As before, there are no actual pre-requisite requirements to be qualified to take the exam. However, CompTIA recommends having A+ certification and nine months of computer network related experience. So, what has changed? In a domain comparison between the new N10-005 exam and the previous N10-004 exam official certification exam objectives as published by CompTIA, I discovered a handful of changes to highlight in this post.

Fewer Domains

The N10-004 exam divided the exam into six targeted topical areas called domains. The new N10-005 exam has five domains, although only three domain names are the same.

As you can see, the percentage of the exam related to the various topics has not really shifted much. However, some people will see the increase in Network Security from 11% to 19% as an indication that the focus on security has significantly increased on Network+. I don’t think this the case. In fact, security has been an integral part of networking for decades, and this was reflected in all previous versions of Network+. The latest revision of this exam simply reorganized all the disparate security material under the security domain.

Don’t stress over this chart, the number of domains, or even the percentage of the exam covered by each domain. In reality, the exam presents questions to you in a random order. While the test is a flat test (as opposed to adaptive), you receive questions randomly pulled from the test pool. Then those questions are randomly ordered #1 — #100. You must approach each question on its own merits, with no knowledge of which domain it belongs to. You should always consider each question in light of the entire collection of Network+ material, not just a single domain. Now, let’s review the updated content for the latest Network+ exam.

Domain 1: Network Concepts

Domain Name System (DNS) records (A, MX, AAAA, CNAME, PTR) (Sub-objective of 1.7)

Five common DNS resource records (RR) are now specifically mentioned in the exam objectives where just generic DNS, DNS ports, DNS server, and wrong DNS were mentioned previously.

Identify Virtual Network Components (Objective 1.9)

If any objective in N10-005 could be labeled as new, this is the most likely candidate. N10-004 did not include the word virtual or cloud. N10-005 does not include the word cloud either, but the sub-objective of Network as a Service (NaaS) is a specific type of cloud computing service.

Domain 2: Network Installation and Configuration

Mismatched Maximum Transmission Unit (MTU/MUT) Black Hole (Sub-objective of 2.5)

MTU is the largest packet size allowed on a segment (MUT is a misspelling or alternate phrasing of MTU). If there is a mismatch between two devices’ interfaces (router, firewall, proxy, etc.) on the same segment, the traffic can be dropped (i.e., black-holed). This does not typically occur on current networks as modern devices support the same MTU for their supported protocols, and there is no practical or benign need to reduce the MTU.

Bad Modules Small Form-factor Pluggable (SFPs), GigaBit Interface Converter (GBICs) (Sub-objective of 2.5)

SFP and GBIC are Cisco hardware components known generically as transceivers. They provide a hot-swappable media interface between various cable types and networking devices. Generally, if a module is bad, you replace it.

Domain 3: Network Media and Topologies

T1 Crossover (Sub-objective of 3.1)

In the rare circumstance where you must directly link two Channel Service Unit/Data Service Unit (CSU/DSU) devices, a T1 crossover cable would be used. This cable is similar in nature to the Ethernet crossover cable used to connect two hubs, two switches, or two PCs directly together.

Synchronous Digital Hierarchy (SDH) (Sub-objective of 3.4)

SDH, which is nearly identical to SONET, is a fiber optic-based multiplexing technology supporting numerous high-speed connections or channels.

Dense Wavelength Division Multiplexing (DWDM) (Sub-objective of 3.4)

DWDM is a multiplexing technology that places multiple signals, connections, or channels on a single fiber optic cable, each using a different wavelength of light. Of note, this item was on the acronym list of N10-004.

Long-Term Evolution (LTE) and Evolved High Speed Packet Access (HSPA+) (Sub-objectives of 3.4)

LTE is the current name for the IEEE 802.20 standard and is a competitor to the WiMax or IEEE 802.16 concept. LTE is a wireless communications standard that is currently being used as the next advance in mobile phone technology. HSPA+ is an enhancement of the Wideband Code Division Multiple Access (WCDMA) 3G wireless technology which has the potential to offer data speeds similar to that of LTE.

