In chewing over recent coverage at Mirek Burnejko’s ITCertificationMaster.com, I came across a gem entitled “How to Become a WiFi Security Expert for FREE.” It features the SWSE or SecurityTube Wi-Fi Security Expert certification, developed by well-known Wi-Fi Security Guy Vivek Ramachandran.
Although it consists of only 12 hours of video training, the SWSE covers a lot of surprisingly serious technical ground.
The self-professed “non-exhaustive” list of topics that the collection of videos in the training materials cover is pretty impressive, so I’ll just reproduce it verbatim here:
- Bypassing WLAN Authentication – Shared Key, MAC Filtering, Hidden SSIDs
- Cracking WLAN Encryption – WEP, WPA/WPA2 Personal and Enterprise, Understanding encryption based flaws (WEP,TKIP,CCMP)
- Attacking the WLAN Infrastructure – Rogues Devices, Evil Twins, DoS Attacks, MITM, Wi-Fi Protected Setup
- Advanced Enterprise Attacks – 802.1x, EAP, LEAP, PEAP, EAP-TTLS
- Attacking the Wireless Client – Honeypots and Hotspot attacks, Caffe-Latte, Hirte, Ad-Hoc Networks and Viral SSIDs, WiFishing
- Breaking into the Client – Metasploit, SET, Social Engineering
- Enterprise Wi-Fi Worms, Backdoors and Botnets
A complete 4.2 GB DVD image with all the videos is available for free download. Candidates can study and review the materials without enrolling on the SWSE page. But those who do enroll (and pay either $250 for the course and underlying infrastructure — more on that next — or $100 to take the cert exam by itself) can actually earn the credential itself (though the training can be free, the credential itself is not). The extra $150 above and beyond the exam cost gets candidates access to a student portal Website, Q&A forums, a PDF copy of the slides and course materials, a complete collection of home lab exercises and a practice test (“mock exam” in the home page’s terminology), a hardcopy certificate (suitable for framing, no doubt) and online certificate verification, plus free updates to course materials as they get produced.
As cert program offerings go, this one is pretty good. It comes from an impeccable source, is very reasonably priced, and provides a great set of materials to work from. Is it worth $250? I think so myself, but those on tight budgets can work from the free video materials, and buy Ramachandran’s book BackTrack5 Wireless Penetration Testing Beginner’s Guide for $50 or thereabouts), and save $100 on the high-end package, if they must. A pretty good deal all around, methinks.
According to my ongoing observations of how practicing and aspiring IT professionals get certified, it’s still the case that somewhere over half of those individuals chase their credentials down through the self-study route. That typically means that they buy one or more study guides and practice tests, plus possibly an Exam Cram, possibly some virtual lab time, and dig into study groups, user communities, and other resources online to learn what skills and knowledge they must master to pass however many exams a cert requires. But what if self-study isn’t your thing, or you’re in a situation where classroom training is needed (such as for topics where you’ve tried self-study but can’t get past the exam, or where the cert actually mandates a class, or whatever)?
At a high-end training center like those operated by New Horizons, Global Knowledge, and others of a similar stripe, or at high-octane boot camp operations like those from Intense School, Real MCSE Bootcamps, or Secure Ninja, it’s not unheard of to spend up to $1,000 a day for classroom training. And for a 5 to 14 day encounter, that means costs can really mount up. “Ouch!” say those who must fund such educational encounters out of their own pockets, in whole or in part (depending on the largess available from one’s employer, and the amount of funding at your disposal from the training budget).
I post today to remind readers that most American and Canadian IT professionals have another option for classroom training — namely, their local community college campuses. Rather than $500- $1,000 (or more) per day of classroom training, most community colleges deliver a wide range of certification-oriented classes with access to well-equipped computing labs for something on the order of $50 an hour and sometimes less (un- or under-employed workers seeking to retrain or retool may be eligible for low-cost/no-cost access to such classes, in fact). With a quick hop to my local outlets — at Austin Community College — I see offerings for certifications from Apple, CompTIA, Cisco, IBM, ISC-squared (CISSP), Microsoft, Oracle, the Project Management Institute (PMP), and the Certified Wireless Network Administrator (CWNA).
All of the power of higher education, training, and certification, at bargain prices.
[Image credit: Shutterstock 59541286]
It’s true that a course at a community college will typically run over an entire quarter (11-13 weeks) or semester (up to 21 weeks). Thus, you get your training spread out over a longer period, with less intense learning and more periodic exposure to your instructor and the learning lab. But if you can stand the more leisurely pace, you will probably pay less than half what that training would cost at a typical commercial training center or in a boot camp environment. That’s a great value for your money, and something a great deal more accessible and affordable to aspiring and practicing IT professionals, especially those who don’t work for an employer willing to fund (or help out with) those costs. Be sure to check out your local community college to see what’s on their IT training and certification menu. You might be surprised by what you find!
