Showing posts with label ceh. Show all posts
Showing posts with label ceh. Show all posts

Thursday, 5 November 2015

The 5 hottest IT jobs and how to get them with Free Training For Life

 By Sarah Morgan

Firebrand’s Free Training For Life competition offers you the chance to win accelerated training completely free, for the rest of your life. There are no restrictions. This means you can choose from Firebrand’s portfolio of 200+ accelerated courses, which includes names like Microsoft, Cisco, CompTIA and (ISC)2.

Winning Free Training For Life has the potential to help you get your dream job, so we’ve mapped out the five hottest jobs right now and selected the certifications you need to secure them.


1. Chief Information Security Officer (CISO)


Security is one of the hottest topics out there at the moment, partly due to the staggering amount of high-profile cyber-attacks that have cost names like, EBay, Sony and most recently TalkTalk, millions. Chief Information Security Officer is one of the top jobs in the field. The average advertised salary is £110,000 according to itjobswatch.co.uk and they are now in high demand. CISOs are responsible for developing and implementing security policies and the company’s security architecture.

To get on the path to becoming a Chief Information Security Officer, you could start with the CompTIA A+ or Network+. The A+ and Network+ will teach you the fundamentals in PC hardware, security and networking that will be highly useful in the future.

(ISC)2’s SSCP is also a great value certification that you can do after a year’s IT security experience. This will begin to teach you advanced skills like cryptography, risk, response and recovery, and dealing with malicious code. This will put you in a great position to become a CISO in the future.

3-5 years into your career, ISACA’s CISA would be perfect to give you IS audit and control skills to ensure the business’s security procedures can protect its information assets. You could follow up with the CISM to get skills like risk and incident management and program development. This will help you move into information security management, and eventually the CISO role.

Many see (ISC)2’s CISSP as the best IT security certification you can aim for, and it will certainly help you get into a CISO role. The CISSP will help you master both the management and technical aspects of the field, giving you security engineering, communication and network security skills. There are also extensions to the CISSP that offer in-depth skills if you have a specific need for them. The CISSP-ISSAP includes further detail in areas like access control systems and security architecture analysis. Also, the CISSP-ISSEP can teach you further skills in technical management and risk management. These can help you master your CISO role.





2. Cloud Infrastructure Architect


The cloud technology market is growing rapidly. Because of this, demand for IT professionals with cloud skills has never been higher. Cloud Infrastructure Architect is one of the most sought after positions. The role involves migrating and integrating applications to the cloud, and managing cloud servers. The average advertised salary according to itjobswatch.co.uk is £70,000.

Typically, a business will use one established cloud provider which could restrict the training you’ll need. The restriction-less Free Training For Life however, would give you access to the wide range of cloud certifications, like the following, that teach you the skills to become a Cloud Infrastructure Architect.

The Microsoft Specialist: Implementing Microsoft Azure Infrastructure Solutions certification would give you the skills to migrate existing on-premises infrastructure to Azure. You’d also learn to manage the systems in the future.

The Microsoft MCSA: Windows Server 2012 R2 certification will give you the skills to manage and deploy Windows Server 2012 and components like active directory domain services and AD FS. It also offers cloud skills that will help you become a Cloud Infrastructure Architect. This is because the system includes cloud technology and is so widely used.

The Microsoft MCSE: Private Cloud will teach you how to build your Microsoft private cloud, very useful in a Cloud Infrastructure Architect role. It covers skills like deploying private cloud services, problem management, optimising a cloud infrastructure and configuring a self-service and multi-tenant private cloud.

Another option is VMware’s vSphere [V6] certification which includes elements of cloud technology. This will teach you skills in virtual machine management, configuring and managing virtual storage and networks, and installing and maintaining vSphere.


3. Certified Ethical Hacker


Certified Ethical Hackers are those who are able to counteract and prevent the threat that malicious hackers pose to businesses. The increasing danger that these malicious hackers are posing, is making the demand for Certified Ethical Hackers soar. According to itjobswatch.co.uk the average advertised salary for an ethical hacker is £55,000.