Passive Optical Network (PON) (Sub-objectives of 3.4)

PON is the use of fiber optic cable to the premises. It uses unpowered optical splitters to serve multiple locations simultaneously (such as end-users).

Domain 4: Network Management

Common Address Redundancy Protocol (CARP) (Sub-objective of 4.6)

CARP allows for a set of IP addresses to be shared by a group of hosts on the same subnet. This is to support failover redundancy and is commonly supported by firewalls, proxies, and routers. CARP is a public domain version of Cisco’s proprietary Hot Standby Router Protocol (HSRP) that performs the same function.

Domain 5: Network Security

Independent Computing Architecture (ICA) (Sub-objective of 5.2)

ICA is a Citrix solution to support thin-client or terminal services such as remote control or remote access capabilities. This and other remote access/remote desktop/thin-client concepts were present in N10-004 materials and discussions as well.

Evil Twin (Sub-objective of 5.4)

Evil Twin is a wireless attack tool that will automatically duplicate the identity of a trusted wireless network. Each time the interface is turned back on, it will seek out known networks and attempt to reconnect. The reconnect request includes the original Station Set Identifier (SSID) and base station Media Access Controller (MAC) address. The Evil Twin attack tool captures these reconnect requests and replies with a spoofed identity of the known network.

Nessus and Nmap (Sub-objective of 5.6)

Nessus is an open source vulnerability scanner that has a commercial version known as Tenable Network Security. Nmap is a free network mapper, port scanner, network discovery, and OS/service identification tool crafted by hacker-extraordinaire Fyodor. Both are excellent tools for evaluating a network’s functionality and vulnerabilities as a user, administrator, penetration tester, or criminal.

A Few Final Items

If you have already studied for the N10-004 exam, and you are not comfortable taking a small risk in taking the N10-005 exam, you can still take the 2009 version of Network+ until August 1, 2012. At that time, the N10-004 version of Network+ will be fully retired. If you are already approaching that deadline, either bite the bullet and take the exam or obtain updated preparation material and fine-tune your knowledge for the N10-005 exam.

Please visit www.comptia.org. Here you will see CompTIA’s summary of the exam and can download the official CompTIA Network+ N10-005 Certification Exam Objectives. Take the time to read over each and every item listed on the exam objectives. This will help you grasp how much you may already know and how much you will need to learn in order to be properly prepared to have a positive outcome on the latest revision of CompTIA’s Network+ exam.

Excerpted and available for download from Global Knowledge: Network+ 2011 Exam N10-005 Updates

Related Post
The CompTIA/Cisco Roadmap

Related Courses
Network+ Prep Course
A+ Certification Prep Course

Domain 4.0 Application, Data and Host Security

1. Fuzzing (4.1)

Fuzzing is a testing method that uses a brute force technique to send data to software or hardware inputs and then notice the response or reaction. The purpose is to discover programming or design flaws that need fixing or which can be exploited. Both security professionals and hackers use fuzzing tools. These tools can operate autonomously to craft random or sequential input data sets in order to stress test a target.

2. Cross-site Request Forgery (XSRF) prevention (4.1)

Cross-site Request Forgery (XSRF) is an attack that takes advantage of a Web server’s trust in an authenticated client. Usually attacks of this type wait until a valid client authenticates to a server before launching and making command requests to the server as if it were the client. The flaw is the server assuming that an authenticated client will only make valid and reasonable requests. This is a bad assumption. Prevention of XSRF must take place at both the client and server. Clients should avoid risky behavior to prevent malware infection and run current anti-malware scanners. Servers should limit the abilities or functions clients can access and re-request authentication when a sensitive action is requested.

3. Cable locks (4.2)

Cable locks are an important part of portable device physical security. A cable lock is used to secure a notebook or other device to a less mobile object (preferable immovable) using a looping cable along with a lock that connects into a K-slot on the device. Cable locks are not insurmountable; a good set of wire cutters or an adept lock-pick may be able to bypass the protection. However, the presence of a cable lock mandates the additional effort in a theft attack, thus reducing the attack’s success rate.