Microsoft draws on a recent IDC survey of IT executives and hiring managers at 600 global corporations to make some very interesting claims about the state of the job market for IT professionals with cloud skills and knowledge, and to measure and forecast job opportunities for those selfsame IT pros. As you can see in the figure that dominates this blog post (available online in the Born to Learn blog as “Infographic: The Skills Gap in Cloud Technology“) the increasing movement of such businesses IT operations into the cloud also means more jobs and opportunities for cloud-savvy IT professionals, both now and in the future.
The blog post goes so far as to claim that not only do cloud-related openings manifest significant double-digit growth through 2015 (up to 26% increase in overall such positions available), businesses are nearly unanimous (an unheard of 92%) that there is higher demand for cloud related skills now (April 2013) than there was a year ago.
And indeed, demand for cloud-qualified IT Professionals is going nowhere but up, as the third element in the infographic tellingly illustrates: whereas 1.7 million cloud-related IT jobs cannot be filled at present (that’s just one million less than the total employment in the US Information industry in April 2013, according to the latest figures from the US Bureau of Labor Statistics) that number is expected to balloon to over 7 million jobs by 2015 (significantly more than total US IT employment that year, even under the most aggressive growth projections possible, given current economic conditions).
Of course, Microsoft isn’t just telling you this to be helpful: they’ve got several dogs in this hunt, including a cloud track in their IT Academy program and the MCSE: Private Cloud certification as well. But there are a great many more opportunities in the cloud certification game than Microsoft by itself can bring to the table. See my Tom’s IT Pro article “Top 5 Cloud-Related IT Certifications” and Mirek Burnejko’s “How to Become a Cloud Computing Expert (From Zero to Hero)” for more information on this fascinating subject.
Until I saw the latest post (undated, viewed on 4/19/13) at Mirek Burejko’s excellent ITCertificationMaster website, I didn’t even *know* that D-Link had a certification program. But gosh, they do and it even embraces three tiers — Associate, Professional, and Engineer — as depicted in the overall program map I snatched from the D-Link Australia site.
What you see here is a basic certification ladder, where the DNDA (Associate) involves taking a 6-hour online self-paced theory only course that covers fundamentals of switching, storage, wireless, security and surveillance networking (registration link). There are four different DCNP credentials for Switch, Wireless, Firewall, and Surveillance topics. Earning a DCNE requires first earning the DNDA, and then the first three DNCP credentials (Surveillance is the only one NOT required, in other words), then taking a course and an exam. I’ve contacted D-Link USA to ask them about plans to import this program to North America, and will report back as soon as I hear further about this. Very interesting!
In the last decade-and-a-half I’ve made myself available to thousands of active and aspiring IT professionals to answer their questions, offer suggestions, and dispense career development and enhancement advice. If there’s one constant question that stands head and shoulders above all “the usual concerns” I’m repeatedly asked to address, it has to be that old favorite — “Which is better: a college degree or IT certification?” The real answer to this question, of course, is “Both,” because employers want job candidates to have a degree to show their ability to learn, to successfully complete a multi-year course of study, and hopefully also, to have absorbed some skills and knowledge of professional value along the way; and because employers like current certification as evidence that candidates have relevant, up-to-date skills and knowledge for specific tools, platforms, and technologies directly related to the job at hand. But then again, who doesn’t want to “have it all?”
I had a chance to ponder an interesting spin on this question in fielding a set of queries from a 17-year-old young man from South Africa recently. Our complete interchange is available for your perusal at Tom’s IT Pro in a blog post entitled “Making it in IT: College Degree or Certification?” This was a very interesting case in point for several particularly stark reasons:
- My interlocutor really regarded his choice as an “either-or” proposition, and needed to make an immediate decision
- His means were limited so he felt strongly he wanted to invest his (and his family’s) money first and foremost where it would provide the best immediate return
- He already had a surprisingly clear set of goals and objectives for a person of his age, which made it much easier to suggest a possible plan of attack
The net-net was that I recommended he find an academic program where he could either pursue certification as part of its outright curriculum (an increasing number of colleges, universities, technical schools, and community colleges or their international equivalents now include coverage for specific certs in their course offerings, primarily for the CompTIA, Microsoft, and Cisco offerings) or where he would be able to work with Microsoft development tools and environments in pursuing his desire to learn programming languages and skills. I also pointed him at the excellent DreamSpark program from Microsoft, which makes programming tools, languages, and platforms available for free to students enrolled at accredited academic institutions.
