Cissp: Gaining And Maintaining Your Certification

Posted on June 21, 2010 by admin

The CISSP is the original information security qualification, held to ISO (International Standards Organisation) regulations and it remains a globally recognised and highly respected qualification. To achieve CISSP certification you need to pass an examination of 250 multiple choice questions. However, the world of computers does not slow down and programs and systems are forever being updated and replaced. This means that there can be no one-off qualification for Information security.

(ISC)2, the body which created and regulates CISSP certification, understands this need. Every year, every month, computer security needs to advance and so the CISSP qualification needs to be maintained throughout your career. The original certification lasts for three years and after that there are options available to renew and maintain the status.

You could choose to retake the CISSP exam but (ISC)2 have provided an alternative solution in the form of CPEs or Continued Professional Education credits. These can be earned in various ways including: attending online seminars and security conferences, publishing articles or books on the subject of security and participating in self-study courses.

(ISC)2 also allows people to help maintain their CISSP certification by submitting reviews for books on information security to their website. This is simple and easy and, if your review is accepted, you automatically gain CPEs.

You can even receive credits for subscribing to an information security magazine, providing training for other people on information security or volunteering to help charitable organisations maintain the security of their computer systems.

None of this is any good without the original qualification, though, which is just as easy to study for. There are many books and computer training courses available for CISSP qualifications. If you are looking for a way to stand out in information security and you have five years of experience in the area, then you could qualify for CISSP certification. If you think that this certification could help you there are DVD training and online courses available to help you study for the exam.

Posted in Cisco | Tagged , , | Leave a comment

The Benefits of Getting a CCIE Certification

Posted on June 19, 2010 by admin

The benefits of getting a CCIE certification are varied, among which are the following:

* Better pay
* Career advancement opportunities
* Applies to certain minimum requirements for Cisco Silver and Gold Channel Partners, as well as those seeking Master Specialization, making you more valuable to Channel Partners.
* Better movement through the problem-resolution process when calling the Cisco TA Prestige
* Credibility for consultants and customer engineers, including the use of the Cisco CCIE logo

The other big reason to take the CCIE Routing and Switching written exam is that it recertifies an
individual’s associate-, professional-, and expert-level Cisco certifications. In other words, passing
any CCIE written exam recertifies that person’s CCNA, CCNP, CCIP, CCSP, CCDP, and so on.

(Recertification requirements do change, so please verify the requirements go/certifications.)

CCIE Routing and Switching Written Exam 350-001

The CCIE Routing and Switching written exam, as of the time of publication, consists of a two-hour
exam administered at a proctored exam facility affiliated with Pearson VUE. The exam typically includes approximately 100 multiple-choice questions. No simulation questions are currently part of the written exam.

As with most exams, everyone wants to know what is on the exam. Cisco provides general guidance
as to topics on the exam in the CCIE Routing and Switching written exam blueprint, the most recent
copy of which can be accessed.

Cisco changes both the CCIE written and lab blueprints over time, but Cisco seldom, if ever,
changes the exam numbers. (Cisco changes the exam numbers of the associate- and professionallevelcertifications when it makes major changes to what is covered on those exams.) Knowing that the content will change over time, this book includes Appendix C, “CCIE Routing and Switching Exam Updates: Version 1.0.” This appendix will include coverage of any newly added topics to the CCIE Routing and Switching written exam. When Cisco changes the blueprint, the authors will add content to cover the new topics and make that content available to all readers who have bought the earlier edition of the book. For future printings,Cisco Press will put that new content into Appendix C.

The CCIE Routing and Switching written exam blueprint, as of the time of publication, is listed in

Table I-1. Table I-1 also lists the chapter(s) that cover each topic.

The blueprint
tells you what major topics to study and by implication, what not to study. However,
the blueprint does not provide many details about the scope and depth covered for each topic. As
you prepare for the written exam, it is a good idea to study more details than you think you need to
pass the exam, because the lab exam is considerably more rigorous than the written exam.
Knowing what topics Cisco does not list in the blueprint is also useful, particularly topics that Cisco
has removed from earlier blueprints.

