ADVANCE YOUR CAREER - Earn More, Be More than Certified
Q/ISP non degree CyberSecurity Certificate of Mastery

Where "Qualified" Happens

B Better/ B Qualified

Security University Q/ISP, Q/IAP, Q/SSE, Q/WP Qualification Programs

Get SU Email
Email Newsletter icon, E-mail Newsletter icon, Email List icon, E-mail List icon
SU eStudy online quizzes and e-resource

eStudy For Students DURING and CISSP study after class so you can pass!

The goals of eStudy is to help the students succeed by developing flexible knowledge, effective problem solving, effective test taking skills, intrinsic motivation which ultimately assists students with reading comprehension, content knowledge, or preparation for an examination. Working with the eStudy learning aide helps them identify what they already know, what they need to know, and how and where to access new information that may lead to resolution of the question. eStudy video help students continue to study and access "video study guides" for post class.

SU found that 76% more students (78% compared to 59%) scored Higher and were more Advanced in subject comprehension when using the eStudy iPads. Technology innovation is bringing change to the classroom and helping to extend learning to non-traditional students who make up the adult workforce. Yes, mobile devices are great for reading ebooks, PDFs, brainstorming notes, and doing web related research. Study shows the average test result from eStudy students using iPad mobile devices make efficient use of class time, score higher on their daily exams which they can track online, instantly strengthen their weaker skills and learn both thinking strategies and (increased) domain knowledge. This instructional tool is a post class tool when have left the classroom they can go back to specific domain from the class video to help prepare for their exam or use after they become certified.

Why Qualification Matters

The need for qualified, skilled and knowledgeable information security professionals has never been greater. Experience is the most important component of your value to an employer who needs something quantifiable and verifiable to show them you have the validated expertise they need.

Information security positions in Government and Industry are requiring certifications. Earning your Q/ISP means your have validated that your a "qualified" info sec professional. You can use the "Qualified TrustMark" on your resume to let people know you have validated your security skills with the most intense hands-on tactical security certifications in the world. You will have a higher earning potential and greatly expanded career opportunities with the Q/ISP certificate.

Your organization can also use the "Qualified TrustMark" on your proposals and RFI/ FRP's with 3 or more Q/ISP's in your organization.

Earning your Q/ISP certificate makes a statement about your commitment to CyberSecurity. You'll be recognized as an individual who is qualified to implement information security, who is knowledgeable, serious, and is a dedicated professional - a part of the globally recognized Q/ISP Qualified/ Information Security Professional family.

How we Help You
When it comes to educating and qualifying information security professionals throughout their careers, Security University is recognized as the global leader in hands-on tactical security skills. Our reputation has earned our Qualified certifications and world-class training programs recognition as the Only Standard in Qualified security skills education.

Your Q/ISP credential will open doors and provide networking opportunities at the highest level of information security, with the qualified support you need in today's information security industry.

Q/ISP Q/ISP® Qualified/ Information Security Professional CNSS 4011/ 4102/ 4013/ 4015/ 4016A
Q/SA® Qualified/ Security Analyst / Q/PTL® Qualified/ Penetration Tester License
Q/EH® Qualified/ Ethical Hacker Certification CNSS 4011/ 4012
Q/FE® Qualified/ Forensic Expert Certification CNSS 4011/ 4012/ 4013/4015 /4016
Q/ND® Qualified/ Network Defender Certification CNSS 4011/ 4012/ 4013/ 4015/ 4016A

Q/IAP® Qualified/ Information Assurance Professional
Q/AAP® Qualified/ Access, Authentication & PKI Professional
Q/NSP® Qualified/ Network Security Policy Admin + Services Oriented Architect (SOA)
Q/CA® Qualified/ Certification and Accreditation Process CNSS 4011/ 4012/ 4105/ 4016A

8570 / Cyber Network Defense classes
(ISC)²® CISSP® Prep Class & Exam
SSCP Systems Security Certified Practitioner
Security +
Q/WADQ/WP™ Wireless Certifications
Q/WP Qualified/Wireless Professional / CWNA Certified Wirless Network Administrator
Q/WSP Qualified/ Wireless Security Professional / CWSP Certified Wireless Security Professional
Q/WNA/Q/WSP Bootcamp Certified Wireless Network and Security Professional Bootcamp
Q/WAD® Qualified/ Wireless Analyst & Defender