To begin on the path to a Certified Ethical Hacker role, you need systems and networking foundations. The Microsoft MTA Networking, Security & Windows Server Administration, CompTIA A+ or Network+ would all be great certifications to get those skills. The MTA does not cover the same hardware topics as the A+ or Network+, but does offer more content about server administration and will lean towards Microsoft technology.

Following on, the Security+ can give you more detailed security skills, covering topics like compliance and operational security, access control and identity management, and cryptography. Similarly, Cisco’s CCNA will boost your skills in the networking area. This will teach you skills in areas like LAN switching technologies, IP addressing and routing technologies, and network device security.

After two years’ IT experience, you should be ready to sit your Certified Ethical Hacker course. This will give you the knowledge to fill an ethical hacking role. You’ll learn advanced skills in areas like Trojans and backdoors, viruses and worms, session hijacking and SQL interjection. These are necessary and vital skills in the arsenal of an ethical hacker, so you can comprehensively check the security of a business and cover gaps that could be maliciously exploited.

The Computer Hacking Forensics Investigator is a further certification that can boost your skills in the forensics process, improving your skills in responding to an attack. This could really make you stand out in the ethical hacking field.


4. Web Developer


Every modern business needs a website, meaning web developers with skills to create and maintain them, are in high demand. According to itjobswatch.co.uk, the average salary for a Web Developer is £37,500.

To give yourself the fundamental web development skills, an MTA in Software Development Fundamentals or HTML5 App Development Fundamentals would be suitable. You’ll learn core programming and general software development skills that’ll be useful in any web development role.

To get the high level skills you need to become a web developer, you could sit the Microsoft MCSD: Web Applications. This will teach you how to create and deploy modern web applications, whilst giving you an introduction to coding languages like HTML5, CSS3 and JavaScript. It also teaches you basic programming skills like program logic, developing user interfaces and storing data.



5. Project Manager


Free Training For Life has the potential to take your career into project management. The skills in this field are versatile and useful in many areas of business. According to itjobswatch.co.uk, Project Managers have an average salary of £52,500.

You should begin with the PRINCE2 Foundation and Practitioner. It provides a framework for managing projects that is the most popular of its kind in UK. It teaches you how to structure and manage your projects, including planning and organisation techniques. It also covers potential changes and risks to your projects.

Once you meet the prerequisites, you can progress onto PMI’s PMP. This covers more detailed planning and tight regulation of your projects, helping you improve the success rate of your projects. You’ll learn to regulate budgets, communications, quality management and more.

Learning to apply the agile methodology will also help you become a more successful project manager. The PRINCE2 Agile will teach you to combine PRINCE2 and agile in your projects. You’ll learn agile fundamentals and how to tailor the management process around those fundamentals. This will help you react more effectively to unpredictable changes. 



Free Training For Life has no restrictions, meaning you can take your career in any direction you choose. For the rest of your life, stay at the cutting edge in your career by gaining high-quality skills and certifications that can open doors to places you’ve never considered.

You can sit courses from vendors such as (ISC)2, APMG, AXELOS, CISCO, CompTIA, EC-Council, ISACA, Linux, Microsoft, The Open Group and many more. Free Training For Life lets you dream big and accelerate your career with any course you choose. 

You can enter Free Training For Life here and see Firebrand’s full portfolio of accelerated courses here.


About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Wednesday, 9 September 2015

Your Ultimate CISSP FAQ

 By Sarah Morgan

The CISSP is a hugely popular certification that carries a great deal of prestige and may be something you’re striving for in the future.

How much do you really know about the CISSP? This ultimate CISSP FAQ will start from the basics to ensure you know all there is to know about this gold standard security certification.

Q: What is a CISSP?

A: CISSP stands for Certified Information Systems Security Professional. Achieving the certification proves you are accomplished at the management level of information security. Developed by globally recognised (ISC)2, it has become established and well-respected within the industry and is now a key component in the selection process of Chief Information Officers.



Q: What does the course cover?

A: The CISSP course begins by ensuring you understand the concepts and principles behind information security and why they are important. You’ll then build up to learn how to protect your business from various angles and how to apply management skills to information security through (ISC)2’s eight domains.

