned the tactical real-world cybersecurity skills covered by specific related Q/ISP certification objectives.

Eligibility:

To demonstrate eligibility, candidates must submit an application documenting compliance with the following formal education, work experience, and professional conduct requirements:

Professional Experience Guidelines.

Experience in the specified certifications qualifies as security experience but does not qualify as validated hands-on professional experience which can only be achieved from providing the required Certification Practical. Non-professional work, even in the applicable certifications does not satisfy the Q/ISP validation requirement. Professional work is compensated by salary, retainer, fee, or commission or pay by per hour. SU does not exempt wage and hour workers from SUT Certifications.

Applicants become eligible to take the SUT Q/ISP certification examination upon successfully documenting the following requirements:
Registered for the Q/ISP certification as a Security University Testing candidate or have passed the following exams with a 70% or better (Q/EH, Q/SA Q/PTL, Q/FE, QND) content or complete the Q/EH, Q/SA, Q/FE and Q/ND Certification exams with a 70% pass or better AND complete the Q/PTL, Q/FE, Q/ND hands-on tactical Security Practical reports.

Completed Registration Application
Completed Verification of Experience Form
Documentation of current cybersecurity skills experience and endorsement letter
Pay exam fees

The Q/ISP application fee is $450 with 3 Practical reviews. This professional has not taken any Q/ISP micro badge exams. In order to achieve your Q/ISP Cybersecurity Certificate Program of Mastery, you have to pass the Q/ISP exam, and complete the Q/PTL, Q/FE and Q/ND hands-on performance-based practicals.

Q/ISP EXAM Objectives:

Candidates should ensure that they prepare appropriately for questions in the exam content areas listed below.
1. Security Testing (25%) 2. Security Analysis and Penetration Testing (25%) 3. Forensics Investigation (25%) 4. Network Defense (25%)

Specific Exam Content Areas:
The Q/ISP examination tests the candidate with regard to the competency and skills required to successfully perform the role of a Qualified/ Ethical Hacker - Security Testing Tools.
The subject matter covered on the certification exams falls into five major weighted content area groupings, as follows.
1.Protect Infrastructure (20%) 2.Event Detection (17%) 3.Triage and Analysis (28%) 4.Response (20%)
Sustainability (15%)

Exam Content Areas: The Q/ISP examination tests the candidate with regard to the competency and skills required to successfully perform the role of a Qualified/Security Analysis and Q/PTL Penetration Tester.
The subject matter covered on the certification exam falls into five major weighted content area groupings, as follows.
1.Protect Infrastructure (22%) 2.Event Incident Detection (28%) 3.Triage and Analysis (18%) 4.Response (30%) 5.Sustainability (12%)

Exam Content Areas: The Q/ISP examination tests the candidate with regard to the competency and skills required to successfully perform the role of a Qualified/Forensic Expert.
The subject matter covered on the certification exam falls into five major weighted content area groupings, as follows.
1.Protect Infrastructure (7%) 2.Event Incident Detection (17%) 3.Triage and Analysis (28%) 3.Response (40%) 4. Sustainability (8%)

Exam Content Areas
The Q/ISP examination tests the candidate with regard to the competency and skills required to successfully perform the role of a Qualified/ Network Defender.
The subject matter covered on the Q/ND certification exam falls into five major weighted content area groupings, as follows.
1.Protect Infrastructure (27%) 2.Event Incident Detection (17%) 3.Triage and Analysis (13%) 4.Response (25%) 4.Sustainability (18%)

A certification is proof an individual meets a minimum standard. The mission of SUT is to provide assurance to employers their people and prospective hires have qualified and “validated” cyber security skills to do the job of a cybersecurity professional. To accomplish this, SUT tests the tactical hands-on security skills of Security Testing (Ethical Hacking), Security Analysis & Penetration Testing, Forensics and Cyber Network Defenses of a CyberSecurity Professional.

The primary goal of the Q/ISP Qualification program is to qualify and validate the skills of IS/IA security professionals and software developers. Q/ISP certification provides assurances that a certified individual meets a minimum level of cyber security hands-on skills necessary to do their job. The standards for the Q/ISP certification program were developed using the highest benchmarks in the industry.

Benfits of Professional Certification:

What are the Benefits of Obtaining Professional Certification? Certification provides employers and consumers with an assurance that the qualified individual has attained a highly defined level of understanding or ability against a particular skill set or body of knowledge, and will maintain that level of expertise over a specific period of time. The certification renewal requirement ensures that certified, qualified and validated individual continually maintain and expand their knowledge and skills in the profession while keeping informed of advancements and updates in their field. Certification is required for employment in some professions, whereas in other fields, certification and qualification provides a competitive advantage to individuals who hold a particular credential.

Security University a wholly independent company offers singularly unique computer cybersecurity, IS and IA training and certification classes with escalating workshops and tactical security performance based hands-on labs that validate the professional's security hands-on skills.

A SU "Qualified" certification is validation that an individual has met the Q/ISP tactical security standard and is the only certification to provide validation to employers that their people and prospective hires are "Qualified" in that specific security skill.

We judge our success through our ability to provide the highest-quality hands-on Information Security Certificate/ Qualifications, as perceived by our customers, while achieving a steady growth in revenue and profit, and providing our personnel with the opportunity for individual development and achievement.

The Q/ISP credential is valid for a period of four (4) years from the award date; at the end of that time, Qualification/ Certification holders must apply to be recertified by:
 Submitting a recertification application and Doc15 activity log,
 Paying the renewal application fee,
 Ensuring they are up to date on their current industry standards

Recertification is a mechanism for ensuring that Q/ISP Qualified Professionals have maintained or increased their knowledge and skills during the 4 year Qualification/ Certification period and that they are up to date on current industry standards. Continuing Professional Educational Units (CPEs) is a measurement to quantify and validate IS/IA Cybersecurity learning and development activities. One (1) CPE Unit is earned for every one (1) hour spent in a planned structured experience or activity within the limits set by SUT for each category of professional activity. SUT requires certified professionals to obtain 30 CPEs in the interval between Qualification/ Certification award and recertification to ensure that certificants maintain their hands-on tactical skills and are aware of emerging technologies and processes associated with cyber threat landscape.

SUT does NOT provide any educational or training programs. Individuals responsible for training are Security University course developers and instructors that are not be affiliated with or responsible for any credentialing activities including exam development, application processing, exam implementation, exam proctoring or the credential decision.


Training for a Q/EH, Q/SA, Q/FE or Q/ND credential does not make it easier to pass the credential exam. Each Q/ISP CPoM class includes 35+ hands-on performance based escalating labs to ensure your cyber skills, mastery and cyber competency.

Training for a Q/EH, Q/SA, Q/FE or Q/ND credential does not make it easier to pass the credential exam.