I’d like to think this helped him address his need for education and his need to develop relevant technical skills and knowledge for the workplace. But I remember being 17 once myself — long, long ago though it was — and I wouldn’t be surprised if a few twists and turns along the way take him to some unexpected way stations and stopping points. I do wish him and others in his situation only the best of outcomes, and submit a good education is a good foundation for life no matter where it may eventually lead.
Gosh, there’s been a lot of coverage in the new lately about Marissa Mayer’s decision to rein in teleworking at Yahoo, and a lot of ink spilled on that subject, both pro and con. I’d like to weigh in on it myself on the whole “work from home” topic, but from outside the corporate tent. I ran a small company from 1994 to 2004, that varied in size from a low employee count of 3 to a momentary high of 10 in 2000, just before the dot.com phenom turned into the dot.com bust. For that entire period, and for most of the time since 1987 through today, I have worked from home. The entire time my company was in business we never had office space: everybody worked from home, all the time.
Any time you ponder a job offer, it’s worth asking about a prospective employer’s work-at-home policies
[Image credit: Shutterstock 125936963]
I guess we were lucky because we worked in a completely deadline driven business — namely content creation and delivery. If the work didn’t get done on time, we didn’t get paid. If we couldn’t deliver the work at the stipulated price, we lost money. Needless to say, we mostly did the work on time, and we mostly made money. When we failed to do either, it was by mistake or mischance, and we learned from our mistakes and also learned how to minimize the chance that untoward circumstances could cut too deeply into our bottom line.
In the thirty-plus years I’ve been working in and around IT I’ve worked for companies that insisted that people report to an office to work with others where they could see and be seen; I’ve also (and primarily) worked for companies that didn’t require people to come in except for occasional meetings and annual parties and suchlike. By and large, I’ve enjoyed working for those companies, including mine, that conceded its employees were fairly adult, and could be relied on to get their work done without constant supervision. I also learned to ask for help when I needed it, and to tell my managers when I got into trouble (earlier on in that period) or when I could see trouble heading in my direction (later on, as I not only learned to recognize the warning signs, but also found out what could happen if I waited too long to yell for help). But I also enjoyed working at some of the desk jobs that I held, particularly when the employer did what they could to create a positive, supportive, and above all, interesting work environment.
Given that my work is the kind I can do anyplace I have a computer and a working Internet connection, my options are probably quite a bit more open than most people’s. But I have to believe that working at home can be a huge productivity win for those organizations smart enough to make it easy and fun for employees to do it anywhere from occasionally to all of the time. I can understand why Marissa Mayer might have found it necessary to bring all hands together to help keep a sinking ship above the waves, but I don’t think that a “no working from home” policy makes sense these days, not only because people can be more productive when they don’t have to commute or uproot themselves twice a day to keep life and work going, but also because working at home keeps cars off the road, energy consumption down, and generally makes for happier workers.
I wouldn’t be at all inclined to go to work for a company with a “no working from home” posture nowadays, and I have to guess that many readers will feel the same way. In fact, I urge you to explore your “work at home” and “work away from the office” options any time you consider a new employer. It could help steer you in to a calmer, happier, and more productive work situation.
I came across a very interesting new post on the Microsoft Learning Born to Learn blog this morning. Entitled “New Microsoft Office Specialist Exams Offer Real World Testing,” it explains how the latest generation of Microsoft Office Specialist (MOS) exams has been extensively reworked to more effectively plumb the depth and breadth of an exam-taker’s knowledge of the related Office Applications being tested. For what I’m about to explain, that applies only to MS Office and MS Excel for the time being, but it’s a very interesting and potentially telling change to the exam approach that has ruled until these exams were rolled out recently.
Aside: The Power of the Bottom of the Pyramid
Unlike most other Microsoft certs, however, the MOS program — and the primary MS entry-level technical certs known as the Microsoft Technology Associate, or MTA — is not directly under Microsoft’s control. The company has delegated these programs (which significantly outnumber the remaining credentials under direct MS control) to Certiport, a Pearson VUE company. Their MOS page indicates that “…more than 1 million MOS exams are taken every year in over 140 countries…” and I suspect the number of MTA exams is probably in the one-quarter to one-half million range yearly as well, and growing quickly now that these credentials have been opened up to the general public through Prometric (another Pearson VUE arm). In fact, Certiport shines at the bottom of many certification ladders (which are really best thought of as pyramids or ziggurats, since those solid shapes effectively represent the notion that the higher you climb, the fewer exams are taken and certifications conferred) and also offers entry-level HP, Adobe, Autodesk, Intuit, IC3, and even CompTIA fundamentals credentials.
