|
DoD-Approved Baseline Certifications
IAT Level I:
A+
Network+
SSCP GSEC
IAT Level II:
Security+
SCNP
SSCP
IAT Level III:
CISA
GSE
SCNA
CISSP (or Associate)
GCIH
IAM Level I:
CAP
GISF
GSLC
Security+
IAM Level II:
CAP
GSLC
CISM
CISSP (or Associate)
IAM Level III:
GSLC
CISM
CISSP (or Associate)
IASAE I:
CISSP (or Associate)
IASAE II:
CISSP (or Associate)
IASAE III:
CISSP-ISSEP
CISSP-ISSAP
CND Analyst:
GCIA
CEH
CND Infrastructure Support:
SSCP
CEH GCIH
CND Incident Reporter:
GCIH
CSIH
CEH
CND Auditor:
CISA
GSNA
CEH
CND-SP Manager:
CISSP-ISSMP
CISM
Who is affected by this directive?
Because both full-time and part-time military
service members, contractors, and foreign
employees with privileged access must obtain
certification, this directive affects an
estimated 100,000 personnel. In addition,
certified personnel are required to maintain
certification by completing a certain number
of hours of continuing professional education
each year. At the time of its conception,
in 2004, the directive required a certain
percentage of personnel to obtain the appropriate
certification and be compliant. This percentage
increased each year. Now, in 2011, all military
personnel must be compliant.
What certifications are required?
Because of a recently-added
clause to the Defense Federal Acquisition
Regulation Supplement (DFARS) requiring
businesses bidding on new DoD IT contracts
to have compliant personnel, it is essential
that companies understand the specific details
and requirements of these certifications.
While some certifications can be earned
by passing a single exam, others require
passing two exams or having other certifications,
as well as past experience. The primary
IA certifications with which both companies
and personnel should be familiar include
the following:
· CompTIA
A+ - Users who attain the A+
certification are usually referred to as
a helpdesk technician, computer support
professional, or IT technician. In addition
to having strong technical knowledge, these
professionals have good customer service
skills and a willingness to assist clients
with their computer needs. This particular
certification can be obtained by passing
two exams: CompTIA A+ Essentials (220-701)
and CompTIA A+ Practical Applications (220-702).
For each exam, candidates have 90 minutes
to complete 100 questions.
· CompTIA
Security+ - An entry-level
credential that demonstrates the candidate’s
understanding of concepts relative to Information
Security in the workplace, this certification
paves the way for experienced professionals
seeking careers as security architects,
security engineers, security consultants,
information assurance technicians, security
administrators, systems administrators,
or network administrators. In addition,
CompTIA Security+ is an ideal certification
for military personnel or military contractors
at the U.S. Department of Defense. The CompTIA
Security+ exam (SY0-301) is approximately
100 questions that candidates must answer
within 90 minutes.
· CompTIA
Network+ - The Network+ certification
is considered by the IT industry as being
foundational for all of IT networking. Individuals
who attain this certification usually carry
titles such as Network Administrator, Junior
Network Engineer or Internet Technician.
It is recommended that candidates for this
certification have the CompTIA A+ certification
(or equivalent knowledge), as well as 9-12
months of experience in IT networking. The
certification can be obtained by passing
exam N10-004. For this exam, candidates
have 90 minutes to answer 100 questions.
· Certified Information Systems Security
Professional (CISSP) - The CISSP is an advanced
certification meant for IT professionals
who want to achieve heightened mastery of
information security. Earning the CISSP
certification requires a candidate to pass
a single exam and meet the exam vendor’s
prerequisites. The two prerequisites for
this exam are for the candidate to: “execute
the candidate agreement, attesting to the
truth of the candidate’s experience assertions
and legally commit to adhering to the Code
of Ethics”; and successfully “answer four
questions regarding criminal history and
related background.” Users who attain this
exam commonly carry the titles of Security
Auditor or Network Security Analyst.
