IT Training Blog

Why We Need IT Certifications

2010-06-08T10:18:00.002-04:00

In a world of heavy competition in the job market and in our current economic state, it is more imperative than ever to have an edge over other applicants when searching for jobs or changing careers. From office managers to heath care professionals there are professional certificate programs and certifications that can be earned by attending approved training classes that are geared towards giving practical and hands-on skills that should carry on into the workplace. This type of training and certification provides employers a sense of confidence knowing that the certified individual can quickly learn their job function and carry it out with minimal supervision. This is certainly the case with many technical jobs especially in IT.
When it comes to your career in the IT field, whether you have years of experience or you are just starting out, there is tremendous strength and growth potential when you obtain the latest certifications in the area(s) you choose to become an expert at. Let’s face it, how many people do you know that have degrees in Information Systems that are still unable to gain employment? This is largely due to the lack of hands-on and practical training that the degree programs offer and many employers are aware of this.

You can start out by learning the fundamentals of hardware, software, and network support in a program like the A+ Network+. And there are even Vendor specific certifications such as the CCNA by Cisco and the MCITP-SA by Microsoft that once earned, let the employer know that you have expertise in these specific areas. So if you are looking to become a Network Administrator and want to be able to manage and configure the medium of which networks rely on, then the CCNA training and path is what you should look at. If you want to provide support in a server environment and become a System Administrator, the Microsoft certification path is for you. These are just a couple of directions you can go in the IT field. There is also, of course, the high demand for Security professionals in IT. With the threat of cyber attacks and those with malicious intent, companies are seeking the best solutions for identity protection, data loss prevention, and data recovery to ensure their business runs smoothly and with minimal liability. Many doors are opening and new positions are being created to combat these issues making IT Security a truly desirable skill to have. For those looking into the IT Security field or have experience without the certification(s), you may want to look at the Security+, Certified Ethical Hacker(CEH), and Certified Hacking Forensic Investigator(CHFI) certification courses.

The bottom line is there are many possibilities one can have when achieving IT certifications which indeed makes them more important than ever to have. Whether you are starting out or are already in the IT field, certifications can help you reach your potential.

APT - Advanced Penetration Tester

2010-05-17T17:14:00.000-04:00

The results from day 1 of the Advanced Penetration Tester (APT) are in the reviews are awesome across the board. This class was the most highly anticipated class that we have seen in a long time. Live demos in class had students breaking into high security networks on day one.

A Quick Synopsis of the APT
Essentially, where CEH leaves people at breaking into networks that have relatively simple security and firewall setups, the Advanced Penetration Tester teaches people how to break into environments that spend HUGE money annually on security / information assurance / network and data intrusion prevention.

We'll post the results from the week on this very rare, highest level hacking class. Definitely looks exciting though!!

Welcome hackers, learn how you cannot be stopped.

Update on the DoD 8570 Directive

2010-04-08T13:03:00.003-04:00

The DoD 8570 directive is something that has been making many IT Security / Information Assurance professionals sweat for the past couple of years. Strangely enough, the deadlines are never met and keep getting pushed back.

The latest addition to the DoD 8570 directive is the Certified Ethical Hacker (CEH) certification.

This certification is a very hands-on, practical, know what you are doing kind of cert, different from some of the others that appear on the 8570. In fact, if you take a CEH class you'll see what I mean. By nature, they are almost all hacking (using exploits, worms etc.) from start to finish.

So not only does the CEH certification's addition to the DoD 8570 break form from the norm (see CISSP, Security+ - theory / concept based certs) but in my opinion its a strange recognition by the DoD and the US Government of the latest trend in data security. CEH was made popular by good marketing by the EC-Council coinciding with a growing need (data threats via network penetration). The popularity that has been growing rapidly for the last two to three years is now being recognized by the Gov, which is not something were all too used to seeing.

Watch in years to come for certifications that are more theory based to go by the wayside and certifications that are application based to skyrocket in popularity. Things to watch: CEH, CHFI, ECSA, LPT and the Advanced Penetration Tester (APT).

Virtualization Training on the Up and Up; VMware and Hyper V Will Battle it Out

2010-02-25T15:17:00.002-05:00

Virtualization training is easily one of the hottest training trends of 2010. After a brutal year in 2009, companies everywhere are looking for ways to cut costs and boost productivity. Virtualization management is catching on quickly, thanks to its proven success at saving companies money and increasing productivity.