Everything you’ll cover will be from (ISC)2’s CISSP CBK (common body of knowledge). This ensures what you learn is approved and thorough, covering all components of information security management. The full list of the domain titles are as follows:


  • Domain 1 – Security and Risk Management 
  • Domain 2 – Asset Security
  • Domain 3 – Security Engineering
  • Domain 4 – Communication and Network Security
  • Domain 5 – Identity and Access Management
  • Domain 6 – Security Assessment and Testing
  • Domain 7 – Security Operations
  • Domain 8 – Software Development Security


Q: How will it help me on a day-to-day basis?

A: The skills you’ll learn on your CISSP course will improve the depth of your knowledge, filling in gaps, and making you more skilled at what you already know and do. You will also become more proficient and prepared for dealing with a vast range of security threats.

For example, the breadth of topics covered ranges from cryptography to implementing disaster recovery processes. Whatever your current or future job role in information security, you’re sure to gain knowledge and skills that will help you on a daily basis.

Q: Who is the CISSP aimed at?

A: The CISSP is an advanced certification. This means it is directly aimed at senior and experienced security professionals who will realistically be able to pass the exam and find it useful.

However on a more grand scale, anyone looking into senior information security roles can target the CISSP as a long term goal. Even if you’re not quite the perfect candidate to take the CISSP yet, there’s nothing stopping you in the long term.

Q: What jobs can I do with a CISSP?

A: The CISSP has the potential to lift you into security roles that are the pinnacle of the field. Below are just a small sample of the sorts of job roles that you could access after becoming CISSP certified:


  • Chief Information Security Officer
  • IT Security consultant
  • Senior Security Engineer
  • Head of Cyber strategy
  • Security Specialist
  • Chief Security Architect
  • Security Assurance Analyst
  • Technology Consultant Manager
  • Cyber Security Senior Manager
  • Information Risk Manager
  • Head of Risk & Compliance




Q: How much can I expect to earn with a CISSP?

A: Of course the salary you can earn depends on what else is in your skillset and the job roles listed above do have varying salaries. According to itjobswatch.com, the lower tier of the jobs you could be doing average salaries between £40,00-£50,000. These are roles like IT Security Consultant, Security Specialist and Security Assurance Analyst.

However, the more senior roles, like Chief Information Security Officer, Head of Cyber Strategy, Chief Security Architect and Cyber Security Senior Manager, average salaries between £70,000-£100,000. The CISSP is one of the best certifications as a gateway to such high level jobs with that kind of salary and responsibility – especially in a field with such intense competition.

Q: Can anyone take the CISSP course?

A: Because the CISSP is such an advanced certification, there are prerequisites that you must meet before you are able to sit the course.

Initially, you must have at least five years of professional information security experience, as well as a university degree. The nature of the security industry also requires you to agree and commit to the Code of Ethics and criminal history check. On top of this, after passing the certification, your application must be endorsed by another qualified information security professional.

However, do not be put off. These prerequisites are only in place to ensure that you and have the experience and ability to pass the course and put what you’ve learnt into practice in the real world afterwards.

Q: What happens if I don’t meet the prerequisites?

A: If you don’t currently meet the requirements for the CISSP – (ISC)2 offer a range of courses for varying experience and skill level. The full list here.

The SSCP is designed for those who don’t meet the CISSP prerequisites. Also developed by (ISC)2 from its CBK, it covers seven very similar domains, at a lower level. The bonus is, it only requires one year of experience in the information security field – a fantastic stepping stone to get you onto the CISSP.

There are also many other security certifications that can help boost your skills. From EC-Council’s Certified Ethical Hacker, to CompTIA’s Security+, there is a certification out there than can help you get the skills you want in the security industry, whatever your current situation.

Q: What are the exams like?

A: The CISSP exam consists of 250 multiple–choice, four option questions. It’s a lot of questions, but you have six hours in which to do them. All exams are meant to test you and prove that you are a certain standard, otherwise the certification wouldn’t be worth anything. The CISSP is no different and is a tough exam to pass, hence the qualities stated in the prerequisites. But don’t feel daunted, obviously people do pass it, it just takes commitment and hard work. It’s also worth noting that the exam questions change every two weeks, so you’re not facing the same questions each time.