So What’s New with the Word and Excel 2013 Exams?
In a word: coherence. MOS exams have long been action oriented where test takers are presented with formatted chunks of text and asked to create the same thing inside an input window, with all the usual menus and keyboard controls associated with the application(s) being tested at their disposal. This time around, that principal informs the entire exam, as this longish quote from the afore-cited Born to Learn blog post indicates:
“…the new format for the Microsoft Office Specialist (MOS) exams is a complete departure from anything that’s been used before. You are given a blank document, and shown a picture of sample document, and must reproduce that document exactly (and I mean exactly) using the program being tested (only Word and Excel are available right now). You get 50 minutes. If you produce the document exactly, you pass; if not, you fail. They don’t care how you arrive at the results; it’s the results that count.”
The idea is to present exam-takers with something challenging but also something that represents a typical workaday task for those who make these productivity tools stand up and bark for a living. And of course, that also means the curriculum and training materials to prepare candidates for these exams have adapted to follow suit. Professor James G. Lengel of Hunter College (the author of the blog post, and an early trainer for the new-format exams) explains these changes as follows:
“If we want our curriculum to mesh well with the approach taken in the exams, we’ll have to provide more real-world, from scratch, problem solving tasks, and we’ll have to provide plenty of practice in reproducing sample documents exactly. And focus on the new tools available in Office 2013 — if you try to build the document in the exam the old way, you’ll never have time to complete it.”
This is a great way to help motivate students to really learn these applications, and to tackle and master the many powerful tools that they make available to their users. Like Dr. Lengel, I see this change to the MOS approach as very positive and ultimately, as empowering for those who acquire the skills and knowledge necessary to pass such exams. Not only will they be ready to use these tools in the workplace, they will have gained some true-to-life experience in performing the kinds of tasks that the workplace will demand of them, day in and day out.
As the economic situation continues to improve slowly, by fits and starts, I’m starting to hear a growing chorus of doom and gloom from various pundits and gurus. Their basic point may be well-taken, and could indeed ultimately turn out to be correct, but it boils down to something like “So things are improving a little bit. So what? Soon, the bottom will fall out.” I tend to treat such analyses as a variation on the old Chicken Little theme (“The Sky Is Falling!”), but that doesn’t mean there can’t be at least a germ of truth in such gleefully dire predictions.
Let me offer two recent examples for your consideration:
1. Matt Clinch, CNBC, “Why US Jobs Market Is Going to Get a Lot Worse,” April 8, 2013.
2. Henry Blodget, Business Insider, “HUSSMAN: Wake Up, People — The Economy’s Lousy and Earnings Are Going to Tank,” April 8, 2013.
To what extent this genre of alarmism is simply calculated to attract eyeballs on the Web, I leave as an exercise to the reader. But both stories make some valid points, particularly when it comes to pointing out that the Fed’s policy of “quantitative easing” may be pumping lots of money into the markets, but that this doesn’t necessarily affect important fundamentals such as consumer and business confidence, which leads to more spending on the demand side and a greater willingness to hire more employees to help keep with the resulting increases in demand for their goods and services.
There’s a growing and uneasy consensus that recent manipulations of the capital markets over the past 5 or so years has removed too much of the natural elasticity in the economy, preventing it from going through its normal ups and downs. Of course, that happened because high-level economists and politicians decided they didn’t want to risk the results of a prolonged free-fall to plumb uncharted market lows when the market was headed into the Stygian depths of depression. But now that things are approaching something we can all recognize as more or less normal, artificial manipulation of the money supply and the markets is becoming increasingly vexing and troublesome (I’m voicing what I perceive as the underlying beliefs behind such sentiments, not acting as a spokesmodel for or even representing myself as an adherent to same).
Alas, I think we’re just dealing with the peripatetic nature of market and employment movements. A little bit up, a little bit down, some occasional sideways moves, and a lot of action on a small scale adds up to larger trends. My own personal belief is that confidence — both on the consumer and business side — is an important control over markets and the overall economy. Bring confidence up, and everything goes along with it; knock confidence down, and everything recedes apace.
Right now, our employment and economic indicators include a rich and confusing mixture of contrary and even contradictory signals. Some things are up, others are down, and nobody has a clear sense of direction be it either positive or negative. I have to believe this indicates a pattern typical of slow growth and slow decline where people and the markets can’t yet decide which way things are going. Do I see this as cause for concern: Yes, but only moderate concern. Do I see this as a harbinger for the Apocalypse? By no means! And remember, there’s always time to panic later, when the bottom really does fall out. For now, I remain convinced that we’re in an extended holding pattern, as confidence seeks to determine which way its arrow is pointing most strongly: up or down? Thus, sideways for the moment is the best any of us can foretell…
Before I dig into this interesting – and free – offering available from TrainSignal, I must disclose that I have worked for them in the past, on a lengthy white paper devoted to best practices for IT Cert Preparation. However, I went to work for them because I respect and admire what they do, and so I can submit the free materials on offer here as additional proof that my evaluation of the company is entirely justified. But professional ethics require me to share my past history with them, so now you know!