Virtualization management allows you to create multiple virtual machines (software-based) on a single physical computer. Each virtual machine can run its own operating system and applications, completely isolated from other machines. Products like VMware and Hyper V by Microsoft let you utilize the full capabilities of your hardware, allowing one computer to do the work of several, which saves you money in IT energy costs and hardware costs. Companies everywhere are excited about the possibilities that come with virtualization, which is why VMware training and Hyper V training are one of the hottest trends of 2010.

Another Major Training School Closing? Computertraining.edu??

2009-12-31T12:06:00.010-05:00

Here at ITTrainingBlog we have been closely following the recent announcement that Computertraining.com aka. Computertraining.edu has abruptly closed.

Here is the information we can furnish at this time about the closing and the effects it will have on their students as well as the process that students may be able to take in order to recover some of their losses.

**UPDATE** 1/5/10

Computertraining.com / Computertraining.edu has posted information on their website about the closing (keep in mind this is their side of the story and may or may not be the whole truth) and they have posted the appropriate state agencies to help students recover their losses.

**UPDATE** 1/4/10

We felt it important to make known the Google Group that a reader just told us about. If you have been affected by this closure, please visit: http://groups.google.com/group/computertrainingedu-took-the-money-and-ran

**UPDATE** 12/28/09

Here is a letter sent to us by a student of Computertraining.com moments ago that they received via email earlier today:

It is with deep sadness and regret that Computertraining.edu announces it will cease operation and close all of the Computertraining.edu schools, effective immediately. These actions are due to circumstances beyond the Company’s control. There will be no further classes held at any of our schools.
This letter serves as written notification that all future inquires should be directed to your state agency listed below:

Michigan Dept. of Energy, Labor and Economic Growth
Proprietary School Unit
201 North Washington Square
Victor Office Center-3rd Floor
Lansing, MI 48913

Very truly yours,
Computertraining.edu

To recover your losses from the Computertraining.com fall out visit your State Higher Education Agency or Commission. Examples would be for Maryland - MHEC, Virginia - SCHEV etc. This type of thing has happened many times in the past. The state's governing body for higher education is equipped and has policies in place to help the students recover as much as possible in this type of situation. You should be asking the Higher Education commission in your state about refunds and / or "teach outs". A teach out is where a local school will add you in to one of their classes (in this case for the MCITP) and the state will reimburse them at least a portion of the cost.

**Original Post** 12/28/09

This is unofficial at this point but our sources (who are VERY reliable) are telling us that Computertraining.edu (formerly computertraining.com) may be about to officially announce that they will be closing operations permanently. Computertraining.edu was a national leader in Microsoft's systems administration training. They specialized in the MCSE 2003 but recently made the change (as everyone did) to the MCITP-Server Administrator training because of the switch to Server 2008 and the fact that the MCSE exams will soon be retiring and unavailable.

We tried to call their national sales number and it goes to voicemail. We will have more on this as it breaks. What a wild week for the training school business...

State Higher Education Governing Agencies
Here is a list of some of the appropriate places to contact in order to begin to recoup your losses:

Maryland - Maryland Higher Education Commission
Virginia - State Councile for Higher Education Virginia
Pennsylvania -
Ohio - Ohio Dept of Education

Penetration Testing in Today's Environment

2009-12-14T08:00:00.000-05:00

The cutting edge of IT security these days is something of a testament to the times we live in. It's dangerous for computer networks, with the rapid expansion of the Internet and data systems, more and more hackers are seeking to cash in on people, companies and agencies who don't know what they're doing. Thanks to speed upgrades, a broad spectrum of cash flow possibilities and an increasingly automated, increasingly media-saturated global network of computers, the Internet is becoming more and more feasible for hackers to exploit for financial gain, rather than simply to cause trouble.

Penetration testing consists of a number of skills and methodologies, but at its heart it is a philosophy and methodology. For all the IT specialists who grew up with a simultaneous fascination with piracy and the archetype of the free-spirited electronic pirate, living according to a personal ethic of winner-takes-all, and a more serious ethic regarding not causing harm to others and living morally, penetration testing is a very attractive set of practices. The philosophy behind penetration testing, called "ethical hacking," is, essentially, about hacking into networks in order to find their weak spots.