Q/SSE Q/SSE® Qualified/ Software Security Expert Classes
Qualified SW Security Expert 5-Day Bootcamp
Qualified SW Security Penetration Testing
Qualified SW Testing Bootcamp (in-house only)
How to Break Web Security
How to Break Software Code
Fundamentals of Secure Software Programming
Qualified SW Security Hacker
Qualified SW Security Testing Best Practices
Introduction to Reverse Engineering

from date of your registration to 2 year in the future.. register for your SU class,
(CompTIA, CEH, ISACA, CWNP Exam fees are not included in class fee)

 Download the 2015 SU Qualification Security Roadmap

Q/ISP Certificate

This certificate is obtained through Security University for the purpose of recognizing qualified individuals who have distinguished themselves as knowledgeable and proficient information security practitioner skilled in hands-on tactical security. The Q/ISP certificate also provides THE only means of identifying and certifying qualified persons who subscribe to a rigorous requirement for maintaining their knowledge and proficiency in the information security profession with validated security skills and practical experience.

Certification is awarded to those qualified individuals who achieve a prescribed qualified level of  hands-on information security experience, comply with a professional code of ethics, and pass a rigorous examinations on the Q/ISP Body of Knowledge for information security. In order to maintain currency in the field, each Q/ISP must complete participation in research or study, attendance at recognized subject-matter training and professional educational programs, presentation or publication of information security papers, contributions to the information security Q/ISP Body of Knowledge, or service in professional organizations. Each Q/SIP must acquire 120 CPE continuing professional education credits every three years.

Running Like Clockwork: Certification Mark Best Practices After the Swiss Watch International Case

Authored by B. Brett Heavner

Consumers are increasingly demanding guarantees that the products and services they purchase meet their desired standards, whether those standards relate to safety, energy conservation, or organic-farming methods. In response, industries seek to establish effective means to certify their products and services to meet the standards that consumers demand. Given the importance of certification in product marketing, however, failed applicants and disgruntled consumers are increasingly challenging the validity of the certification-mark programs to regain a competitive edge or to advance a social policy. So it is vitally important that certifiers understand the law governing attacks on certification programs.

Statutory Certification Mark Rules

A certification mark, unlike a trademark, does not identify the manufacturer of a product. Rather, it informs consumers that the product bearing the mark meets standards (usually relating to quality or geographic origin) set by the certifying organization owning the mark. Thus, although owned by one entity, the certification mark is always licensed to be used by others. To preserve the integrity of certification marks, section 14 of the Lanham Act (15 U.S.C. § 1064(5)), requires owners of certification marks to abide by a number of very strict rules. Failure to do so may result in the loss of the certifying body's rights to the mark.

First, at all times, the owner must exercise control over the use of its certification marks. 15 U.S.C. § 1064(5) (A). Control is effected by means of written license agreements with the certified parties. These agreements allow the owner to enforce the certification standards, denying licenses to entities that fall short of the standards and withdrawing licenses from entities no longer meeting the standards. Failure to control use of the certification mark undermines the trust consumers would place in the mark.

Second, certification mark owners may not produce or sell any products bearing the mark. 15 U.S.C. § 1064(5) (B). This prohibition preserves the objectivity of the standards and criteria embodied in the mark. If a certification-mark owner is allowed both to set the standards and to sell goods under the same standards the mark owner itself has set, the integrity of those standards would be compromised.

Third, the owner must not permit the use of the certification mark for purposes other than to certify. 15 U.S.C. § 1064(5) (C). Allowing the mark to convey any message other than the independent verification of the certifier's standards would detract from the mark's significance and indeed may cause the mark to lose all meaning in the minds of consumers.

Fourth, the owner may not refuse to certify the goods of any person who meets the standards or criteria the owner has established. 15 U.S.C. § 1064(5) (D). This "antidiscrimination" rule prevents the owner from using nonobjective or secret criteria in its certification program or otherwise unfairly favor certain producers over others.

The above rules aim to preserve the integrity of certification marks and foster a free market among producers and distributors of certified products. Any or all of the above grounds may be used by a defendant in an infringement action to invalidate the owner's mark.