For example, in 2005, Cisco announced the removal of ISDN/DDR, IS-IS, ATM, and SONET from the written exam blueprint, but it added wireless. In 2007,Cisco announced a new CCIE Routing and Switching written blueprint, referenced as “version 3.0″(the older blueprints did not have a version). This version 3.0 blueprint also added and removedtopics; for example, it removed wireless coverage, but added MPLS and expanded IPv6. Always check website for the latest information regarding any other new or deleted blueprint topics. For any major changes, the authors will post a new version of Appendix C, whichwill add coverage of the new topics.

Posted in CCIE | Tagged , , | Leave a comment

CISSP Certification Can Serve as Introduction to Regulatory Compliance

Posted on June 17, 2010 by admin

In the past five years, the inrush of regulation at the national and regional levels has significantly transformed the business of security. In the United States, laws such as the Sarbanes-Oxley Act, HIPAA, GLBA, data security breach laws like California’s SB-1386, and FISMA have made the adoption of many security practices a matter of regulatory compliance, rather than merely a measure to avoid worst-case security scenarios.

Though not a government-mandated compliance guideline, the PCI Data Security Standard deserves special mention as highly successful “private” regulation imposed by the major credit card brands. PCI DSS compliance has become essential for businesses that want to continue processing credit card data without risking fines and sanctions.

Many security pros — both veterans and those who are new to the field — often find themselves learning about the intersection of security and regulations during the compliance process itself. However, CISSP certification often aids infosec practitioners in their efforts to succeed when thrust into situations where compliance is driving the corporate information security agenda.
CISSP Common Body of Knowledge

The Certified Information Systems Security Professional, or CISSP, is offered by the International Information Systems Security Certification Consortium (ISC)2, and seeks to provide an objective baseline for measuring competency. The CISSP Common Body of Knowledge (or CBK) defines the knowledge base required of CISSP candidates. The CBK consists of 10 categories that CISSP candidates are expected to be familiar with in order to pass the rigorous CISSP certification exam. The categories are:

* Access control
* Telecommunications and network security
* Information security and risk management
* Application security
* Cryptography
* Security architecture and design
* Operations security
* Business continuity and disaster recovery planning
* Legal, regulations, compliance and investigations
* Physical (environmental) security

Security regulation certainly touches on all 10 of these areas. For instance, the “Legal, regulations, compliance and investigations” category used to be called “Law, investigations and ethics” a few years ago. The change represents the most visible acknowledgment that a major aspect of security is associated with compliance to laws and regulations. Within this category, the CISSP candidate is expected to have an understanding of information security-related regulation not only in the U.S., but also increasingly in other parts of the world

The other categories have begun to cover compliance as well. For instance, the job rotation, separation of duties and responsibilities, and security incident handling are important matters in security regulations; these are covered in “Operations security”. Similarly, “Physical security” covers perimeter security and equipment protection, required activities in many security regulations.

“Security architecture and design” covers security models that are used to build access control policies and models. In the era of regulations, this topic is apt to be used more often than in the past. Likewise, “Telecommunications and network security” covers the gamut of technologies and practices covering the protection of data communications. In the Internet era, this category is well exercised. The other categories in the CBK likewise cover activities required by one or more security laws.
CISSP’s complementary role in regulation

The major focus of the CISSP certification is centered on security technology and management, but the functional areas in the realm of regulation and compliance are “softer” areas that are somewhat removed from security itself. These areas are covered by security governance and management, a part of the “Information security and risk management” category.

A CISSP experienced in governance and management will have little trouble understanding much of the security regulation in force today, particularly those regulations that are more prescriptive such as HIPAA and PCI. And the CISSP CBK has covered virtually all of the security technology areas, which aid the CISSP in knowing how to carry out specific regulations.

However, there are compliance-related tasks for which the CISSP certification does not prepare its candidates. Activities such as business controls development, internal audits and the interpretation and application of regulations are barely touched on in the CISSP world. Other certifications, such as the Certified Information Systems Auditor (CISA), focus on controls and internal audits.

Posted in CISSP | Tagged , | Leave a comment

Cisco 640-802 CCNA And CCENT Certification: RAM, ROM, NVRAM, Flash, And The Boot Process

Posted on June 13, 2010 by admin

An important part of your Cisco CCENT and 640-802 CCNA certification studies is learning the differences between RAM, ROM, NVRAM, and Flash memory. Learn these vital differences from Chris Bryant, CCIE #12933.