Penetration testing lets you have your cake and eat it too. You can learn how to play and have fun with the hacker's game of cat-and-mouse, but you don't have to worry about the consequences if you're caught. And believe me, this is quite a lucrative cake. Businesses all over the world are looking to the first adopters of penetration testing and at how successful their networks have been in fending off hackers. They are all but asking for new network administrative positions to be filled by people with a penetration testing or ethical hacking degree.

Unlike standard methods, a penetration tester is required to actively test the network to see if it could be compromised. This makes it slightly more dangerous and put slightly more strain on a network, but it is definitely worth it. After all, theory only gets you so far. What is successful in theory might fall to a creative hacker's approach, and only an equally creative penetration tester, trying out that method on the network before the hacker gets to it, can ensure the network's security.

There are several penetration testing "methodologies" which , but ultimately a penetration tester's success comes from the same place that a hacker's success comes from - her ingenuity, creativity, and downright deviousness in coming up with ways that a network could be compromised. As an ethical, or "white hat" hacker, she uses that deviousness in service of good. Or, from a more pragmatic view, she uses it in service of her bank account, since being an illegal hacker is a dangerous job. Illegality is never pragmatic.

If you are at all interested in network security, you're in luck. Network administration and IT services are among the fastest-growing career fields now. Penetration Testing is the set of practices most highly regarded by prospective employers and those in the know. Learning penetration testing will only serve you in your search for a fun, interesting, meaningful career. most people who have been exposed to the security industry should get their Certified Ethical Hacker certification and people who have been pentesting for a while should go with either their ECSA / LPT certifications or the Advanced Penetration Tester (APT).

CCNA Certification - Essential to VoIP Professionals

2009-11-23T08:00:00.001-05:00

With so many Voice over IP certifications out there, it can be confusing to decide which one to take. Which will lead to the most lucrative career options? Should you go for a vendor-specific exam like Cisco's CCNA program or Norton's NCTS, or should you take on a more generalized certification like the CTP vendor-neutral certification? The decision is tricky, because exams tend to require both study time and money, and you don't want to waste either. You're a qualified professional, you just want to take get the certification that companies respect the most.

Initially, the vendor-neutral certification might seem like the best option. It proves that you are fluent in multiple network protocols, and you can use it to argue that no matter what changes or communications need to happen over different networks, you'll be able to handle it. This would be the case if the VoIP network market were filled with many varied vendors, and versatility was in higher demand than depth of understanding a specific type of network. However, that is not the case.

Cisco, for better or worse, holds the lion's share of the VoIP-related product market. Over half of all Voice over IP related job openings specifically ask for CCNA training, compared with just 8% who want Norton's NCTS or even fewer who are looking for a CTP certificate holder. The fact is that people whose networks are provided by Cisco want a Cisco-trained professional, same with Norton or any other vendor. One can assume that over half of all businesses use a Cisco network.

The Cisco VoIP certification runs along a track beginning with CCNA training. After you get your CCNA certificate, you can try for a CCNA Voice certificate. This establishes your fluency with Cisco IOS Unified Communications, as well as all Cisco voice-related technologies, including IP telephony, IP PBX, call control, handset, and voicemail. Once you're a CCNA Voice-trained professional, you can get your CCVP, or Cisco Certified Voice Professional, and then go on to get your CCIE Voice. This last certificate establishes yourself as a true expert in the field, as fewer than 1000 people in the world have attained it. Cisco's well-delineated "level" system provides opportunities for career advancement, ensuring that as a network administrator, you won't devote yourself to one vendor's system and be stuck in the same type of position for the rest of your life. You can take the subsequent Cisco exams and upgrade your career each time.

With VoIP technologies becoming more and more prevalent in the business world, due to their inexpensiveness and effectiveness at transmitting information, having a good VoIP certification will open many doors for you. Businesses will either require their network professional to know his or her way around a Voice over IP network, or, if the business is big enough, offer job openings exclusively to manage the VoIP protocols, maintenance, and administration. Half of these businesses are likely to use Cisco networks. With a CCNA Voice certification, or even better, the CCVP certificate, you will be immediately eligible for those jobs.