The Swiss Watch Case

Over the years, U.S. courts have considered a number of challenges to the validity of certification marks, most of which unsuccessfully focused on the certifier's alleged "lack of control" over the mark through failure to police its use. 1 But the recent 2012 Trademark Trial and Appeal Board (TTAB) decision in Swiss Watch International, Inc. v. Federation of the Swiss Watch Industry , 2 provides what is probably the most thorough examination of the various unique grounds for the invalidity of certification marks. 3

The Federation of the Swiss Watch Industry is a membership trade association whose sole purpose is to protect the integrity of the Swiss watch industry. One of the Federation's principal functions is to certify that watches really are "Swiss" in origin, which is defined under its standards and Swiss law as (a) having a watch movement made in Switzerland, (b) having been "cased up" in Switzerland, and (c) having the final inspection of the watch taking place in Switzerland. Watches meeting the Federation's standards are licensed to bear the Federation's registered certification marks SWISS or SWISS MADE.

Swiss Watch International, Inc. ("SWI") is a U.S. manufacturer of watches under the marks SWISS WATCH INTERNATIONAL and SWISS LEGEND. SWI's U.S. trademark applications were refused registration by the U.S. Patent and Trademark Office because of the Federation's existing registrations for SWISS and SWISS MADE. As a result, SWI petitioned the Trademark Trial and Appeal Board to cancel the Federation's registrations on the following five grounds:

  1. The Federation permitted its marks to be used for purposes other than to certify.
  2. The Federation failed to control the use of its marks by others.
  3. The Federation discriminates in the application of its standards.
  4. The Federation's certification marks are generic.
  5. The Federation committed fraud in obtaining its registrations.

While the Board ultimately rejected each of SWI arguments, an examination of the case provides certifying bodies with valuable guidance regarding risks and best practices relating to certification programs.

(1) Use of Certification Marks for Purposes Other Than Certification

SWI first argued that the Federation had allowed its members and licensees to use trademarks that include the word SWISS (thereby fully incorporating one of the certification marks), allegedly in violation of 15 U.S.C. § 1064(5) (C). In each case, however, the member and licensee marks did not consist solely of the word SWISS standing alone, but instead were composite marks such as SWISS ARMY, WENGER SWISS MILITARY, and DAVOS SWISS. The statute, however, only prohibits the use of trademarks that are identical or virtually identical to the certification mark. In this case, the Federation's SWISS and SWISS MADE marks were not identical to any of the member/licensee SWISS-formative marks for watches. Moreover, the geographically descriptive nature of the Federation's marks suggests that the shared term SWISS was not the salient or dominant feature of the member/licensee trademarks, so the trademarks were not "virtually identical" to the Federation's certification mark either. Finally, contrary to SWI's argument, there is no per se rule that a certification mark is invalid if it is incorporated into a member/licensee trademark. Consequently, SWI did not establish that the Federation violated the statute and the registrations were not subject to cancellation on this basis.

The Board did caution, however, that there are potential pitfalls in allowing the Federation's certification mark to be incorporated into a future member's/licensee's own trademark. While exonerating the Federation's actions, the decision implicitly left open the possibility that a member/licensee trademark that incorporates the certification mark might be sufficiently close to the certification mark to be virtually identical, thereby running afoul of the statutory prohibition. Moreover, the Board explicitly noted the practical risks in allowing member/licensees to incorporate the certification marks into their own trademarks. Specifically, if the member/licensee fails to comply with the certification standards, the certifying body may have no choice but to terminate the license and force the member/licensee to cease use and registration of its trademark via an infringement action or cancellation action. Furthermore, the inclusion of the certification mark in the trademarks of numerous unrelated entities could make it difficult for the certifying body to prove likelihood of confusion should a nonlicensee commence use of a similar mark. Accordingly, certifying bodies and their member/licensees would be well advised to avoid intermingling the certification mark with their member's/licensee's specific trademarks.

(2) Failure to Exercise Control over the Certification Mark

Next, SWI argued that the Federation failed to control use of the SWISS and SWISS MADE marks by others in violation of 15 U.S.C. § 1064(5) (A). Specifically, SWI submitted evidence of allegedly widespread use of the term SWISS in connection with watches manufactured by third parties who were not members or licensees of the Federation.