Q: What happens if I fail?

A: Obviously nobody likes to fail, but it doesn’t mean the end of your aspirations and possibility of you getting CISSP certified. (ISC)2 policy states you can retake an exam 3 times in a year. If it’s the first time you’ve failed it, you’ll be able to sit another exam just 30 days afterwards.

Q: When can I get on a CISSP course and get certified?

A: The CISSP is a hugely popular course, which is why there is usually always a course running soon that you can get yourself on. At Firebrand there is between 1 and 3 courses a month. The Firebrand course is also just seven days and also includes the official (ISC)2 exam at the end of it. That means depending on availability, you could be CISSP certified by the end of next week.

 About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.

Wednesday, 3 June 2015

The 5 best CEH certification books 2015


By Sarah Morgan


Cyber-attacks are now ranked amongst the top 10 global threats to your business, a survey from Aon Solutions revealed this week. It’s no surprise – security breaches can cripple your business infrastructure, leak private customer data and destroy your organisation’s reputation.

The IT security field is expected to grow 37% by 2022 and many security professionals are now taking the offensive and building their white hat hacking skills with EC-Council’s CEH certification.

The CEH v8 certification is an advanced certification, and to conquer it you’ll need to prove your expert white hat hacking knowledge. To help you do just that, here are our 5 best CEH certification books for 2015…


CEH: Certified Ethical Hacker Version 8 Study Guide – 14 Oct 2014
ISBN-13: 978-1118647677

Sybex’s Certified Ethical Hacker Version 8 Study Guide is perhaps the most popular preparation tool for the CEH certification.

The guide boasts a concise, easy-to-follow approach to the certification that covers all exam objectives with examples and hands-on exercises.

You’ll study everything you need to pass the CEH exam – including cryptography, footprinting, trojans and covert channels. Also included is a companion website, stuffed with study tools like practice exams, chapter review questions and electronic flashcards.

The guide is useable in both classroom and self-study scenarios. Plus, an average user score of 4.2/5 stars across Amazon (28 reviews) ranks this as one of the most sought-after books on our list.

Available in:


CEH Certified Ethical Hacker Bundle, Second Edition (All-In-One) – 1 Oct 2014
ISBN-13: 978-0071835572

A popular CEH revision guide from Matt Walker - a man with so many certifications after his name he makes the alphabet feel insecure.
Billed as a money-saving self-study bundle, this comprehensive package includes massive amounts of content:

  • CEH Certified Ethical Hacker All-in-One Exam Guide, Second Edition
  • CEH Certified Ethical Hacker Practice Exams, Second Edition
  • CEH Quick Review Guide

The All-in-One exam guide is your primary asset for CEH certification success. Inside, you’ll find complete coverage of all CEH exam objectives and topics.

Reviewers cite a desire for a greater focus on policy questions. Despite this it retains an impressive 4.1/5 star review average on Amazon (14 reviews)

Available in:


Certified Ethical Hacker (CEH) Cert Guide15 Dec 2013
ISBN-13: 978-0789751270

Authored by certification expert Michael Gregg and published by Pearson IT certification, this chunky 640 page CEH certification guide is certainly comprehensive.

As well as a companion to the CEH certification’s v8 topics, you’ll also focus on building your own study guide, complete with test preparation routines and review questions. A CD featuring two complete practice exams is also bundled with this certification guide.

Finally, you’ll get preparation hints and exam tips from leading security consultant, Michael Gregg.

Available in:


The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy – 1 Aug 2013
ISBN-13: 978-0124116443

Though not a CEH certification guide, this introductory book provides any aspiring ethical hacker with a solid foundation of ethical hacking knowledge – crucial for passing the CEH exam.

You’ll study the same hacking tools commonly found within the CEH certification, and learn how to use them to conduct real life penetration tests.

