Certification - January 2009 - (Page 12) dEAR TEChIE Experience Key in starting security Career I’m 40 years old and would like to pursue a network security career. Currently I’m attending an A+ certification class — a 6-month course, completely entry level — and doing Net+ next. Everyone says Cisco is the way to go. I can’t afford to make any mistakes at this point: I am changing careers as I have spent the last 10 years as a supervisor for a national tree-trimming company. Any help or advice would be great for this rookie. – Ron Ken Wagner: It’s great that you have a goal in mind already, but please realize that most companies will require you to have previous IT experience in network administration before they will employ you in the security field of IT. I don’t want to dishearten you; I just want you to be aware. First, take a look at the U.S. Department of Defense Directive 8570.1 (DOD 8570.1). It’s aimed mainly for government employees who conduct information assurance (e.g., IT security) functions, but it does provide good guidelines for security certifications in other sectors. With that in mind, I would strongly advise you take a look at the CompTIA Security+. It is a vendor-neutral, entry-level security certificate and provides a good basis on which to build. I also would have advised ISC2’s Systems Security Certified Practitioner (SSCP), but for that you need at least a year of experience, so the Associate of (ISC)² is a better choice. Going for the Cisco Certified Network Associate (CCNA), in particular the security specialization, could be dicey at this time. That’s because the CCNA is vendor-specific and expires after three years, and there is no guarantee that you’ll be working with Cisco in three years, especially when starting out. Therefore, I’d recommend going for the Cisco Certified Entry Networking Technician (CCENT) to give you a good overview and a base for further Cisco certifications. I also recommend you consider these two entrylevel security certifications: Security Certified Network Specialist (SCNS) — which requires that you have either the Security+ certification or equivalent work experience — and the EC-Council E-Business Security Exam — which covers information security from an organization’s point of view. Wayne Anderson: This is a difficult time. Months of layoffs at some tech-savvy companies have created a glut of newly available, skilled IT professionals who will be competing with you for each open position. Network security in particular requires the expertlevel grasp of basic technology skills upon which to build more specific knowledge. Further, companies want to be comfortable with your technical prowess in being able to grasp the challenges and threats facing their particular enterprise. Focus on building your certification portfolio and your experience in a nonspecific administration context first. You will need to be intimately familiar with the physical and logical networking of a company, as well as Windows and Linux operating systems, as these are the operating environments of most large firms. Finish your CompTIA certification and then pursue the Security+ credential. The Security+ is a crossvendor, entry-level certification. Also, plan on spending some time learning the compliance aspects of the security management space. Many of the security positions in the industry are with organizations that have a compliance requirement pursuant to such regulations as outlined by the Sarbanes-Oxley Act (SOX), the Payment Card Industry (PCI) and the DOD. Recognizing how those compliance requirements work will give you a head start toward building the skills, certifications and experience you will need for your longer-term security career. 8 Wayne Anderson is the global manager of technical training development and certification for Avanade, a global Microsoft-focused consultancy. Ken Wagner is an IT network manager and part-time IT lecturer in the United Kingdom. He has lived in the United States, Asia and Europe. To pose a question to Ken and Wayne, send an e-mail to DearTechie@certmag.com. 12 CERTIFICATION MAGAZINE January 2009 http://www.isc2.org/dod-fact-sheet.aspx?terms=Site Search http://www.isc2.org/dod-fact-sheet.aspx?terms=Site Search http://www.isc2.org/sscp/default.aspx https://www.isc2.org/associates/default.aspx http://www.cisco.com/web/learning/le3/le2/le0/le9/learning_certification_type_home.html http://www.soxlaw.com/ https://www.pcisecuritystandards.org/ https://www.pcisecuritystandards.org/ http://www.cisco.com/web/learning/le3/le2/le45/learning_certification_level_home.html http://www.cisco.com/web/learning/le3/le2/le45/learning_certification_level_home.html http://www.securitycertified.net/Certifications/SCNS.aspx http://www.securitycertified.net/Certifications/SCNS.aspx http://certification.comptia.org/security/ http://www.eccouncil.org/Exam/212-25.htm http://www.eccouncil.org/Exam/212-25.htm
Table of Contents Feed for the Digital Edition of Certification - January 2009 Certification - January 2009 Editor's Letter Contents Data Stream Virtual Village Tech Careers Dear Techie Academic Connection Troubleshooting What We Like Look Ahead The New Convergence Formula Cybersecurity: Are You Safe? Interface Lead Applications Developer: The IT Ambassador Inside Certification Ad Index Endtag Certification - January 2009 Certification - January 2009 - (Page Intro) Certification - January 2009 - Certification - January 2009 (Page Cover1) Certification - January 2009 - Certification - January 2009 (Page Cover2) Certification - January 2009 - Editor's Letter (Page 3) Certification - January 2009 - Contents (Page 4) Certification - January 2009 - Contents (Page 5) Certification - January 2009 - Data Stream (Page 6) Certification - January 2009 - Data Stream (Page 7) Certification - January 2009 - Virtual Village (Page 8) Certification - January 2009 - Virtual Village (Page 9) Certification - January 2009 - Tech Careers (Page 10) Certification - January 2009 - Tech Careers (Page 11) Certification - January 2009 - Dear Techie (Page 12) Certification - January 2009 - Dear Techie (Page 13) Certification - January 2009 - Academic Connection (Page 14) Certification - January 2009 - Academic Connection (Page 15) Certification - January 2009 - Troubleshooting (Page 16) Certification - January 2009 - Troubleshooting (Page 17) Certification - January 2009 - What We Like (Page 18) Certification - January 2009 - What We Like (Page 19) Certification - January 2009 - Look Ahead (Page 20) Certification - January 2009 - Look Ahead (Page 21) Certification - January 2009 - The New Convergence Formula (Page 22) Certification - January 2009 - The New Convergence Formula (Page 23) Certification - January 2009 - The New Convergence Formula (Page 24) Certification - January 2009 - The New Convergence Formula (Page 25) Certification - January 2009 - Cybersecurity: Are You Safe? (Page 26) Certification - January 2009 - Cybersecurity: Are You Safe? (Page 27) Certification - January 2009 - Interface (Page 28) Certification - January 2009 - Interface (Page 29) Certification - January 2009 - Lead Applications Developer: The IT Ambassador (Page 30) Certification - January 2009 - Lead Applications Developer: The IT Ambassador (Page 31) Certification - January 2009 - Lead Applications Developer: The IT Ambassador (Page 32) Certification - January 2009 - Lead Applications Developer: The IT Ambassador (Page 33) Certification - January 2009 - Inside Certification (Page 34) Certification - January 2009 - Inside Certification (Page 35) Certification - January 2009 - Inside Certification (Page 36) Certification - January 2009 - Ad Index (Page 37) Certification - January 2009 - Endtag (Page 38)
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.