What Makes Microsoft Office Application Training So Useful in Today's Workforce

2009-11-18T14:37:00.002-05:00

Microsoft Office Training is imperative in today’s job market. Companies are desperately searching for individuals that possess IT knowledge. When an employer considers the many hire options, he or she is certainly looking for a proficient, technically minded professional with Microsoft experience. An individual that can bring an impressive set of skills, i.e., supporting businesses with the best tools and solutions that Microsoft Office has to offer. The talent of a particular team depends on how the organization performs, and roughly two-thirds of hiring managers believe that individuals possessing Microsoft Office knowledge are far more productive than those without expertise. About half of every successful business team has at least one expert in Microsoft Office. To expand one’s horizon, taking a training course can only improve the current business at hand. The best way to approach the material is by the various interactive multimedia: CD-ROMS, Network LAN, online courses, and other web formats. Microsoft Office will teach you very important business tasks, data management, email presentations, and other ways of becoming proficient in the business world.

When one considers the variety of creative methods for improving business, Microsoft Office is vital to finding a great career. We must consider the fact that jobs are more competitive at this point; recent economic analysis claims that one in five people are out of work. The more skills one can attain at this point, the more chances they have of survival in the job market. This is the time to learn a new skill: Microsoft Office Training. Forrester Research mentions that as of June 2009, eighty percent of businesses and corporations use the latest version of Office. The latest version of Office is in the works and should be out in November 2010.

It’s one thing to own the latest Office software and quite another to be able to use it effectively. From applications such as Powerpoint, data sorting, formulas, professional slides, and creating and publishing to brilliant designs, learning Office will make you much more attractive to companies, and place you above your competitors. Knowledge is power, when it comes to the business world. Those working in support and service jobs, which require dealing with troubleshooting issues, honing Microsoft Office skills is not only helpful in your current work environment, it makes you a valuable commodity to additional perspective employers—which ultimately gives you flexibility. If you have not already been trained in Microsoft Office, whether you’re in a valuable position at your current job or not, Microsoft Office training is mandatory in today’s competitive job market.

Dont Forget Microsoft Office Training and Certification

2009-10-23T08:33:00.002-04:00

In the training and certification world perhaps the most overlooked cert may be Microsoft Office certification, or the Microsoft Certified Application Specialist (MCAS).

We all use MS Office probably every day, we fall into the groove of doing the same things (tasks, functions, etc.) that work for us and that apply to our specific roles in the workplace. But there will very likely come a time (soon, if not already, for many of you out there) where we will be placed in a situation where one of the common skill sets we use in MS Office becomes foreign to us. Most likely this will happen when your company or organization makes the upgrade to the newest platform of MS Office.

Have you started working with Office 2007 yet? Its quite a bit different from 2003, and what about the next version to come out. What if your organization upgrades you to that straight from 2003, you'll be way behind the curve.

Since Office (Excel, Word, Access, PowerPoint and Outlook mainly) are all so essential to what we do, its crucial to stay sharp with them. That's why Microsoft Office Training is probably the most overlooked training (and certification) in the IT and tech training industry. Stay fresh and consider taking a class every now and then. They are relatively cheap and you can really increase productivity by a wide margin. Whats $350 dollars when you increase your employee's or your own productivity by 10%?

Hacker Halted - Security Conference

2009-10-14T14:14:00.004-04:00

I recently attended the Hacker Halted conference that took place in Miami, FL. This conference was a gathering of many of the most knowledgeable IT Security specialists and organizations in the US.

Some of the overall themes of the conference were to promote and discuss the current issues in IT Security by representatives of various organizations, to strategize about upcoming IT Security challenges for 2010, and also to recognize those institutions and individuals who excelled in IT Security in 2009.

The part of the conference that I was able to attend specifically was the "Circle of Excellence" Awards presentation. The Circle of Excellence is awarded to institutions and individuals who are the very best in promoting and advancing IT Security. One of the recipients of this award, and the only small-business company, was Academy of Computer Education [ACE]. This award is typically reserved for large companies with a national presence. ACE was recognized for its outstanding work particularly for the CEH, CHFI, and CISSP classes that are run regularly at its two, DC-Area campuses.

Additionally Joe McCray, an instructor at ACE and IT Security consultant, was acknowledged and awarded for his outstanding work, instruction, and overall role in advancing IT Security knowledge by the EC-Council. Joe has helped ACE achieve its niche success as the DC metro area's leading institution for IT Security Training.

The Hacker Halted conference was alot of fun overall. It really drove home the importance and necessity of the evolution, advancement, and innovation in IT Security nationwide. Next year, this event is expected to be even bigger, and will include a host of international speakers and presentations. I'm sure there will be several new and interesting topics covered next year as well. Stay tuned...