This book begins with the basics and guides you towards more advanced subjects such as post exploitation and access maintenance. This is an ideal book for anyone with an interest in penetration testing - especially useful for those starting down the path to their CEH certification.

Available in:


Official CEH CoursewareEC-Council

As well as study guides, you also have the option to simply purchase EC-Council’s official CEH courseware. This is everything you’ll need to pass your CEH exam - included in the official bundle is:

  • Three official EC-Council CEH books (lab manual and two courseware manuals with slides)
  • 6 DVDs

The labs showcased in the courseware are tested against the latest operating systems with all up-to-date patches and hot-fixes applied.

Plus, the 6 DVDs contain over 20GBs of guides on how to use the latest hacking and security tools alongside more than 1,000 minutes of videos demonstrating hacking techniques.

Purchase the official CEH courseware from EC-Council store.


Related articles:


About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Friday, 6 March 2015

Frequently Asked Questions about EC-Council’s CEH certification


By Sarah Morgan


With the recent spate of high profile hacks targeting the biggest and wealthiest, you might not be surprised to learn that EC-Council’s Certified Ethical Hacker cert is experiencing a boost in popularity.

As malicious hacking and cybertheft become increasingly prevalent in our lives, the CEH will continue to gain in importance. A lack of information security knowledge and investment is often to blame for data and system breaches – it’s clear that organisations need professionals with advanced security skills.

In response to this growing need, more and more professionals are looking to the CEH as a way of gaining new security skills and securing a rewarding career as an Ethical Hacker.

There’s a lot to learn about this popular cert - let’s take a look at the most frequently asked questions about EC-Council’s CEH certification.


Q. What actually is an Ethical Hacker?

A. Ethical hackers attempt to penetrate a computer system or network with the aim of finding security vulnerabilities that could otherwise remain undetected. However, unlike malicious hackers, ethical hackers are given permission to undertake these controlled attacks.

Without these harmless penetration tests, security holes could remain unseen, leaving the organisation in a position that a malicious hacker could exploit.

pat138241 / FreeDigitalPhotos.net


Become an Ethical Hacker and you’ll learn to use the same techniques and tools as a cybercriminal. However, instead of exploiting these vulnerabilities, as an Ethical Hacker you’ll document security holes and provide actionable advice on how they can be fixed.


Q. How much does an ethical hacker earn?

Ethical hackers earn an average advertised salary of £55,000 according to data from ITJobsWatch.


Q. Why should I get the CEH cert?

A. The CEH is a brilliant introduction into the world of Ethical Hacking. You’ll finish your certification with an in demand set of skills covering Intrusion Detection, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

Plus, if you need to break into the field of ethical hacking or penetration testing, the CEH will put you ahead of other uncertified job applicants (assuming you similar experience).

It’s a benchmark certification for ethical hackers - “CEH is the original standard,” says Albert Whale, president and chief security officer at IT Security, Inc.


Q. Is the CEH necessary to get a job in Ethical Hacking?

A. The CEH is the most well-known certification in Ethical Hacking, but it’s not an absolute requirement. At their most basic, certifications are simply a supplement to real-world experience - without this you will only get so far.

This certification will help you break into the Ethical Hacking profession, but you’re not guaranteed a career. You’ll get great skills and a renowned certification, but you’ll still need experience to back it all up.


Q. What prerequisites do I need to take an EC-Council course?

A. This cert sits in the sweet spot between entry level qualifications like CompTIA’s Security+ and advanced certs like the CISSP.

Before attending a CEH training course you should ideally possess at least two years IT experience, a good knowledge of TCP/IP, Windows Server and a basic familiarity with Linux and/or Unix.


Q. Will I be taught by a real hacker?

A. At EC-Council’s accredited training centres you’ll be trained by experienced security professionals. You won’t be taught by a 17-year-old reformed hacker – EC-Council adheres to a strict code of ethics and employs experienced instructors with a clean reputation.


Q. Isn’t it irresponsible to teach people how to hack?

A. The more we know about how the ‘bad guys’ operate, the more secure our systems, data and networks will be. Whilst the knowledge you’ll gain on a CEH course has the potential to be misused, many would argue this far outweighs the benefits of teaching thousands of IT professionals how to better protect their businesses.