· Systems
Security Certified Practitioner (SSPC) -
The SSCP certification is designed for IT
professionals who want to achieve an international
standard for practitioners of information
security and understanding of a Common Body
of Knowledge (CBK). The passing score for
this form-based multiple choice exam is
a scaled score of 700 points or greater.
Currently, there are 125 questions that
the candidate must answer in 3 hours.
· Security Certified Network Professional
(SCNP) – This certification aims to give
network administrators the additional hands-on
skills needed to product their networks
from security threats and vulnerabilities.
The qualifying exam for this certification,
SC0-471, contains 60 questions that candidates
have 90 minutes to answer. A passing score
is 75%.
· Certified Ethical Hacker (CEH)
– The Certified Ethical Hacker certification
indicates that skilled security professionals
understand and know how to look for weaknesses
and vulnerabilities in target systems, and
use the same knowledge and skills as malicious
hackers. CEH exam 312-50 (EC0-350 for non
EC-Council prep course examinees) is the
only exam required to earn the Certified
Ethical Hacker certification. Currently,
the exam consists of 150 multiple choice
questions which examinees are given 4 hours
to complete. The passing score is 70%.
Similarly, candidates should also be familiar
with the following common OS certifications:
·
MCITP: The Microsoft Certified IT Professional
(MCITP) credential
ensures that a technician’s abilities and
skills are at the level required to perform
a specific job role. As such, all MCITP
certifications are built on the firm foundation
of the technical proficiencies measured
by the Microsoft Certified Technology Specialist
(MCTS) certifications, which cover specific
Microsoft technologies and tasks within
those technologies. Essentially, in order
to earn an MCITP accreditation, you must
first prove mastery of the technologies
used in that job role through MCTS credentials.
· MCTS: Microsoft Certified Technology Specialist
(MCTS) credentials are single-test certifications
that validate a technician’s expertise with
an individual Microsoft technology or a
single aspect of a Microsoft technology,
in the case of Server 2008, SQL Servers
2005 and 2008 and a few other Microsoft
technologies. Most Microsoft products have
an associated MCTS.
· CCNA:
The Cisco Certified Network Associate (CCNA)
is an entry-level certification designed
for network administrators and engineers.
The qualifying exam can be taken in one
of two forms. First, the CCNA can be taken
in one, single exam - The CCNA Composite
640-802. Second, it can be taken as a two
part exam designated Interconnecting Cisco
Network Devices 1 and 2 (ICND1 and ICND2).
A majority of the professional networking
world considers the CCNA to be the de facto
Network Engineering exam that qualifies
a user to operate a small to medium business
network. Furthermore, the CCNA opens doors
for new exams, such as the CCNP (Cisco Certified
Network Professional) and CCDP (Cisco Certified
Design Professional) certifications. Overall,
the CCNA has several subjects that it covers
in detail, but the primary subjects of concern
are Routing and Switching, including but
not limited to the use of: IP, IGRP, Serial,
Frame Relay, IP RIP, VLANs, RIP, Ethernet,
and access lists. After attaining the CCNA,
the exam is valid for three years before
it must be recertified.
· Oracle DBA-OCA:
The Oracle Database 10g: Administration
I certification demonstrates conceptual
understanding of the Oracle database architecture
and how its components work and interact
with one another. The DBA I OCA allows you
to create operational databases and properly
manage the various structures in an effective
and efficient manner including performance
monitoring, database security, user management,
and backup/recovery techniques. With the
1Z0-043 Oracle Database 10g: Administration
II exam, you will be able to conduct various
methods of recovering the database by using
RMAN, SQL, and Flashback technology. The
OCP DBA II will also ensure your ability
to utilize various extensive database technologies,
such as Resource Manager, the Scheduler,
and Automatic Storage Management (ASM).
Contact Teresa Pla, CTT's "VA School
Certifying Official", today and she
will assist you in the process. Teresa may
be reached at 813-341-0900 or by email at
teresapla@certifyus.com.
The following are a few of the
most popular certifications:
|