The Rising Popularity of ITIL v3 Foundations Certification

2009-10-06T15:08:00.001-04:00

The ITIL (Information Technology Infrastructure Library) v3 Foundations Certification is designed for people who have already become ITIL certified under the older v2 foundations course. This is a bridge course that just covers the new material between version 2 and version 3. Overall, there are not many differences, but the material covered is important. To gain the ITIL v3 Certification, one must pass a 20 question exam on the updated material.

Why is this bridge class becoming so popular? First of all, the ITIL Foundations training course in itself is very useful for IT workers. But more businesses want their employees to have up-to-date certifications, so more IT workers are updating their certification by completing the ITIL version 3 bridge course.

There are five important concepts brought up in the bridge course, all dealing with the Service Life Cycle. The first is the service strategies, which concentrates on IT strategy maps and making sure that the processes and requirements of the IT worker coincide with the objectives and goals of the business as a whole. Next is service design, the ever-changing process of following business requirements, no matter how large or small. Service transition is third, which focuses on the risks and changes of an infrastructure, as well as efficiency of the deployment of new programs. After that is service operation, which is the concentration of the daily or weekly tasks required of an IT professional, including maintenance and testing. Finally we reach continual service improvement, the process of managing oneself as an IT worker, by monitoring the changes one makes to the infrastructure, as well as finding more optimal ways to complete tasks.

The Future of the Certified Ethical Hacker - Part 2

2009-10-01T09:48:00.000-04:00

Oh and one more thing to add on to the last post about EC-Council's plans to make the CEH the authority in IT Security...

...They are about to announce something big in relation to the cert. I won't spill the beans, but lets just say it involves the DoD and all related contractors.

The Future of the Certified Ethical Hacker

2009-10-01T09:31:00.002-04:00

The EC-Council just last week wrapped up the annual Hacker Halted conference. The entourage of geeks here at ITTrainingBlog.com were in attendance of of course. It was entirely a fantastic time with great speakers and good food / drink.

One of the most relevant things that we were able to take away from the conference was the future of the Certified Ethical Hacker (CEH) certification. The CEH has quickly moved its way to being way far in the lead of hacking and pen testing certifications. EC-Council's flagship cert has been the benefactor of a combination of fun / interesting material, a catchy name and a strong marketing plan.

However, what we found out is that EC-Council doesn't just plan to let the CEH rest as being the authority in hacking and pentesting certifications, but in fact they plan on making it the authoritative all around IT security certification. Now, please don't misunderstand, they aren't making this their highest level cert, the ECSA / LPT is still that. In fact, their plans are to make the CEH a more all encompassing certification that fits into wayyyyyyy more realms of data security, not just pentesting and hacking. They plan to add over 40+ modules to the certification's material pool.

The version 6 CEH is already a 20+ module cert, most of which contain material that can or will appear on the certification exam. The new version 7 Certified Ethical Hacker will add 40+ more modules, however most will NOT appear on the test according the EC-Council executives. This is good, the pool of test questions is already fairly widespread.

So the reason for the additional modules is to have the CEH courseware cover this content so that it can become a more used reference point for security issues. Most of the module content will be related material that the core material would theoretically teach you enough to be able to implement if the CEH was faced with that particular predicament. An example is bluetooth hacking. Covered in the new CEH version 7 bonus material, yes, included on the exam, no, will a CEH be able to implement all that goes along with this, yes.

Personally I see EC-Council accomplishing what they hope to here. I have watched them become the authority so quickly in the IT security industry. The CEH cert is spreading in demand like wildfire. So, I do believe it will be the authority.

Stock up - CEH
Stock down - CISSP (non tech, piece of cake material)

So of course, get out there and get your hacker training, you'll need it in the future.

Meeting the Mandates of the DoD 8570 Directive

2009-08-24T12:43:00.001-04:00

Many employees and potential employees of the Department of Defense are scrambling to meet the new requirements laid out by the 8570 Directive. First of all, all of the requirements put out by this directive can be found on this website dedicated to the DoD 8570 Directive.

After gaining a familiarity with the condition and requirements, it is time for you to decide what level of education you need. A vast number of the DoD employees have taken one of CompTIA’s computer classes, which include A+, Network+ and Security+, either out of necessity or to further background information. However, some workers also need to take the CISSP (Certified Information System Security Professional) course, offered by (ISC)2. This course is required for individuals trying to gain higher levels of technical employment within the Department of Defense.