To help highlight responsibility, EC-Council requires all of their students to sign an agreement, agreeing to respect the knowledge and not misuse it. You’ll also be required to agree to abide by all legal laws of the land in the use of your new knowledge and skills.


Q. How is the exam structured?

A. To achieve your CEH v8 certification you’ll need to pass exam 315-50 at a Prometric or Pearson VUE test centre. This exam is a 125 question, multiple choice paper covering the 19 CEH domains. To gain your CEH cert, you’ll need to score at least 70%.

Take a look at EC-Council’s site for more information on your CEH exam.


Q. What is the current version of the CEH certification?

A. Released in 2013, CEH v8 is the current version of the certification and introduced new modules in Social engineering and IPv6. CEH v7 retired on October 31st 2013 – you will no longer be able to take this exam.


Q. Do I have to recertify my CEH?

A. As of January 1st 2009, all EC-Council certifications will be valid for three years. However, to maintain your certification you will be required to achieve 120 credits (per certification) during the three years after you certify.

These credits can be gained in the following ways:

  • Attending conferences
  • Writing research papers
  • Reading material on realated subjects
  • Attending webinars

Qualifying activities must have been completed during the three year window after you achieve your certification.

More information on EC-Council’s recertification policy can be found here.


Q. What is EC-Council Aspen?

A. Aspen is a gateway to portals, products and services provided by EC-Council for its registered members.

As a member you’ll be able to place orders on products and courseware, view your certification(s) continuing education scheme and maintain your certs with EC-Council.

Access Aspen here.

Related Articles:



About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Tuesday, 30 September 2014

Firebrand reveals winner of Free Training for Life


By 


Our second Free Training for Life competition blazed across the world with over 15,000 entries from 24 countries. The prize: unlimited free access to our entire portfolio of training courses, for life.

And now the wait is finally over.

Who succeeded in claiming the ultimate prize of unlimited free training – who has become the ultimate cert-collector?

Meet the winner

Firebrand is delighted to announce that Mr Mario Henkel is this year’s winner of Free Training For Life.

Mario Henkel (left) receiving his Free Training for Life Ticket from
Paul Dillenburg, General Manager for Firebrand Training
Germany-Austria-Switzerland


The newly crowned winner, Mario, is an IT administrator based in Frankfurt at ponturo consulting AG. This is how he felt when he first heard of his win:

“This is incredible, I can’t believe I won Free Training for Life! I am still processing the opportunities this prize can create for me in my future career. I’ve already decided to take the Certified Ethical Hacking course first. Working as an IT administrator responsible for systems security, the knowledge I will gain from this certification will be invaluable in protecting my companies assets. I cannot wait to get started.”

Unlimited training you say?

Starting today, Mario Henkel will receive access to a lifetime’s worth of free training courses and exams from Firebrand. He’ll be able to choose from 200+ IT, security and project management courses.

Mario has already decided to take EC-Councils Certified Ethical Hacker (CEH) course as his first choice of certification. He’ll learn to think like a hacker and apply this to fend off attacks on his organisations network and systems.

Plus, Mario’s prize means he won’t have to pay for any training fees, exam fees, course books, food and accommodation. Not to mention, Mario can also undertake his training in any of Firebrand’s training centres across Europe.

Mario now joins previous winner, Joseph Guthrie, as the two winners of Firebrand’s life-changing and career augmenting competition. Truly, this is one exclusive club. To hear Mario talking about his prize you can head to the FTFL page and watch his winners video.

We’d like to thank all of the 15,000 entrants to our second Free Training For Life competition.

About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Monday, 11 August 2014

What your cert’s worth: security salaries under scrutiny


By 
Security roles have always been in the top half of the “IT salary hierarchy” and it seems unlikely to change anytime soon. According to a recent article on Tripwire business are investing more than ever, in order to protect themselves from security threats. Of course these investments include the recruitment and/or training of capable IT security staff.