An important part of your Cisco CCENT and CCNA certification studies is learning the differences between RAM, ROM, NVRAM, and Flash memory. You better know the differences when it comes to working in real-life networks as well, because vital Cisco files are found in these memory types – and since some of these files are lost on a router reload and some are not, we better know which is which!

The memory types and functions discussed in this section are the same for routers and switches, but to keep from saying “routers and switches” 500 times, I’ll just say “routers”. :)

Configuring the routers is a lot of fun, but we’ve got to know what’s going on inside the router, too! Cisco routers have four different kinds of memory, and while some of the names are similar, their purpose is totally different.

The contents of some of these memory types is kept when the router is reloaded, and others are lost on a reload. We better know which is which!

It’s a fair bet that these topics will come up on your CCENT and CCNA exams, and this is also information you’ve got to know to be a real network admin. Let’s examine these four memory types closely and see what each one does!

ROM: Read-Only Memory. ROM stores the router’s bootstrap startup program, operating system software, and power-on diagnostic test programs (POST).

Flash Memory: Generally referred to simply as “flash”, the IOS images are held here. Flash is erasable and reprogrammable ROM. Flash memory content is retained by the router on reload.

RAM: Random-Access Memory. Stores operational information such as routing tables and the running configuration file. RAM contents are lost when the router is powered down or reloaded. By default, routers look here first for an Internetwork Operating System (IOS) file during boot.

NVRAM: Non-volatile RAM. NVRAM holds the router’s startup configuration file. NVRAM contents are not lost when the router is powered down or reloaded.

Some important comparisons:

RAM contents are lost on reload, where NVRAM and Flash contents are not.

NVRAM holds the startup configuration file, where RAM holds the running configuration file.

Let’s take a look at the boot process of a Cisco router, and then talk about the dreaded Setup Mode!

The Router Boot Process

When a Cisco router powers up, it first runs a series of POSTs (Power-On Self Test). A POST is a series of diagnostic tests designed to verify the basic operation of the network interfaces, memory, and the CPU.

Depending on the model or router of switch you’re using, you can actually see some of these tests being passed. Here, I’ve reloaded a Cisco 2950 switch, and you can see some of the POSTs being run and passed at the very beginning of the bootup process.

Initializing flashfs…

flashfs[1]: 79 files, 3 directories

flashfs[1]: 0 orphaned files, 0 orphaned directori

flashfs[1]: Total bytes: 7741440

flashfs[1]: Bytes used: 5980672

flashfs[1]: Bytes available: 1760768

flashfs[1]: flashfs fsck took 7 seconds.

flashfs[1]: Initialization complete.

Done initializing flashfs.

POST: System Board Test : Passed

POST: Ethernet Controller Test : Passed

ASIC Initialization Passed

POST: FRONT-END LOOPBACK TEST : Passed

POSTs are particularly effective at detecting major problems early in the boot process, such as a broken fan. If the POST detects such a problem (usually called an “environmental factor”) that would cause the router or switch to overheat after booting, the POST will fail, give you a clear message as to why the POST failed, and will then stop the boot process.

But let’s speak positively here!

After the router passes the POST, it looks for a source from which to load a valid Internetwork Operating System (IOS). The router has three sources from which it can load an IOS image, and it’s a good idea to know these sources and the order in which the router will look in each for the IOS image:

1. Flash memory (the default).

2. A TFTP server. (Trivial File Transfer Protocol)

3. Read-Only Memory (ROM)

To change that order, a change must be made to the configuration register, and we’ll talk about that later in the course. It’s similar to the Microsoft Registry in that you should never change this value unless you are sure of the result.

Once the IOS is found, the router looks for a valid startup configuration file. By default, the router will look for the startup configuration file in Non-volatile RAM (NVRAM).

If no valid startup configuration file is found, the router enters setup mode, where the router runs the system configuration dialogue, a series of questions involving basic router setup. We’ll take a look at Setup Mode in the next installment of my exclusive 640-802 CCNA and CCENT certification exam tutorial series!