Overall the Directive is put into place to try and reach some agreed upon requirements for different levels of employment, since there are so many different computer certifications available.

Essential Skills for an IT Professional

2009-08-20T15:52:00.001-04:00

InfoWorld published a very good list of general skills that every IT Professional should possess. We bring it to you from the archives of the internet. This article is informative, and overall a good read.

One of the key points is to be able to train someone in the tasks you are able to complete. We fully agree, since computer education is vastly important in the workplace. IT Professionals prefer to teach other workers how to solve their problems instead of having to go to the IT person every time the problem appears. Another useful point on this list is to backup and document everything. It will make your life easier, as well as anyone else who steps in to manage some of your responsibilities.

Hands-On Training versus Lecture Training – Benefits of Experience

2009-08-17T15:11:00.003-04:00

There are a number of different computer training institutes in the country, which makes choosing the right one a challenge. While location and price are driving factors, also consider the manner of the education. How are the courses taught? What is my teacher going to provide me with that I can’t get just anywhere? A successful method of teaching is a hands-on approach. This has been used in schools across the United States, from kindergarten through college, ranging from colorful toys to expensive lab equipment. Some computer training companies have also followed this trend, providing educational hands-on experiments to supplement traditional lecture training. One instance of a training school implementing this teaching technique is the Academy of Computer Education.

While lecture training is essential to the learning process, it is not the only method of learning that should be used. This is especially true with course material that will lead the students to a hands-on job, such as an IT professional. If a person sits in a room while learning about what to do in certain situations, he or she might be overwhelmed the first time he or she experiences that problem in a work environment. However, if that same person has had the opportunity to try for themselves in a controlled environment with assistance, such as a classroom, that person is more likely to be comfortable approaching that situation outside of the classroom.

Also worth noting is that lectures aren’t the easiest way to retain information. When students are sitting in a classroom listening to a teacher for hours at a time, it is possible that their minds will wander or they will zone out completely, thus missing a good deal of information. However, if that same classroom has hands-on instruction, the students are more engaged, and more likely to retain that information.

How to Achieve LPT Certification

2009-08-17T10:24:00.001-04:00

EC-Council’s Licensed Penetration Tester (LPT) course is growing in popularity. But some people looking for certification still don’t know what’s required for this course. First of all, there are prerequisites. These include becoming CEH (Certified Ethical Hacker) and ECSA (EC-Council Certified Security Analyst) certified, and to complete the steps needed for the LPT course. In order to become certified, students must get a criminal background check, have a resume with references to check certification and experience, and submit license fees of $500 for two years. Overall, the student needs to attend the course for the duration of the days. If you opt to take the course full time, the LPT course runs in one week, 5 days a week for a total of 40 hours. There are no tests for the LPT course, but when taken with the ECSA course, there is an exam at the end of the dual course.

CISSP Heads the Security and IT Market

2009-07-29T09:23:00.002-04:00

International Information Systems Security Certification Consortium, Inc., abbreviated (ISC)², is the creator of the Certified Information System Security Professional (CISSP) course. It is highly touted as the premier Security course and certification available. On average, certificate holders have one of the highest salaries of all IT certifications.

However, the CISSP course and exam are not technically-driven. Instead, the course focuses on real-life situations and the vocabulary of the IT and security market. A person with CISSP certification is likely to have a job that explains security issues to the upper management, instead of finding and fixing problems themselves. CISSP certificate holders tend to manage an IT team instead of be a part of one.

MCITP – Enterprise Support Technician

2009-07-29T09:21:00.001-04:00

The Microsoft Certified IT Professional – Enterprise Support Technician (MCITP-EST) course is designed for experienced IT professionals who are looking to enhance their existing IT skills. Generally, this course is used for learning the “old tricks” on an updated Operating System or server.

Microsoft Certification is fundamental for the IT market. Microsoft products are used in a vast majority of businesses around the country. To ensure installation, maintenance and troubleshooting of Microsoft software, Operating Systems and servers, companies will often rely on Microsoft Certified IT Professionals. The MCITP – Enterprise Support Technician is a highly skilled IT professional who is fully prepared to oversee the network of a company.

