This information is also available as a PDF download.

There are hundreds of tech certification programs and exams out there, some sponsored by software vendors, some by vendor-neutral organizations, and some by educational institutions. A number of them are easy to obtain — as evidenced by the many IT pros who list a three-line string of acronyms after their names. You pay your money and you take a multiple-choice test; if you pass, you’re in.

Others are excruciatingly difficult: Cost is high; eligibility to even take the exam is dependent on having years of experience, formal education, and/or sponsorship from others who already hold the title; and the exams are grueling, multi-day affairs that require hands-on performance of relevant tasks. Most are somewhere in between.

But which certifications really provide a measure of your knowledge and skills in a particular area? And which will really help you get a job or promotion? Here’s a look at 10 of the technical certifications that actually mean something in today’s IT job market.

 

#1: MCSE

The Microsoft Certified Systems Engineer (MCSE) certification suffered a bad reputation several years back when numerous people were memorizing the answers to exam questions from “brain dumps” posted by test-takers on the Internet and obtaining the certification without any real understanding of the technology.

Microsoft responded by replacing the knowledge-based multiple-choice questions with a variety of performance-related scenario questions that make it much more difficult to cheat. The difficulty level of the questions was escalated, and the number of exams required to obtain the certification was increased to seven.

The MCSE has consequently regained respect in many corners of the IT community and is a useful certification for demonstrating your expertise in Microsoft server products.

#2: MCA

In addition to making the MCSE exams more difficult, Microsoft has created many new certifications. The Microsoft Certified Architect (MCA) is the premiere Microsoft certification, designed to identify top experts in the industry. To obtain the MCA, you must have at least three years of advanced IT architecture experience, and you have to pass a rigorous review board conducted by a panel of experts.

There are a number of MCA programs. The infrastructure and solutions MCA certifications cover broad architecture skills, but there are also more technology-specific programs for messaging and database skills. There are currently fewer than 100 MCAs in the world, making this an elite certification.

#3: CCIE

The Cisco Certified Internetwork Expert (CCIE) is widely recognized as one of the most difficult to obtain (and expensive) IT certifications. Like the MCSE/MCA, it’s a vendor-sponsored certification, focusing on Cisco’s products.

The online cialis CCIE requires that you pass both a written exam and a hands-on lab. To sit for the written exam, you must pay $300 and choose from one of several tracks: Routing and Switching, Security, Storage Networking, Voice, and Service Provider.

You must pass the written exam before you’re eligible to take the lab exam. This is an eight-hour hands-on test of your ability to configure and troubleshoot Cisco networking equipment and software. The lab exams cost $1,250 each. This does not, of course, include travel expenses that may be necessary since the labs are conducted only in certain locations.

As if all that weren’t enough, you don’t get to rest on your laurels after obtaining the certification. CCIEs must recertify every two years or the certification is suspended.

#4: CCSP

Another Cisco exam that’s popular with employers in today’s security-conscious business world is the Cisco Certified Security Professional (CCSP). It focuses on skills related to securing networks that run Cisco routers and other equipment.

You’re required to pass five written exams and must recertify every three years by passing one current exam. Before you can take the CCSP exams, you must meet the prerequisites by obtaining one of Cisco’s lower-level certifications, either the Cisco Certified Network Associate (CCNA) or the Cisco Certified Internetwork Specialist (CCIP).

#5: CISSP

Security certifications confer some of the highest-paying jobs in IT today, and one of the most well-respected non-vendor specific security certifications is the Certified Information Systems Security Professional (CISSP). The organization that grants the CISSP is the (ISC)², which was founded in 1989 and has issued certifications to more than 50,000 IT professionals.

Exam candidates must have at least four years of direct full-time work experience as a security professional. One year of experience can be waived if you have a four-year or graduate degree in information security from an approved institution. Another unique feature of the CISSP is that you must subscribe to the (ISC)² code of ethics to take the exam.

Exam fees vary based on geographic region. In the United States, standard registration is $599 ($499 for early registration). You must recertify every three years by obtaining at least 120 hours of continuing professional education, and you must pay a yearly fee of $85 to maintain the certification. The exam is a six-hour test consisting of 250 multiple-choice questions.

#6: SSCP

For those who can’t meet the rigorous experience requirements to sit for the CISSP, the (ISC)² also offers the Systems Security Certified Practitioner (SSCP) certification. SSCP candidates need have only one year of direct full-time security work experience. The exam consists of 125 multiple-choice questions, and you have three hours to complete it.