4. Mobile Devices (4.2)

There are several mobile device specifics on the objectives list, including screen lock, strong password, device encryption, remote wipe/sanitation, voice encryption, and GPS tracking. Most of these are standard security issues on desktops and notebooks. Smartphones are somewhat more vulnerable to remote wiping and GPS tracking. Often, these services must be installed and configured prior to a loss or theft event.

5. Data Loss Prevention (DLP) (4.3)

Data Loss Prevention (DLP) is the focus plan and policy to prevent data from being disclosed to unauthorized entities, especially outsiders and hackers. Most of the efforts related to data access, encryption, tracking, and confidentiality protection are part of the DLP solution. Showing sufficient DLP is also an important part of regulation compliance.

Domain 5.0 Access Control and Identity Management

1. Common Access Card (5.2)

The Common Access Card (CAC) has been commonly used by the government and military of the USA since the early 2000s; however, CACs are found in many private companies as well. The CAC is a smart card commonly used to control physical and logical access into a secured environment. It often consists of a photo ID, smart card technologies, and proximity mechanisms (such as RFID).

2. Personal identification verification card (5.2)

A personal identification verification (PIV) card is a more generic form of a CAC. It is any form of ID card that can be used to confirm or check someone’s identity. A PIV could refer to a driver’s license, an access badge, a photo ID, or a visitor’s badge, etc.

Domain 6.0 Cryptography

1. Miscellaneous Cryptography Items (6.0)

This domain contains several new topics not included on the previous exam. The topics are not new to the IT security realm as they are standard elements of most cryptography discussions. They include: block vs. stream, transport encryption, WEP vs. WPA/WPA2 and preshared key, RIPEME, HMAC, RC4, Blowfish, whole disk encryption, TwoFish, SSL, TLS, IPSec, SSH, HTTPS, and PKI.

Conclusion

The descriptions and definitions of some of the new Security+ topics listed here are designed to pique your interest. This is not an exhaustive coverage of these issues, but they point to a larger discussion of security topics that require greater context.

Related Courses

Security+ Prep Course (SYO-301)
Security+ Certification Boot Camp (SYO-301)

In early summer of 2011, the latest version SY0-301 was released. This revamped exam focuses more on risk, operational security, and mobile device security. It also clearly emphasizes security in three main areas: application, data, and host. In your efforts to prepare for SY0-301, it would be a good idea to pay special attention to the new topics and issues added for this latest revision.

This series of posts focuses on some of the new topics, terms, and issues added to the SY0-301 Security+ 2011 exam in domains 2.0 — 6.0. These domains include:

• 2.0 Compliance and Operational Security
• 3.0 Threats and Vulnerabilities
• 4.0 Application, Data and Host Security
• 5.0 Access Control and Identity Management
• 6.0 Cryptography

For the discussion of the new topics in Domain 1.0, please review the white paper Ten New Topics on Security+ 2011 (SY0-301) from Domain 1.0. (Note: The number in parenthesis after each topic is the official objective sub-domain reference as defined by CompTIA for SY0-301. Please visit www.comptia.org for a complete accounting of the objectives.)

Domain 2.0 – Compliance and Operational Security

1. Annualized Loss Expectancy (2.1)

Annualized Loss Expectancy (ALE) is one of the many calculated values crafted as part of a risk assessment process. ALEs have long been a staple concept for those pursuing CISSP, but its new addition in the Security+ content reveals a new focus on risk management rather than just a cursory nod. The ALE is calculated using three values: asset value (AV), exposure factor (EF), and annualized rate of occurrence (ARO). The AV is an assigned dollar number representing the importance or value of an asset to an organization. The EF is the percentage of loss that may be experienced if a specific threat is realized. ARO is a prediction of how many times in the next year is the threat possible to be realized. AV x EF x ARO = ALE. Once an ALE has been calculated for each pairing of asset and threat, the largest ALE points to the most significant risk to the organization and should be addressed in priority in the security response.