TrainSignal hired noted virtualization expert David Davis (who holds both CCIE and vExpert certifications from Cisco and VMware, respectively) to compile and deliver this 8-part series of videos on the general subject of Desktop Virtualization and VDI (Virtual Desktop Infrastructure). These videos are collectively entitled Intro To Desktop Virtualization, and all are available on YouTube. Here are links to, and information about each of the 8 lessons:
Lesson 1. Virtual Desktop Infrastructure (VDI) (basic overview of current IT desktop set-up and maintenance, primary motivation for use of VDI)
Lesson 2. What is Desktop Virtualization and VDI? (basic definitions, concepts, and technology for VDI)
Lesson 3: Desktop Virtualization vs. Terminal Services (compare and contrast terminal services to desktop virtualization, based on MS RDP versus common VDI approaches)
Lesson 4: Remote Desktop Services (RSD) in Windows Server 2008 R2 (Microsoft Remote Desktop Services, RDS, not to be confused with RDP, is based on Windows Server 2008 R2)
Lesson 5: Citrix’s XenDesktop (covers Citrix XenDesktop virtualization environment works with XenServer, Hyper-V, and vSphere).
Lesson 6: VMware’s View 5 (VMware view works on with vSphere, but offers interesting, powerful capabilities)
Lesson 7: Desktop Virtualization Certifiications (about Desktop Virtualization Certifications from VMware, Citrix, and MS)
Lesson 8: Installing Citrix VDI-in-a-Box (try-it link provides free access to a standalone VDI for vSphere, Hyper-V, and XenServer)
Though the material is a little bit dated (for example, it references VCP 4 rather than VCP 5-DV, the most current VMware Certified Professional credential), there’s still a lot of good content here. It’s a great entry point for those looking to understand the basics of today’s technical and commercial VDI landscape in IT. Highly recommended, and the price is right, too!
Today’s the day that the US Bureau of Labor Statistics reports employment numbers for the preceding month. And despite more bullish forecasts from numerous economists of jobs in the 150,000-180,000 range for March, 2013, it looks like ADP’s earlier data, which suggested something under 100,000 were correct this time. The official number for March is 88,000 with overall unemployment still at 7.6 percent. The interesting remark in this most recent report reads: “Employment grew in professional and business services and in health care but declined in retail trade.” (For links to the report and tables see the Note at the end of this blog post, please.)
A quick dive into the numbers for the Information category in Table A-14 shows that unemployment in one of IT’s home sectors continues trending downward: whereas total unemployment in March 2012 for this sector stood at 8 percent (232,000 unemployed total), for March 2013 that rate had declined to 5.2 percent (145,000 unemployed total). But in another core area for IT professionals (mostly those working in consulting or services companies) — namely, Professional and Business services — unemployment still remains above the national average. It was 9.7 percent in March 2012 (1.5 million unemployed total), and 8.9 percent in March 2013 (just under 1.4 million unemployed total). And finally, the self-employed niche shows a slight uptick, up from 5.5 percent (543,000 unemployed total) in March 2012, versus 5.6 percent (537,000 unemployed total, a number that reflects some departures of workers from this sector) in March 2013.
What does this all tell us about the state of employment in the USA, and coming prospects for IT workers? First and foremost, it maintains the ongoing observation that our economy is growing, but not only slowly overall, but also by fits and starts. Last month’s big numbers of 236,000 buoyed enthusiasm — and the markets — with a perception that recovery might be accelerating; this month’s much smaller numbers (just under 38 percent of last month’s) show that the recovery is not on a steady trajectory. I’m sure the markets will react negatively to this understanding. It may also dampen some of the optimism that led forecasters to predict accelerating growth in IT jobs for the second half of 2013 as well. One thing’s for sure: it still remains a guessing game to decide when the economy has “gotten better,” and when employment has returned to a normal footing. In the meantime my constant mantra for IT workers remains “Be calm. Stay put. Wait it out.”
[Important note: For the current month — March, 2013, in this case — the US BLS always uses the same link for its most recent Employment Situation Summary. Until the next report is released in early May, this link remains valid. After that you must turn to their archives to find the report for March, 2013, instead.]