Those who pass the written exam must be endorsed by someone who holds a current (ISC)² certification and will attest to the candidate’s professional experience or by an officer of the corporation or organization that employs you (owner, CEO, managing partner, CIO, etc.). As with the CISSP, you must recertify every three years by submitting proof of continuing education credits and paying an annual maintenance fee.

#7: GSE

Another popular and well-regarded security certification is the GIAC Security Expert (GSE), offered by the SANS Software Security Institute. Before you can attempt the GSE, you must complete three lower-level certifications: GIAC Security Essentials Certification (GSEC), GIAC Certified Intrusion Analyst (GCIA), and GIAC Certified Incident Handler (GCIH).

The lower-level certifications require passing multiple-choice exams, and at least two of the three certifications must be at the “Gold” level, which requires that in addition to the written exam, you submit a technical report that’s approved to be published in the SANS Reading Room. A personal interview is also part of the GSE qualification process.

Pricing depends on whether you take the exam as part of SANS self-study or conference training programs or challenge the exam. Without the training, each lower-level exam costs $899.

#8: RHCE/RHCA

Many companies are looking to save money by switching to Linux-based servers, but they need personnel who are trained to design, deploy, and administer Linux networks. There are a number of Linux certifications out there, but the Red Hat Certified Engineer (RHCE) certification has been around since 1999 and is well respected in the industry.

The exam is performance-based. You’re required to perform actual network installation, configuration, troubleshooting, and administration tasks on a live system. You have a full day (9:00 a.m. to 5:00 p.m.) to complete it. The cost is $749.

The Red Hat Certified Architect (RHCA) is an advanced certification that requires completion of five endorsement exams, each of which costs $749 and range from two to eight hours. Like the RHCE exam, they are hands-on skills tests. You must have the RHCE certification to take the RHCA exams.

#9: ITIL

For those who aspire to management positions in IT services, the Information Technology Infrastructure Library (ITIL) certifications provide demonstration of knowledge and skills involved in that discipline. There are three certification levels: Foundation, Practitioner, and Manager.

The Manager level certification requires completion of a rigorous two-week training program, and you must have the Foundation certification and five years of IT management experience. Then, you must pass two three-hour exams consisting of essay questions.

#10: Certifications for special situations

Many specialist exams are available in IT subcategories that can be helpful to those who want to specialize in those areas. Some of these include:

In addition, for those who have little or no experience in IT, entry-level certifications such as those offered by CompTIA may help you get a foot in the door as you start your IT career.

February 18th, 2009

Posted by Mary Jo Foley

Internet Explorer 8 [IE 8] is nearing the finish line, with a March release to manufacturing looking like a distinct possibility. But is IE 8 — or, more accurately — Web site developers and owners — really ready?

I have been testing IE 8 since the code became available publicly. And one thing that hasn’t changed much over the past several months is the fact that many Web sites still aren’t compatible with IE 8.

I’m not blaming the site owners here. Microsoft officials have known all along that even though the IE team is doing the “right” thing by finally making IE more standards-compliant, they are risking “breaking the Web” because the vast majority of Web sites still are written to work correctly with previous, non-standards-compliant versions of IE.

Microsoft has tried to mitigate the effects of moving to a default standards-based view in a few ways. IE 8 comes with a “Compatibility View” button that will non prescription cialis “fix” a seemingly broken site if a user knows to press it. Microsoft went a step beyond this with IE 8 Release Candidate 1, issued in January, by adding a downloadable list of sites that would automatically trigger IE 8 to move directly to compatibility mode, rather than standards mode.

(Here is the list of the 2,400 sites that are on Version 1.0 of Microsoft’s Compatibility View list.)

The Compatibility View list includes some major sites — Apple.com, CNN.com, eBay, Facebook, Google.com, NYTimes.com — even Microsoft.com (!) — and lots, lots more. Users also have the option of adding IE-8-incompatible sites they visit that didn’t make it onto the list that will be appended to the schema list they download.

The Compatibility List has made my IE 8 browsing a lot more stable. When I go to the NYTimes.com site now, it just works. The Compatibility View button (the icon for which looks like a broken Web page and is typically located directly to the right of the URL address bar) doesn’t appear at all (as is the case for all sites on the Compatibility List).

That said, there are a lot of sites I visit that aren’t on the list. And more often than not, they fail to render correctly with IE 8. Sometimes I remember that I should try hitting the Compatibility View button to see if there are boxes and buttons and text there that I can’t see because I am using IE 8. Other times, when I am visiting a site with which I’m unfamiliar, I don’t realize what I’m missing.