2. Quantitative vs. Qualitative (2.1)

Risk assessment is performed using a hybrid approach, a combination of a quantitative and a qualitative assessment of risk. A quantitative approach uses mathematical calculations to prioritize security response. A qualitative approach processes the subjective perspectives of various personnel on the state or status of security and risk. It is important to use a hybrid approach for risk assessment because performing only quantitative or qualitative assessments will produce a skewed view of the true state of risk.

3. Risks associated to Cloud Computing and Virtualization (2.1)

Virtualization was a topic in the previous exam, but cloud computing is a new addition. This objective focuses on the risks related to these technologies. Virtualization is the concept of hosting multiple operating systems (and/or their various applications) on a single set of computer hardware. Cloud computing expands on this by taking advantage of Internet (public) or private online services, which can include software, platform, or infrastructure as a service. The risks associated with cloud computing and virtualization include:

• Reduced control due to data being located outside the physical premise
• Difficulty of maintaining regulation compliance
• Lack of security training and implementation at the cloud service organization
• Potential geographic storage location issue (within your country or spread across multiple countries)
• Legal implications in the event of disclosure or breach in terms of jurisdiction,
• Method/type of encryption and who possesses the encryption keys
• In the event of a search warrant, can the cloud service organization turn over your data in plaintext
• Speed of recovery/restoration

4. Basic forensic procedures (2.3)

Basic forensic procedures were included in the previous list of exam objectives, but the new objectives list nine new specific sub-objectives: order of volatility, capture system image, network traffic and logs, capture video, record time offset, take hashes, screenshots, witnesses, and track man hours and expense. Each of these new sub-objects is fairly straightforward and self-explanatory, especially if you have a basic understanding of computer forensics (i.e., digital evidence collection and processing). For the exam, focus on understanding each of these topics on a more in-depth level since they were named specifically on the new objectives list.

5. Personally Identifiable Information (2.4)

Personally identifiable information (PII) is any information that can be linked back to an individual person. This could be due to a reference or identification being included with the information or that the information alone points to an individual. For example, the fact that someone has a favorite flavor of ice cream, such as mint chocolate chip, is not PII, unless it is on a document indicating who that person is (such as Michael). However, if the information is a phone number, e-mail, mailing address, social security number, employee ID, driver’s license number, license plate, etc., this information is PII itself as it directly points back to an individual (or nearly so). PII protection is of utmost importance as information is being gathered at an alarming rate, and often we are giving away this information without even realizing. It may be years before we fully understand the ramifications of being so open about ourselves on social networks and smart phone apps. Will your PII be harvested and used against you one day?

6. Clean desk policies (2.4)

A clean desk policy indicates that workers need to secure all materials on their computers and physical workspaces before they end their work shift. A worker should save their work, transfer files to proper locations, potentially make backups, then log out of their computer terminal. A worker should also collect and file away all paperwork from their work surface. All paperwork of any sensitive value must be secured in a locked drawer or office safe. The purpose of a clean desk policy is to reduce the risk of information theft, loss, or disclosure.

7. Zero day exploits (2.5)

Zero day exploits are new malicious attacks that have been recently released by malicious attackers. Generally, the term refers to any attack or exploit for which there is no specific or direct countermeasure or safeguard. It is called a “zero day exploit” because a victim has zero notice of the attack being imminent. Since it is a new and, therefore, unknown attack, there are no countermeasures; security solutions are unable to detect or respond to the new threat. Thus, this term can be used to describe attacks that may be days, weeks, or even months old if there is no specific defense against it. Once discovered and a protection or countermeasure exists, such a threat ceases to be a zero day exploit.

8. Succession planning (2.5)

Succession planning is the pre-determination of the next-in-line for key leadership positions within an organization. People in an organization’s top C-level hierarchy can make or break an organization. Failing to have responsible leadership can be the downfall of any organization. Since life can be chaotic, it is important to plan for the worst with a line-up of successors to any key positions. Those selected as leadership alternatives can be trained and groomed so as to be ready to take over in the event of a top position becoming vacant.

