IT Certifications

MIKHAEL FELKER (CISSP-ISSEP, MCSA, SECURITY+, LINUX+, NETWORK+, INET+) Certifications in IT

Disclaimer
The ideas presented here do not represent the views of the Heinz School, Carnegie Mellon, or the Department of Defense. They are solely the opinion of the author.

Agenda
What are IT certifications?
Information Assurance in US Gov’t
Cost-Benefit Analysis
Q & A

Certification
Wikipedia: “Certification…is a designation …to certify that he is qualified to perform a job . …indicates…[has] specific set of knowledge , skills , or abilities … certifications are awarded by professional bodies and corporations . The difference between licensure and certification is licensure is required by law , whereas certification is generally voluntary . Sometimes the word certification is used for licensure .”

Industries
Accounting: CPA
Engineering (Civil): Professional Engineer
Finance: CFA
IT/IA: ???
Generally “software” people do not like to talk about certifications.

Certified by the Numbers
Microsoft 1
MCP: 963,606+
MCSE: 244,153+
CompTIA 2
Combined Certs: 900,000+
Cisco 3
CCNA or other: 700,000+
PMI 4
PMP: 50,000+
Redhat
RHCE: 7500+
1 Source: http://mcpmag.com/certbasics/ 2 http://certification.comptia.org/about.aspx 3 Source: http://certcities.com/certs/other/cert.asp?ID=14 4 Source: http://www.pmichapters-australia.org.au/melbourne/membersncert/pmp.htm

Certifying Bodies (over 22):
Certiport
Check Point
Cisco
CIW
Citrix
CompTIA
CWNP
EC-Council
IBM
ISACA
(ISC) 2
LPI
Microsoft
MySQL
Novell
Oracle
PMI
Red Hat
RSA
Sun
TIA
TruSecure
Do I get one? Which one?

Vendor vs. Vendor Neutral
Advantages Vendor
Specific knowledge for a particular product or service
Direct application of skills/tools
Market skills to a particular company that uses a vendor
Advantages Neutral
Greater transferability in skills
No “tunnel” syndrome
Not locked into any particular vendor

Vendor Certifications
Popular Vendors:
Cisco
Microsoft
RedHat
Oracle
Popular Categories:
Networking
Development
Operating Systems
Database Management
Don’t fall in the tar pit
Not all vendors, or vendor certifications are equal

Vendor Neutral
CompTIA
(ISC) 2
PMI

Certification Levels
Entry (e.g. CompTIA)
Entrant to field or improvement of skills (e.g. 6 months – 1 year)
Intermediate (e.g. CCNP)
Currently working in the field, mastery of a particular set of products.
Advanced (e.g. PMP, CISSP)
Several to numerous years of work experience
How many exams for the Certification?

Government employees/contractors

ANSI/ISO accredited
ISO/IEC17024
“ is an International Standard which sets out criteria for bodies operating certification of persons.”
Is important because recent DoD Directive
“ Requires all IA certifications be accredited under ISO/IEC Standard 17024 (“equivalent” certifications acceptable if approved by OSD or accredited to ISO/IEC Standard 17024 by authorized body).”
Source: IAF-GD24-2004 Guidance on ANSI/ISO/IEC 17024

SFS students and Government Contractors
Department of Defense (Top-Down)
Directives (Policy)
Instructions
Manuals (Implementation)
DoD Directive 8570.1, "Information Assurance Training, Certification, and Workforce Management," August 15, 2004
Two tracks
Technical & Managerial (three levels: I, II, III)
Source: http://www.dtic.mil/whs/directives/

Government work: what certification to get?

Cost-Benefit

Time/Cost
Preparation
Study Time, test time, possibly recertify
Initial Cost
Study materials ~ $30 - $100
Exam fees ~ $130 - $1000
Boot camp ~ $2,000 - $5,000
Upkeep fees/Annual Maintenance Fees (AMF)
Varies ~ $0 - $100
Continuing Professional Education (CPE)
Varies ~ $0 – cost of conference (several thousands dollars)

Testing
Computer Based Testing (CBT)
Prometric/Vue centers (worldwide)
Specific Administration
Time/date limited
Practicum in-person
Perform a set of tasks in a lab environment (e.g. CCIE, RHCE)

Requirements
Some or all of the following:
Prior entry/mid level certifications
Years of Experience
3 rd party verification (e.g. employer)
Passing exam score or practicum
Comply with code of ethics

Continuing Professional Education (CPE)
Attending educational courses or seminars
Attending security conferences
Being a member of an association chapter and attending meetings
Listening to vendor presentations
Completing university/college courses
Providing security training
Publishing security articles or books
Serving on industry boards
Self-study
Completing volunteer work
Source: (ISC) 2

Renewal
Many exams require renewal (e.g CCNA after 3 years)
Substitute renewal with CPEs
Renew by taking higher level certification

Benefits
Marketability
Increased skill set
Increase salary potential (possibly)
Check the average salary ( http://www.payscale.com/index/US/Certification )

Downsides
“ This is the first time skills have trumped certifications since our firm began surveying tech skills pay in 2000.”
Source: http://www.eweek.com/article2/0,1895,1954198,00.asp

Stereotypes
"Paper" MCSEs
No knowledge
How to deal with it, and respond

Certifications as Strategic Tools
Higher percentage of callbacks from keyword searches
Ability to perform work X because I am certified
Requirements of Government
As quick verification of baseline skills

Side Notes

Skimming Time
Some certifications let you substitute one certification for years of experience, or exams (e.g. Security+ can be an elective exam for MCSE)

Certification housekeeping
Keep track of Certification
IDs
Date
Time
Location
Find an appropriate method to store CPEs
Know how to get verification (employers sometimes request it)
Become aware of the side benefits of certain certifications
Special accounts for jobs postings, discounts on education conferences, etc.

Takeaways
Certifications don't guarantee salary increases (although possible)
Increased knowledge
Increased respect and networking potential (e.g. LinkedIN group for CISSPs)
Vendor certifications creates “lock-in”
Salary surveys (might undervalue)
Don’t account for advanced degree(s)

Questions
Feel Free to e-mail me:
Mikhael Felker – [email_address]

Sites of Interest
http://www.tcpmag.com/
http://www.mcpmag.com/
http://certcities.com/
http://www.sans.org/salary2005

http://www.mikhaelfelker.com	4
http://jernestoz.blogspot.com	4
http://www.slideshare.net	2
http://www.techgig.com	2
http://www.visualcv.com	1
http://115.112.206.131	1

IT Certifications

by Mikhael Felker

Accessibility

Categories

Upload Details

Usage Rights

6 Embeds 14

Statistics

IT Certifications Presentation Transcript