 

I’m at the point now — if a site looks weird, is slow or just doesn’t seem to be working right — I simply assume it is IE 8’s fault. Sometimes I’m right (as I discover when I open the same site in Firefox or Chrome and it looks and works fine). Other times, I’m not — a site just might be down or broken. The bottom line is I’ve come to expect a rocky browsing experience when using IE 8.

I doubt the compatibility experience is going to change much, if at all, between now and the time IE 8 is released. For months, Microsoft has been banging the drum for site owners to update their code — either by adding compatibility tags or redoing sites to take into account the changes in IE 8. Many site admins and developers have said they weren’t willing to take on that task until Microsoft delivered a near-final test release — at least a Release Candidate.

Some critics have said they think Microsoft is doing a disservice to developers by offering compatibility work-arounds. They say Microsoft created its own problems by delivering previous IE releases that flouted standards — which is true. And now Microsoft should bite the bullet and just go the 100-percent-standards route, they reason. That might be a better course in the long run for Web developers tired of having to do separate versions of sites and apps for standards-based browsers and for IE, but it punishes Web users in the interim.

What’s going to happen when IE 8 goes final and non-techie users have it pushed to them or get new PCs with IE 8 preloaded? I wouldn’t be surprised to see further losses in IE market share, as frustrated users find only some of their favorite Web sites displaying correctly but don’t really understand why. Perhaps Opera and its chums won’t need the antitrust courts to get a leg up on Microsoft, after all….

Do you use MS Word's Print or Web Layout Views? If so, do you ever find yourself trying to guess how close you are to the text boundaries you've set with your margins?

Let's consider this situation: You're trying to place a graphic within your document and you don't want it to be in the margins. So, where exactly is the edge? You could "eyeball" it and guess based on the rulers. You could scroll the document up so that you have the top ruler to help with the placement, but wouldn't it be easier if you could just see where the margins are right on the document?

I'm all for that, so let's see what we can do!

In older versions of Word, you need to go to the Options window (Tools menu), View tab.

A security researcher has demonstrated a way to hijack Secure Sockets Layer (SSL) sessions to intercept login data.

 

Moxie Marlinspike, who spoke at the Black Hat security conference on Wednesday, explained how to subvert an SSL session by performing a man-in-the-middle attack. The anarchist researcher explained in a YouTube video that the attack uses a tool developed called SSLstrip, which exploits the interface between http and https sessions.

 

"SSLstrip man-in-the-middles all of the potential SSL connections on the network, specifically attacking the bridge between http and https," Marlinspike said in the video.

 

Secure Sockets Layer, and its successor Transport Layer Security, are cryptographic protocols used to encrypt communications over TCP/IP networks. SSL and TLS are often used by banks and other organizations to secure web transactions.

 

The attack relies on users not directly calling medicament cialis up an SSL session by typing a URL into a browser. Most users initiate sessions by clicking on a button. These buttons are located on unencrypted http pages, and clicking on them will take users to encrypted https pages to log in.

 

"That opens up all kinds of avenues for ways that you might intercept [details]," Marlinspike said. In his Black Hat presentation, he claimed to have gathered details on 117 email accounts, seven PayPal logins and 16 credit card numbers, within a 24 hour period.

 

SSLstrip works by watching http traffic, then by acting as a proxy when a user attempts to initiate an https session. While the user believes the secure session has been initiated, and SSLstrip has connected to the secure server via https, all traffic between the user and SSLstrip is http. This means "disastrous warnings" displayed by browsers are avoided, as to the browser the session appears normal. Login details can then be harvested.

 

Marlinspike said that an https padlock logo can be spoofed in the URL bar, to further lull the user into a false sense of security.

 

While SSL is generally accepted as being secure, security researchers have claimed SSL communications can be intercepted. In August last year, researcher Mike Perry said he had been in discussions with Google regarding an exploit he planned to release, which would allow a hacker to intercept a user's communications with supposedly secure websites over an unsecured Wi-Fi network.

This information is also available as a PDF download.

Keyboard shortcuts are a mainstay for most Word users who are trying to streamline their work. Even brand-new users start slinging around Ctrl+C and Ctrl+V soon after mastering the intricacies of scrolling. But keyboard shortcuts are often nonintuitive and hard to remember. (What mnemonic would you use to recall that Ctrl+E centers document text or that Ctrl+T produces a hanging indent?)

That’s where mouse shortcuts — the unsung hero of built-in functionality — can take up the slack. Users probably know the basic moves: Right-click on an item to display a shortcut menu, double-click to select a word, triple-click to select a paragraph. But Word has quite a few additional mouse tricks up its sleeve. This overview will help you (and your users) learn some easily remembered techniques to gain quick access to a host of Word options.