9. Hot and cold aisles (2.6)

Hot and cold aisles is a data center or computer vault air management concept. If a data center is designed so the banks of computers, servers, etc., are lined up like parallel walls or aisles, then, by alternating cold air input and hot air extraction, an otherwise difficult-to-manage situation becomes quite easy. Keeping high-end computing equipment cool is key to high-performance and long-term reliability. Allowing overheating will result in expensive downtime. This air management concept is both simple in design and effective in execution.

Domain 3.0 Threats and Vulnerabilities

1. Smurf attack (3.2)

The Smurf attack has been a staple example of DDoS (Distributed Denial of Service) for well over a decade. It is a predecessor to the modern botnet concept. Smurf uses ICMP Type 0 echo requests packets to imitate a flood of responses to a victim. This is accomplished by spoofing the source address of the ICMP echo request as the victim’s address and then setting the destination address to several different directed broadcast addresses of vulnerable networks (a.k.a. amplification networks). The amplification networks effectively multiply the inbound requests by the number of members of their network. Then, each of the network members sends back an ICMP Type 8 echo reply to the victim. This can cause so much traffic to the victim that they are cut off from the network. Generally, the Smurf attack is ineffective today, since ICMP and inbound directed broadcasts are often blocked on network boarders.

2. Spam over Instant Messaging (3.2)

Spam over Instant Messaging (SPIM) is another cute term to refer to unwanted and/or unsolicited messages appearing in any form of instant messaging or chatting service, which can include mobile device texting (i.e., SMS). SPIM is yet another way of wasting your time and money (if you are not on an unlimited data plan) just so advertising and malicious content can reach you. Also, SPAM over Internet Telephony (SPIT), which is SPAM over VoIP services, such as Vonage, Skype, or Google Video Chat, is also a time and money waster for the consumer.

3. Vishing (3.2, 3.3)

Vishing, or VoIP Phishing, is using VoIP services to support phishing attacks. A VoIP service can often falsify its caller ID, fooling you into believing that an inbound call is from someone you might know or trust, even though it is actually a call from an attacker. It is important to be extra cautious when giving up personal information over the phone. Mainly, if you are asked to give up information instead of confirming it (for example, they tell you the personal data, like your account number, and you confirm that they are correct), then you need to hang up and call the claimed organization/person on a known trusted line.

4. Xmas attack (3.2)

The Xmas attack is not actually an attack; instead, it is one of the many variants of port scanning. Its name is derived from one of the earliest forms of this port scan where every other flag in the TCP header flag byte was alternated as a 0 or 1. This is said to represent the alternating flashing lights of a Christmas (or Xmas) tree. A basic firewall is usually sufficient to render Xmas scans/attacks, as well as most other port scanning variations, worthless. However, it is important to remember that port scans using the TCP Full Connect or Half Connect methods are always successful at determining open ports. Otherwise, legitimate connections would be refused as well.

5. Pharming (3.2)

Pharming is maliciously stealing someone’s traffic. Commonly this is done against Web sites through an attack on DNS. The attack can be local or global. A local attack would only affect visitors from a specific subnet, company network, or maybe a small ISP. A global attack would affect anyone on the Internet attempting to resolve the correct domain name by returning a false IP address. In any case, the pharming attack results in victims being sent to an alternative location, often presenting a false or spoofed version of the original Web site in order to steal sales, perform phishing, or attempt identity theft.

6. Tailgating (3.3)

Tailgating is the act of gaining access to a security location by taking advantage of someone else’s valid credentials in such a way that the owner of the valid credentials is unaware that an attack just took place. This is often easiest to understand with a scenario: a worker approaches a secure door and uses his smart card to unlock the door. After the worker enters, an attacker sneaks up and grabs the door just before it closes, slips in unnoticed, and allows the door to close. Tailgating can be reduced by having workers ensure a door closes and re-locks before they leave it, positioning security guards at each entrance, and installing man-traps.