Further still, MCITP – EST trained professionals are encouraged to research and learn on their own about new upgrades to software. This has a two-fold effect. Primarily, it is implemented to keep an IT Professional prepared for new software released by Microsoft and purchased by a company. But in addition, it prepares the certificate holder to easily prepare to maintain certification.

The Value of Security+ Certification in Northern Virginia

2009-07-27T09:13:00.000-04:00

Northern Virginia is the leading IT hub in the United States. Many companies have a headquarters located here, and the federal government agencies attract hundreds of government contractors. Obviously, security is a big issue when talking about IT and government work. So, in an area like Northern Virginia, security training is at a premium.

The first course that every potential information security worker should expect to receive is CompTIA’s Security+ course. It is an introduction course that focuses heavily on the vocabulary of the IT world, instead of jumping right into the technical studies. Security+ 2008 is required for anyone looking for an Information Assurance (IA) job within the government. Many private companies will also require a type of security training, and Security+ is a popular one.

For many IT workers, Security+ is only the first of several security training courses they will take over the next few years. However, it is a strong basis for an important career. Without a healthy security background for its employees, the government agencies would be struggling to find a standard for employment.

LPT and ECSA Training – A Leader in Advanced Security Methods

2009-07-23T16:00:00.001-04:00

Two of EC-Council’s advanced and popular courses are the Licensed Penetration Tester (LPT) and the EC-Council’s Certified Security Analyst (ECSA). Both of these courses are follow-ups to the ever-popular Certified Ethical Hacker (CEH) course, also offered by EC-Council.

Licensed Penetration Testers are qualified to safely and securely examine network security by mimicking similar techniques that everyday hackers are likely to perform. In this way, the network administrator, or someone similar, is able to prevent breeches in security preemptively. ECSA certified employees are able to analyze and make recommendations on the weaknesses of a network or system.

These two courses are often offered in a joint class, since many of the theories and practices overlap. LPT / ECSA training is valuable towards a better job in the IT business. Employers trust EC-Council Certificate holders because of the reinforcement on the ethics of hacking, so they don’t have to worry about compromising sensitive or private data.

The Growth of IT Certification in Northern Virginia

2009-07-14T11:47:00.002-04:00

Along the Dulles Technology Corridor, demand for highly trained IT workers is at a premium. Over recent years, Northern Virginia has grown as the leader of information technology. Numerous government agencies, government contractors and private businesses are based out of Northern Virginia, and the demand for technology has risen with these corporations and departments.

Many computer training schools have acted of this growth in technology. IT certification in Northern Virginia is a very popular and profitable market. With so many technology job opportunities in the area, IT training is almost required.

Department of Defense Directive 8570 Update

2009-07-13T12:23:00.001-04:00

The Department of Defense (DoD) Directive 8570.01-M is a new requirement by the DoD to have fully trained Information Assurance (IA) workers. Also known as the Information Assurance Workforce Improvement Program, the directive requires all IA workers to have a certain level of IT training. The most common courses pertaining to the directive are CompTIA’s Security+, Network+, A+ and Cisco’s Certified Information System Security Professional (CISSP).

The demand for IT training is rising because so many people are affected. The DoD has already required that 40% of the IA workforce must be fully certified by now, and requires 100% of workers to be certified within the next two and a half years. So in addition to all current employees of the Department of Defense’s IA, any prospective employee will definitely need to become certified beforehand. The main requirement for prospective employees is A+ and Network+, so these two courses are very popular right now. In some cases, Security+ is also a basic requirement.

CompTIA’s adoption of the American National Standards Institute forced the company to update several of its courses. The main chance is to Security+, which, starting in 2008, now has two more sections of material for the course and exam. Many of the IA workers for the DoD already were Security+ certified, so it was imperative for CompTIA to offer some sort of program to update one’s certification. So now people can take the Security+ 2008 Bridge Exam that updates their certification to the current standards of the Department of Defense and its contractors.

CompTIA Security+ 2008 Bridge Exam

2009-07-09T10:27:00.002-04:00

CompTIA, starting late in 2008, has updated its Security+ requirements. A new exam is in place for anyone taking the Security+ course now. However, it does bring up the issue of people certified under the old requirements and whether they need to get recertified.

In order to adhere to the standards and requirements from the American National Standards Institute (ANSI), whose principles CompTIA recently adopted, the Security+ course had to be modified. Although the material remains much the same as before, there are two additions. The first is a revamping of the Access Controls topic. Security+ 2008 now delves further into the topic of access controls, and has more questions on the exam on this topic. In addition to this, CompTIA has added the Audits and Assessments topic.