Infographic created by the University of Alabama

With IT security becoming a top priority for businesses, certifications like the CISSP, CISA or CISM are gaining even more recognition. So if you’ve got one of these acronyms next to year name, you’re off to a great start in earning a high salary. Here are some of the average salaries in the UK for jobs requiring the following IT security certs, according to ITJobswatch.com
  1. ISACA CGEIT - £45,000
  2. EC-Council CEH - £49,000
  3. EC-Council CHFI - £51,500
  4. ISACA CISM - £55,000
  5. ISACA CRISC - £55,000
  6. (ISC)2 CISSP - £55,000
  7. ISACA CISA - £55,750
  8. ISACA COBIT - £57,500
ISACA Certified in the Governance of Enterprise IT (CGEIT) - £45,000

Certified in the Governance of Enterprise IT (CGEIT) is a program designed for professionals directing, managing and supporting enterprise IT governance. Holders of CGEIT are experts in risk management, performance measurement, value delivery and the governance and management of IT. As a CGEIT, you’ll earn an average salary of £45,000.

EC-Council Certified Ethical Hacker (CEH) - £49,000

Beat a hacker, by thinking like one. With EC-Council’s Certified Ethical Hacker certification you’ll know how to defend against the latest techniques used to exploit your organisation’s vulnerabilities. The CEH stretches far beyond the field of penetration testing and into everyday application and network security. Certified Ethical Hackers on average earn around £49,000.


Image courtesy of hyena reality/freedigitalphotos.net

EC-Council Computer Hacking Forensics Investigator (CHFI) - £51,500

EC-Council’s CHFI certification teaches you the use of forensics tools, analytical techniques, and procedures involved in obtaining, maintaining, and presenting computer forensic evidence and data in a court of law. Computer Forensics experts with a CHFI can earn £51,500 on average.

ISACA Certified Information Security Manager (CISM) - £55,000

CISM by ISACA is a widely recognised credential for IT security professionals specialising in managing, developing and overseeing information security systems and for developing best security practices. CISM certified professionals have proven skills in risk management, governance and incident management as well as program development and management. Similarly to CRISC, CISM holders have good prospects of earning an average salary of £55,000 a year.

ISACA Certified in Risk and Information Systems Control (CRISC) - £55,000


ISACA’s CRISC is for experienced IT professionals working in the fields of technology risk management and Information Systems Control. CRISC-holders can manage risk design and oversee response measures, scan and monitor systems for risk, and meet their organisation's risk management strategies. The average salary offer for CRISC certified professionals is around £55,000.



Image courtesy of njaj/freedigitalphotos.net

(ISC)2 Certified Information Systems Security Professional (CISSP) - £55,000

(ISC)2’s CISSP demonstrates your expert skills in developing, guiding, and managing security standards, policies, and procedures within your organisation. The certification is considered to be one of the most prominent and prestigious security credentials out there, which is due to its rather demanding prerequisites. As a Certified Information Systems Security Professional you can be earning an average salary of £55,000.

ISACA Certified Information Systems Auditor (CISA) - £55,750

CISA is a globally renowned credential for Information Systems audit and security experts. CISA certified professionals possess the necessary skills, knowledge and expertise to identify and manage vulnerabilities and risks within their organisations, while implementing solutions to deal with them. The average salary for CISA holders is around £55,750 per annum.

ISACA Control Objectives for Information and Related Technology (COBIT) - £57,500

ISACA’s COBIT framework helps you to maximise the value of Information Technology within your organisation. With this certification under your belt, you’ll know how to achieve strategic goals and minimise risks, whilst optimising the cost of IT services. COBIT certified professionals earn an average salary of £57,500.

There you have it, the worth of some of the top security certs expressed in monetary terms. And don’t forget, the more experience you have, the closer you get to making these numbers even bigger.

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Thursday, 31 July 2014

Your stories: which course would you attend first, if you won Free Training for Life?


By 


Which would be your first certification, if you won Firebrand's Free Training For Life competition? You'd get free access to over 160 training courses from the likes of Microsoft, Cisco, EC-Council, CompTIA, PMI and many more. Whether you're working in IT security, cloud computing or project management, you'd find the courses you need to climb up the career ladder.