7. Whaling (3.3)

Whaling is an attack of phishing aimed at a specific individual or a small class or group of individuals. Typical phishing attacks are distributed to everyone and anyone indiscriminately. Whaling focuses on a specific individual or a group of high-value targets. Common whaling targets are company executives or persons with high net worth, who may have significant monetary funds in a bank or brokerage account.

8. Evil Twin (3.4)

Evil Twin is a wireless attack tool that will automatically duplicate the identity of a trusted wireless network. The attack tool can perform this feat because wireless devices typically retain a profile history of wireless networks that it has successfully connected to. Each time the interface is turned back on, it will seek out these known networks and attempt to re-connect. The reconnect request includes the original SSID and base station MAC address. The Evil Twin attack tool captures these reconnect requests and replies with a spoofed identity of the known network.

9. SQL Injection (3.5)

SQL injector is a form of command injection attack that takes advantage of poor programming and Web backend architecture that allows the arbitrary execution of database query expressions or even command line code provided by the hacker. Generally, using input filtering and reducing access privileges can greatly reduce the threat this attack represents. Similar to SQL injection are LDAP injection and XML injection. Both are newly listed topics, but both are similar in overall concept. LDAP injection focuses on an LDAP-based directory service. XML injection focuses on any XML-based application, processing, or results rendering.

10. MAC limiting and filtering (3.6)

MAC limiting and filtering is an important defense on switches to protect against MAC flooding and ARP spoofing attacks. Basically, MAC limiting or MAC filtering allows a switch to detect the first source MAC address seen on each physical port, then locks that address as the only device identity it will recognize off of that specific port. MAC filtering is also found on wireless access points to potentially limit wireless connectivity to known physical devices.

11. Black box, White box, Gray box (3.8)

Black box, white box, and gray box are labels given to various forms of testing, including application testing and penetration testing. Black box implies that the testers have no knowledge of the internal structure or logic of the item/network/system being tested and must learn everything on their own. This is also known as a zeroknowledge test. A white box test is when everything is known about the test target. This is also known as a full knowledge test. A gray box test is when some information about the target is known. This is also called a partial knowledge test.

Next week we’ll finish with Domains 4.0–6.0.

Related Courses

Security+ Prep Course (SYO-301)

Security+ Certification Boot Camp (SYO-301)

CompTIA announced that the new version of Security+ becomes available in May 2011. The current version of the exam, SY0-201, will also remain available until December 2011. This means there is about a six month window when you can take either exam.

Regardless of which test you take, you need to know that CompTIA changed the rules for all new test candidates, and any exam completed after December 2010 is only valid for three years.

The CompTIA website states that, “effective January 1, 2011, all new CompTIA A+, CompTIA Network+ and CompTIA Security+ certifications will be valid for three years from the date the candidate is certified. After three years, the certification must be renewed. This can be done by passing the most current exam for a respective certification or by participating in CompTIA’s new continuing education program, which will allow individuals to keep their skills current and their certification up to date without retesting.”

Studying for the current exam offers an advantage in that it’s been around, there are plenty of test prep guides available, and there’s lots of practice questions that map to current objectives. Attempting the new exam offers the opportunity to become certified on the latest and greatest version of the test and, after all, almost everyone likes something new. So here’s my question to each of you. When such situations arise which exam would you plan to attempt?

The Pre-Assessment consists of 65 multiple-choice questions on topics like:

• Data networking
• Telephony networking
• Convergence technologies

This will help you find out if you’re a convergence expert or if your skills could use a boost. The pre-assessment is normally available only through the purchase of a CTP+ kit, which costs $199, so this free offer is a great opportunity to take advantage of a valuable tool.

To access the assessment, visit http://www.ctpcertified.com/Store/promotional.php.

You’ll be asked to fill out a short form before beginning the questions. There’s no word on how long the freebie will be available, so I don’t recommend waiting too long to take the assessment.

Guest Blogger: Alison Grimme

CompTIA is having a contest where users can submit their own 60-second video on the topic of “Why certify?” The public will vote on the videos they like the best, and CompTIA is giving away $5,000 in prizes!

Want to enter? Here’s how:

1. Create a 60-second video on the topic of why someone should seek CompTIA certification, the benefits of certification, how your CompTIA certification helped you, etc.