Posted in CCNA | Tagged , | Leave a comment

CCIE Lab Suggestions – Cisco CCIE Home Labs

Posted on June 12, 2010 by admin

Yes, CiscoKits can supply you with all the equipment you need to build your very own Cisco CCIE home lab. Why spend $15,000(after course costs, airfare, hotel and other expenses) on a twelve day Cisco CCIE bootcamp that you will walk away with only a lab workbook and a stack of notes? Wouldn’t it make more sense for you to own your own Cisco routers and Cisco switches in your home lab that you can practice with at your leisure for as long as you like with no interruptions? Sure you may be thinking, but I won’t be have access to the CCIE lectures or other materials. Well, yes you will and CiscoKits has your Cisco CCIE lab solution for you and it will be cheaper than attending a CCIE bootcamp in person and you will own your equipment! How cool is that? We are going to change the way you approach your CCIE training while saving you thousands of your hard earned dollars!

Cost Effective CCIE Lab Solutions!

This is an especially great solution for companies who want to train their staff to obtain their Cisco CCIE certifications but can’t afford to have their top network engineers off-site for two weeks at a time. Additionally, the cost savings of purchasing the kit one time which can be used for multiple employees is tremendous! Instead of looking at $60,000 to get four employees certified, what if you could tell your boss you could setup a lab with all the exact same lectures, lab work books, equipment and resources for $15,000! That averages out to $3,750 per employee for CCIE training! Where can you get hands-on CCIE training for that cheap?

Now your thinking that is great. You can provide the same exact CCIE equipment topology as the Internetwork Expert bootcamp. You can provide the same exact lab workbooks as the Internetwork Expert bootcamp. But how am I to self study this? I really learn best by lectures and seeing and instructor white board the CCIE materials. No problem! We can also offer to you the exact Internetwork Expert CCIE training you would receive if you were at their location.

We have three different formats that you can select to receive your CCIE training.

CCIE Live Online Class –With this option you not only get to participate in the class live and online, but you also be able to watch a recorded version of the very class you participated in with any recording updates. This is better than being there as you can be there again and again and again at your convenience. Also, just to be clear, you will be able to actually participate in the class and interact and ask questions of the instructor. It does not get any better than this!

CCIE Online Class – With this option, you will be able to view online the same 80+ hours of CCIE training as if you attended the course on-site. But for those of you who can’t participate in the class for two weeks straight, well this is the option for you as you control the pace of the class. You have total control over how quickly or slowly your complete your CCIE training.

All you need is an Internet connection, Adobe Flash Player installed and you are ready to view your CCIE training. You will also be provided with all the course slides for download too. You can watch your CCIE training once, watch it twice. You can pause the class recording to take care of the trash for your wife or better yet to catch the football game. It is in your hands! You can’t get much more convenient than this. Also you will have the option for just $200 more to get a copy of the course on DVDs to make it even easier for you to watch and review the course lectures.

With all of the above CCIE training options, you will receive unlimited free updates to the product for as long as you need them!

CCIE Home Lab Kits

Now let’s talk a little bit about your CCIE home lab setup. We have partnered with Internetwork Expert to provide you with five choices of the hardware to replicate their exact Cisco equipment topology. So we are sure we will have a CCIE lab package that will fit your budget. As with most things in life, the more expensive the kit, the more features you will be able to exercise in your lab. The really cool thing about these kits is they are applicable to all of their CCIE training lab workbooks. So you don’t have to buy additional Cisco routers or Cisco switches to utilize some of their other lab workbooks. Below we will discuss a little about each CCIE lab option.

CCIE Gold Lab Kit – This kit is essentially the same as the Platinum kit without the Cisco 3825 router and Cisco 3560 switches. If you budget is somewhere between these two, ask us as we can modify this kit to possibly include either the Cisco 3825 router or Cisco 3560 switches which ever makes the most sense in your situation and budget constraints.

CCIE Silver Plus Lab Kit – This kit is very similar to the CCIE Gold Lab Kit. However to further reduce the price a Cisco 3550 switch was removed. As you can see the prices are getting pretty close to some of the Cisco CCNP kits so this is a great value for your CCIE studies on a tight budget.