The Board recognized that the statute does not define the level of control required of the certifying body. Given that absolute control over all possible uses of a mark may actually be impossible, the Board requires only that the certifying body take "reasonable steps" to control the mark so that the public is not misled about which products are certified and which are not. In this case, the Federation submitted an impressive volume of evidence of its policing of the certification marks. This policing program included worldwide watching services, opposing problem trademark applications, filing letters of protest, monitoring use of SWISS and SWISS MADE in the trade press and on the internet, obtaining samples of watches bearing the SWISS mark, and taking action for improperly labeled products. While the Board did agree that SWI had found a number of instances in which the Federation's certification marks were misused, the record of the misuse was not so extensive as to justify the cancellation of the registrations.

The Board's reliance on the Federation's policing activities illustrates the immense value of a well-documented policing program for certifying bodies. Had the Federation been unable to show its aggressive activities to preserve the integrity of its certification program, it is entirely possible that SWI could have prevailed, especially given the potential weakness of a geographic designation such as SWISS. Certifying bodies would be well advised to actively police their marks, not only to strengthen their rights generally, but also to avoid problems under the statutory "control" requirements.

(3) Discriminatory Application of Standards

SWI also argued that the Federation violated the antidiscriminatory requirements of the statute, 15 U.S.C. § 1064(5) (D). But SWI did not allege that the Federation was refusing to certify products that had met its published standards. Rather, SWI argued that the Federation's standards were wrong. Specifically, it claimed that requiring the "casing up" and final inspection of the watches to take place in Switzerland was not necessary to claim that the watches were "SWISS."

The Board rejected this argument, noting that the statute does not authorize the Board to judge the content of the standards themselves. Rather, the Board was merely permitted to determine whether the standards were being applied uniformly. Further, SWI's assertion that the U.S. Customs would have accepted SWISS MADE as an accurate label for SWI's products was irrelevant because there is no requirement that the Federation's standards follow U.S. Customs' practices.

Finally, SWI argued that the Federation discriminated because it denied SWI's certification under the SWISS MADE program. The Board noted, however, that the record contained no evidence indicating that SWI had either formally applied for certification or had shown that its products actually met the Federation's standards. While the specific evidence is not detailed in the opinion due to its confidential nature, the Federation's ability to rely on its business records to establish that SWI had not been treated in a discriminatory manner was an important element in its victory. Had the Federation failed to keep records, or been unable to refute SWI's allegations, the case could have turned out differently.

(4) The Certification Marks Are Generic

SWI further alleged that the certification marks SWISS and SWISS MADE had become generic for a category of watches with a particular type of precision movement and thus had lost their ability to certify the regional geographic origin of the watches in the minds of consumers. 4 While SWI could point to a small number of uses of SWISS by third parties not affiliated with the Federation, this evidence was insufficient to establish genericness. Contrary to the Federation's claim, no evidence in the record established that the term SWISS signified a general category of watches or horological instruments featuring a particular type of precision movement. Rather, the record clearly showed that SWISS signified the geographic designation embodied in the Federation's certification program.

Again, the relatively small volume of third-party uses worked significantly in the Federation's favor. Thus, its policing program provided not only an effective defense to a "failure to control" attack (as discussed above), but also a valuable weapon in combatting a genericness attack, thereby further buttressing the point that certifying bodies should institute such programs.

Although it prevailed, the Federation might have been able to avoid the "genericness" issue altogether had it not limited its registrations to merely word-mark versions of its certification marks. Certification logos featuring distinctive graphical elements are unlikely to be deemed "generic" because the marks must be evaluated as a whole and not merely based on the wording incorporated into the logo. Thus, while a word-mark registration provides broader rights to the certification mark, certifying bodies with word marks that verge on descriptiveness/genericness would be well advised to also develop and register logo forms of the certification mark to avoid the potential disastrous consequences should the certification word mark be held descriptive or generic.