Why was CompTIA forced to update its material? ANSI supports a document called the National Conformity Assessment Principles (NCAP). In short, it is a set of regulations and principles that give CompTIA, and other companies that adhere to ANSI, strict guidelines for Security+ 2008 and other classes.

Now, people who have become certified under Security+ before October 2008 are faced with the question of whether to update their certification. For many security analysts and specialists, Security+ was just the first of several security training courses required. People with higher certification than just Security+ will probably not have to worry about getting recertified for Security+ 2008. However, many government and contracting jobs that require Security+ will have to get recertified for the 2008 version. An instance of this is the Department of Defense’s (DoD) 8570 Directive (read about it here). Also, all instructors for CompTIA must have the updated certification.

However, some companies might require its employees to gain the certification while others don’t. It is not a requirement for any private-sector business, so there is no consistency guaranteed. It all comes down to who wants what for their company.
Now the issue is how does one go about gaining recertification for Security+ 2008? Obviously nobody wants to retake the entire course, so CompTIA provides a bridge exam for Security+ 2008 for individuals who have already become Security+ certified. This bridge exam focuses on the two topics mentioned earlier: Access Controls and Audits and Assessments. The test covers questions only relating to this new material, so one does not have to go over all the information covered in the original Security+ course.

So for people who have SY0-101 certification, a short bridge exam is available to everyone looking (or required) to stay up-to-date with their Security+ 2008 certification.

What's Hot: Security Certifications

2009-07-09T08:53:00.010-04:00

It's widely known that the demand for IT Security professionals is one of the largest growing sectors in the IT field overall. As a result, employers are using certifications more and more as their baseline for evaluating job applicants. Let's take a look at some of the most common IT Security certifications and how they can be applied.

Security+
-- This, for lack of a better term, is the introductory course into the IT Security field. This class is not highly technical; it is more geared towards learning the terminology used by Security professionals. Obtaining a Security+ cert lets employers know that you "speak the language" and understand the concepts and frameworks essential to becoming an IT Professional.

-- Common job functions might include verifying implementation of security measures for a company's IT systems and also, documenting and presenting your findings to the IT managers.

-- Recommended background is at least 1 year of experience in the field and/or A+ and Network+ certifications. If you possess both, even better.

Certified Ethical Hacker (CEH)
-- CEH is a hands-on application course and certification. It is much more technical than the Security+ certification. The focus of this training is to learn and identify the common methods that hackers might use to attack networks and applications. CEH's are positioned within an organization as a means to prevent attacks and shore up existing vulnerabilities in their network.

-- Common job functions will include testing the network and applications for misconfigurations and security risks. It is also likely that a company will have it's CEH professionals handle the tasks of installing and configuring security devices such as firewalls and intrusion prevention/detection systems.

-- Recommended background is certifications in CCNA and MCITP as well as some knowledge of computer programming.

Certified Hacking Forensic Investigator (CHFI)
-- CHFI is another fairly technical course and certification. Much like the CEH, the CHFI focuses on learning the ways in which hackers can maliciously attack networks and applications. However, CHFI goes further and teaches how to gather and analyze evidence once an attack has occured, i.e. forensic data or "fingerprints".

-- Common job functions could include analyzing hard drives of compromised systems, or analyzing the data security devices such as the firewalls and other preventative security systems. Also, CHFI's could be called upon to give expert testimony in court cases involving hacking, fraud, etc.

-- Recommended background is certifications in A+/Net+ and MCITP as well as some knowledge of computer programming.

Certified Information System Security Professional (CISSP)
-- Although this is the highest of the four certifications listed here, it is NOT the most technical. It is a Security concepts course with focus more on upper management security issues, communication, and overall security team management. Common job titles for IT professionals with CISSP will be Information Assurance Manager or Information Systems Security Manager.

-- Common job functions include articulating security issues to upper management and interfacing with the employees who manage the IT Security systems. Professionals with the CISSP certification are highly revered and sought after by organizations looking for qualified personnel to manage their security infrastructure and security teams.

-- It is recommended that those individuals seeking CISSP have the three certifications listed above (Security+, CEH, and CHFI). In addition to those certifications, a minimum of 5 years work experience in the IT Security field is highly recommended.