CCIE Silver Lab Kit –This kit is very similar to the CCIE Silver Plus Lab kit but the Cisco 3550 switch was removed as were the 2600XM routers. A good kit for a tight CCIE budget that will still cover about 80% of the course topics with hands-on labs!

CCIE Bronze Lab Kit– This kit is the most economical kit we can produce for the Cisco CCIE training curriculum. This CCIE lab kit will still cover between 80 and 90% of the topics on the test for 20% of the cost of the Platinum lab kit. This is a great solution if you are super tight on money and you are willing to give up a few features so you can complete your CCIE certification as we had to remove some of the Cisco 3640 routers. Keep in mind you will still have the same number of Cisco routers and Cisco switches as the Platinum lab kit, you will just have some lower end routers and switches that will not support every feature the top of the line kit will. Then after you pass your CCIE certification test, you can go back and purchase the Platinum kit once you are making the big money!

Posted in CCIE | Tagged , , , | Leave a comment

Introduction to Cisco’s CCIP Certification

Posted on June 2, 2010 by admin

Most people who work with Cisco equipment know that there are some routers out there that are the real carrier class type of kit. So what would it take to get your hands on those? CCIP Cisco Certified Internetwork Professional is good step in that direction.

As with most Cisco Professional certifications a valid CCNA is a pre-requisite in order for you to obtain the CCIP. Again, as the other Cisco Professional certifications, this one is valid for 3 years.

Now where would a person start his or her CCIP quest? 4 exams are needed but where do you begin? BSCI, Building Scalable Cisco Internetworks [642-601] is a good place to start. It will count towards your CCNP and CCIP and gives you a good overview of interior routing protocols and basic BGP introduction. This is not an easy exam because of the broad spectrum of knowledge you need to acquire but who said that CCIP was a walk in the park.

Now there are 2 options you can sit the BGP [642-611] and MPLS [642-611] exam separately or you can do a composite type of exam BGP+MPLS [642-691]. Both exams build on each other so sitting the composite is good way of testing your knowledge of the ISP core protocols. The exams are really the heart of the CCIP certification and are the proof that this certification is categorized under the Service Provider on Cisco’s career certifications part of their website.

Finally 1 exam has to be mastered in order to obtain the CCIP and that is QoS, Quality of Service [642-642]. A benefit of this exam is that is also counts towards CCVP, Cisco Certified Voice Professional. This one will cover he QoS methods used in a service provider/voip environment.

To recertify your CCIP you need to sit either the current BGP+MPLS exam or the current versions of the two separate exams. Another way to recertify is by passing a current CCIE written exam.

Overall the CCIP is good stepping stone into the service provider world. It is a very though path, but it will open doors into the challenging world of the ISP’s, big telcos, etc. And on a personal note, passing my CCIP made me more interested in taking the steps to achieve my CCIE Service Provider because of the technologies and challenges involved in the internetworking world we live in today.

Posted in CCIP | Tagged , , | Leave a comment

Cisco Certification Central

Posted on June 1, 2010 by admin

When you wake up on exam day, one of two things is going to happen. Well, yes, you’re going to pass or fail. But what I’m thinking of comes before that, and has a lot to do with how you perform on exam day.

You’re either going to have a tremendous feeling of anticipation or the dreaded feeling of being nervous about it. Anticipation is a great thing to feel on exam day. You’re driving to the exam center, excited about the exam. You’re much like a football player, slapping another player on the helmet or the shoulder pads before the game starts. (Warning: Don’t try this on the exam proctor.) You know there’s a challenge ahead, but you’re looking forward to it. In your mind, you’re already victorious; you’re at the testing center only to make it official.

Conversely, there’s nothing worse than being nervous or feeling unprepared before the exam. I’ve driven up to an exam center and seen exam candidates doing some last-minute cramming in their car. Sadly for them, if there’s something you were unprepared for at 8 AM on exam day, you’re still going to be unprepared when you go into the test center, no matter what you read in the car at the last minute. You don’t see football players studying their playbook on the sideline before the game starts.