(5) Fraud on the U.S. Patent and Trademark Office

Finally, SWI accused the Federation of misleading the examining attorney during the application process for the SWISS MADE mark. Specifically, SWI argued that the Federation falsely suggested to the examining attorney that its own standards covered the SWISS MADE mark when in fact that mark was not discussed in the Federation's standards at all (the Federation's standards addressed only the SWISS certification mark). Rather, the SWISS MADE mark was defined by a separate Swiss statute governing the Swiss watch industry. During the application process, the Federation submitted both its own standards (governing use of SWISS) and the Swiss statute (governing use of SWISS MADE). SWI attributed some ill-defined trickery to the Federation's simultaneous submission of both documents to the examining attorney, although SWI failed to articulate why the Federation could not legitimately use both its own standards as well as the Swiss statute as the basis for its certification program.

In any event, the Board held that the Federation had committed no fraud during the application process. Fraud required proof that the Federation either (a) deliberately omitted relevant portions of a document in an effort to mislead the examining attorney or (2) made statements that (even if true) were deliberately designed to mislead the examining attorney. The record supported neither conclusion. The Federation's submission clearly and accurately labeled its own standards and the Swiss statute, and the narrative of the office-action response explicitly indicated that the Federation was submitting an abstract of Swiss law on which its standards were based. So, objectively, the submissions were not misleading. Furthermore, the court noted that even if the submissions were (for the sake of argument) misleading, SWI had failed to show any intent on the Federation's part to mislead the examining attorney. Consequently, SWI's fraud claim was dismissed.

The Federation's careful labeling and description of its submission to the examining attorney prevented SWI's attack on fraud grounds from gaining any traction. But SWI would never have been able even to raise such an allegation had the Federation standards been more carefully drafted to include references to both of its certification marks.


The history of challenges to the validity of certification marks has generally favored the certifying bodies over the challengers. But given the increase in certification of consumer goods, there is apt to be an increase in these challenges in the future. To place themselves in the best possible position to defend their programs, certifying bodies should take special care to follow the lessons of the Swiss Watch case. As noted above, a well-run certification program should (a) forbid uses of the certification mark as regular trademarks and discourage intermingling of the certification marks with the trademarks of licensees, (b) include a policing program that documents the certifier's control over use of the certification mark, (c) feature good record-keeping to establish the uniform treatment of parties seeking certification, (d) use logos and graphical elements as part of certification marks with potentially descriptive or generic wording, and (e) prepare carefully drafted standards and regulations that address all parts of the certification program and all associated certification marks. In following these best practices, certifiers should significantly reduce the risk of having their certification marks declared invalid.

1 E.g., Tea Board of India v. The Republic of Tea, Inc ., 80 USPQ2d 1881 (TTAB 2006) (contrary to petitioner's claim, Tea Board had exercised sufficient policing of alleged "misuse" of DARJEELING certification mark to comply with "control" requirement of statute); National Board for Certification in Occupational Therapy, Inc v. American Occupational Therapy Assoc ., 24 F. Supp. 2d 494 (D. Md. 1998) (failure to monitor plaintiff licensee's own use of certification mark does not establish general failure to exercise reasonable control over the certification mark); Midwest Plastic Fabricators, Inc. v. Underwriters Laboratories, Inc ., 906 F.2d 1568 (Fed. Cir. 1990) (because absolute 100% control of certification mark is not possible, certifier did not "fail to exercise reasonable control over the mark" merely because plaintiff introduced evidence of a few counterfeit and substandard products bearing the certification marks, most of which the certifier subsequently took action to correct).

2 101 USPQ2d 1731 (TTAB 2012).

3 Because the Federation did not manufacture watches itself, SWI did not have the opportunity to raise the statutory prohibition on certifying bodies themselves manufacturing or marketing the products they are certifying. 15 U.S.C. § 1064(5) (B). Given that most certifying bodies are trade organizations or testing laboratories, this prohibition is unlikely to be an issue in most certification programs.

4 Both of the Federation's registrations were incontestable, so geographic descriptiveness was no longer a valid basis for cancellation.

CISSP® is a registered trademark of (ISC)2®
SU CISSP Training classes are not endorsed or sponsored by (ISC)2®
CEH® CHFI® are EC Council registered trademarks
SU CWNA / CWSP Training classes are not endorsed or sponsored by CWNP®


Please ask us how we can help your team today. Contact us at SU at 203-357-7744 or 877.357.7744


Current Schedule
Site Map SU Policies Webmaster Contact Us Opt-Out Testimonials Advertise Brochure
Copyright © 2014 Security University, Inc. All rights reserved.
Translate this page to