2. Upload it to the entry site before February 16th.

3. Tell your friends to vote on your video.

Even if you don’t want to make a video, be sure to vote for your favorite.

Click here to go to the entry site, and be sure to read the rules and regulations before you enter! Good luck!

Guest Blogger: Alison Grimme

CompTIA has now posted information on how new members (those certified after 1/1/11) can renew their credentials. Certification holders will enroll in a continuing education program that provides CEU credits, with the following CEU credits required every three year period:

CompTIA A+: 20 CEUs in three years

CompTIA Network+: 30 CEUs in three years

CompTIA Security+: 30 CEUs in three years

Credits can be earned through myriad activities including lecturing or presenting, attending industry events, publishing relevant content, and taking a training course that uses CompTIA CAQC-approved material.

I believe some of this information is still in the “proposal” stage, so it may change before the policy changes begin. You can read more on the CompTIA web site here, where they’ve posted a Q&A resource center.

If I were contemplating getting certified in A+, Network+, or Security+, I would want to do so before the end of the year so that I wouldn’t have to worry about expiration dates or CEU fulfillment. But that’s just my humble opinion.

How do you feel about CompTIA’s new policy?

CompTIA logo is a registered trademark of CompTIA.

Update

The required CEU credits will be:

CompTIA A+                           20 CEUs per three-year period

CompTIA Network+            30 CEUs per three-year period

CompTIA Security+             50 CEUs per three-year period

Credits can be earned through myriad activities including passing the most current exam for your certification, lecturing or presenting, attending industry events, publishing relevant content, and taking training courses that uses CompTIA CAQC-approved material.

1. Take the most current version of the CompTIA certification exam for your credential.
2. Earn continuing education units (CEUs) by participating in qualified activities such as publishing an article or white paper, obtaining another industry certification, or attending a relevant conference or event.

Certifications earned beginning in 2011 will contain the designation “CE” to indicate the certification is subject to the renewal policy.

If you achieved certification prior to 2011 (the non-CE version), you will retain your certification for life. No renewal is required, although you may choose to or be required to enroll in the continuing education program.

Please visit www.globalknowledge.com/CompTIAce for answers to frequently asked questions about the new certification policy.

Related Courses

A+ Certification Prep Course

Network+ Prep Course

Security+ Prep Course

Microsoft just released a new certification exam – the 70–699.  This exam is intended for those who currently possess the MCSA Security certification to validate that their MCSA 2003 Security Specialization skills are up to date.  This does make a lot of sense – but only if you assume that those who hold this and other older certifications have done nothing to keep their skill sets up to date.

Below is a current breakdown of the areas covered by the exam.  Nothing really groundbreaking here – coverage of still commonly used technologies, but also covering new technologies since the first MCSA Security exam was released. Good luck, happy studying, err – “reviewing”.

Security for Users, Computers, and Groups

• Manage local, roaming, and mandatory user profiles.
• Create and manage computer accounts in an Active Directory environment.
• Create, manage, and troubleshoot user and group accounts.
• Troubleshoot user authentication issues.
• Configure access to files and folders.
• Monitor and analyze security events.

Implementing, Managing, and Maintaining Network Security

• Implement secure network administration procedures.
• Manage security for system recovery.
• Configure security based on server roles.
• Plan and deploy security settings.

Implementing, Managing, and Troubleshooting Security for Network Communications

• Configure Routing and Remote Access user authentication.
• Plan IPsec deployment.
• Deploy and manage IPsec policies.
• Implement security for wireless networks.
• Install, manage, and configure Certificate Services.

Configuring Client Security Features

• Configure Windows Firewall.
• Configure Windows Internet Explorer.
• Configure file and folder access.
• Configure user account control (UAC).
• Configure BitLocker and BitLocker To Go.
• Configure application restrictions.
• Configure authentication and authorization.

–Randy

Related Courses

Microsoft 2003 MCSA Boot Camp

icrosoft 2003 MCSE Boot Camp