It’s all about preparation. I regularly tell my students and customers that you don’t pass a Cisco exam (or any other vendor exam) the day you take it. You pass when you turn the TV off for weeks before the exam to study; you pass when you spend time and money to attend a class or buy a book or training video; you pass when you give up a weekend to get some hands-on experience. That’s when you pass. The exam score you get is simply feedback on your exam preparation.

There’s a great saying “Prior Preparation Prevents Poor Performance”. That describes to a “T” what your strategy to pass the exam must include. Put the time in well before exam day and you’ll reap the rewards on the big day. If you’re just planting the seeds of knowledge in your car the morning of the exam, don’t expect much of a harvest.
It’s all about preparation. I regularly tell my students and customers that you don’t pass a Cisco exam (or any other vendor exam) the day you take it. You pass when you turn the TV off for weeks before the exam to study; you pass when you spend time and money to attend a class or buy a book or training video; you pass when you give up a weekend to get some hands-on experience. That’s when you pass. The exam score you get is simply feedback on your exam preparation.

There’s a great saying “Prior Preparation Prevents Poor Performance”. That describes to a “T” what your strategy to pass the exam must include. Put the time in well before exam day and you’ll reap the rewards on the big day. If you’re just planting the seeds of knowledge in your car the morning of the exam, don’t expect much of a harvest.

Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of freeCCNA andCCNP tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages. For a FREE copy of his latest e-books, ,How To Pass The CCNA, and ,How To Pass The CCNP,, visit the website and download your free copies. You can also get FREE CCNA and CCNP exam questions every day! Pass theCCNA exam with The Bryant Advantage!

Posted in Cisco certification News | Tagged , | Leave a comment

The advantage of obtain the CCIP Certification

Posted on May 31, 2010 by admin

The IT industry grows new opportunities for aspiring professionals. The most likely reason is that the industry is growing very rapidly and there are important challenges to progress. There is a need for qualified people for jobs working effectively with their work and produce good results. Of course, the effectiveness of the person that many of the skills and competencies you have. In this context, large firms in the industry with its training and development department started. These departments or units that offer different certifications.
Cisco training and qualification of the wings is well known, and offers different types of certifications to students and other professionals who will hold during his career as an update of progress for other reasons want. Certification of Justice, also known as the certification of Cisco Certified Internetwork Professional is an effort of many. Provides the skills and knowledge required to manage the infrastructure provider. The CCIP certification is to show a candidate is capable of experience in networking solutions provider of IP infrastructure. The curriculum for the CCIP certification includes topics such as IP routing, IP QoS, BGP and MPLS.
Achieving certification of the DAC, and indeed any Cisco certification is not easy. The course is very demanding of time, and candidates are expected to dominate in both languages – the theoretical and practical aspects of the scenery of this certification process. Even for this certificate, the candidate must have a valid CCNA. Information about Cisco training classes and other learning opportunities, along with the dates of examination schedules, labeling and standards, etc, are regularly updated on the Cisco site on the Web.
Still,if you have any good advices or other thinks or just there are some words wrong in this passage,you can give me a comments.Then we can have a gooe talk about it .And Thanks you! May you succeed!

Posted in CCIP Certification | Tagged , , | Leave a comment

Pick the Right Security Certification

Posted on May 29, 2010 by admin

As the world gets more connected, it also gets less safe. And as more and more information is exchanged via email and websites, and more folks buy stuff online, more data and money is at risk than ever before.

That’s why those with technical certifications in security are becoming more and more in demand. But there are a lot to choose from; which one might be right for you? We’ll give an overview of the most popular, and in-demand, security certifications you can get.

For this article, we’re going to look at vendor-neutral certifications, which means specialized credentials from security companies like CheckPoint, RSA and Cisco won’t be included. These certifications teach general security principals, and will have the widest range of usability.

* CISSP. The CISSP, from the International Information Systems Security Certification Consortium, known as (ISC)2, is generally considered the hardest security title to get, and the most well-regarded as well. How hard is it? You’re not even eligible unless you have five years of security-specific experience. It also requires an endorsement by someone who can attest to your experience and qualifications.

Even if you pass the exam, you may still be audited. That means (ISC)2 can investigate and make sure you have the experience you claim to have. And after that, you need to recertify every three years.

Is it worth it? Most CISSPs would tell you yes, because the CISSP certification is the name hiring managers and others know. It verifies your expertise. As security expert Donald C. Donzal of The Ethical Hacker Network says, many consider the CISSP “the gold standard of security credentials.”
* SSCP. The baby brother of the CISSP is the Systems Security Certified Practitioner (SSCP), also by (ISC)2. Like the CISSP, it requires passing an exam, and has the same rigorous checks in place, like needing an endorsement and the possibility of being audited.

The main difference is your knowledge base is expected to be smaller, and you only need one year of security experience. The test is much easier, as well. Still, the SSCP is a solid first step into your security career, and is backed by (ISC)2.
* GIAC. The other major vendor-neutral certification organization is the SANS Institute, which oversees the Global Information Assurance Certification (GIAC) program. GIAC is SANS’ certification arm.

The GIAC has multiple levels. The first is the Silver certification, which requires passing a single exam. It has no real-world component, making it of dubious value in the eyes of potential employers. All you really need to do is be able to memorize the material.

Above that is Gold certification. This requires writing a technical paper in your area of expertise in addition to passing a test. This adds significantly to the value; the paper will demonstrate an individual’s knowledge of a subject; you can’t fake your way through a technical paper.

Finally, the Platinum certification is at the top of the heap. It requires a proctored, two-day lab practical after achieving Gold certification. It’s given only at certain times of year, during a SANS conference. This could be a stumbling block to some certification-seekers, who may not have the time or money to fly to another city to take a lab test over a weekend.

If, however, you make it through that process, you’ve proven your skills as a security expert. Although not as well known as the CISSP, a GIAC Platinum credential is certainly impressive.
* Certified Information Security Manager (CISM). CISM is administered by the Information Systems Audit and Control Association (ISACA). ISACA is more well known for its CISA certification for IT auditors, but CISM is making a name for itself as well.

The CISM has the same experience requirement as the CISSP – five years of security work. Also like the CISSP, one test must be passed. A difference between the two is that you need to do some continuing education every year.

The CISM appears to be as rigorous as the CISSP, and some security pros think it is actually more difficult to get. The reality, though, is that it is still not as well known as the CISSP. That should be expected, however, given that it didn’t exist until 2003.
* CompTIA Security+. On the lower end of security certifications, CompTIA offers the Security+ exam. It consists of one 90-minute exam with 100 questions. There is no experience requirement, although CompTIA recommends two or more years of security experience.

Security+ should be considered entry-level only. With no required experience component and a simple, short test, its value is limited. It might open a door for you, but only a crack.

Posted in CISSP | Tagged , | Leave a comment

Cisco CCNA Certification: The Value Of The CCNA And CCNP

Posted on May 28, 2010 by admin

There has never been a better time to accelerate your IT career, and earning a technical certification is a great way to do just that. I don’t care if you’re looking at earning an MCSE, a Cisco certification, Red Hat, or any other vendor – you are always better off having a technical certification than not having one. Technical certifications are an excellent way to market yourself and stand out from the crowd. Earning certifications shows a potential employer (and your current one) that you are willing to go the extra mile.

Sadly, when you ask this question on most Internet message boards, you’re going to get some very negative people giving you their “unbiased” opinion. Ask yourself this question: Do you want to entrust the direction of your career to someone you don’t know, has no accountability for what they say, and has some kind of ax to grind? Do you want someone like that to decide whether you should earn a CCNA or CCNP?

I can speak from experience on this point. When I told a few people that I was going to earn my CCIE, almost 100% of the responses I got were negative. “It’s too hard”, “no one can pass that”, “the CCIE isn’t worth the work”, etc. Every single one of these statements is false, and again I speak from firsthand experience. The same is true for the CCNA, CCNP, and MCSE. All of these certifications can add value to your career and put more money in your pocket. But you have to make the decision to earn them and to “keep your goals away from the trolls”.

Don’t ask anonymous strangers whether it’s “worth the time” to get a CCNA, MCSE, or other computer certification. The only person you should ask that question of is yourself. Whether you want to start an IT career or jumpstart your current one, make the decision to move forward in your career – and then follow through on that decision.

Posted in CCNP | Tagged , , | Leave a comment