We asked you to share your “first course choices” on our Google+ page, because we were curious about your picks and the stories behind them.

Reading your responses was thoroughly enjoyable. Some of them were witty, well-justified and though provoking, so it was hard to pick the Top 5. But at last here they are, the best answers from 5 lucky winners of 100 extra tickets to Free Training For Life:

It’s extremely important to keep your networks safe and this response seems to agree.

“If I won FTFL I would choose the Cisco CCNA and CCNA Security as my first course, as I know that I would then be able to protect my systems and myself without physical confrontation. I am small so actual confrontation has never gone well for me. So having that card in my back pocket will set me off on the right path. I would then go down the project management side of things and do PRINCE2 course and other courses related to project management.“ – Rachel

Some of you have already attended training with Firebrand, so you know what to expect and how to further develop the skills you’ve already got.

“If I won FTFL it would be a toss-up between Certified Ethical Hacker (CEH) and CompTIA Sec+. Having done CompTIA A+ I thoroughly enjoyed the course and loved the introduction into cryptography, the AAA of computing, types of attacks and various methods of procuring data - I had no idea that it was so in-depth and that was just a skim over the subject.

Having developed an appetite for it, I think both courses would be a great next step, though I think the CEH would provide a unique insight into security from the side of the intruder. I spoke to some people doing the course whilst doing my CompTIA A+ on the Firebrand campus and they spoke very highly of the course and learned a lot.

I'd also build up my Comp TIA A+ a little more with N+ and then work through ITIL before potentially branching into CISM or CCNA. I plan to build a wide-ranging skillset throughout my career and hopefully Firebrand will be the ones to help me do it!” – David

This could be you in a few months' time. Watch Joseph, last year's winner, talk about his certification plans.


Having a solid foundation is essential in preparing for long-term future goals.

“With so much choice it's not an easy decision. It would be either the CompTIA Trifecta [A+/N+/Sec+] to gain a solid foothold in an IT career or a Cisco CCNA qualification. Cisco would be the ideal choice as in today’s ever increasingly "Connected" world this would probably the most future proof qualification, as networks are always going to be required and therefore the properly certified individual will be the 'Key player' to keep this moving forward.” – Paul

We can’t stress this enough: you can beat a hacker, if you can think like one.

“I would go for the EC-Council CEH v8 to acquire the required skillset needed to help keep networks more secure. It's like the saying...to catch a thief, you have to think like a thief. With Firebrand Training, that dream would become a reality…” – Clevelon

If you’re familiar with what you need to make progress, you have a very good chance of reaching your goals.

“If I win the FTFL Competition, I will start with the BCI Certificate Training. The reason is because as an IT practitioner, my chosen area of specialty is IT Management, and with the Five Core Modules of the BCI Curriculum, (1. Policy, Programme Management and Culture;  2. Understanding the Organisation;  3. Determining Business Continuity Strategy;  4. Developing a BCM Response;  5. Exercising, Maintaining and Reviewing BCM Arrangements) I should be able to gain the requisite foundation for a start in the Sphere of IT Business Management.” - Imo

As you see different people have different preferences and ideas about their future. We’d be delighted to hear more of your stories. Tell us which course you’d take first, if you won Free Training For Life. You can do so on the Firebrand Google+ page.

Send us your story of which course you'd take and why, and the best ones will again be rewarded with 100 extra entries and a "Failure Is Not An Option" t-shirt.

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Monday, 20 January 2014

The benefits of the Certified Ethical Hacker certification


By 


Certified Ethical Hacker, or CEH, certification is one of the hottest picks for IT security professionals pursuing a career in penetration testing. However, it’s often overlooked as a viable certification option by most information security pros. Although the certification is a must-have for penetration testers, its benefits are not limited only to this small niche of professionals.

The CEH exam is a relatively new credential in the IT certification industry, but its importance and influence have grown quickly. Provided by EC-Council, the CEH exam was the first certification to bring the so-called dark side of IT into the limelight. Before the CEH exam, there was no certification that taught the methods and tools that hackers use to penetrate computer systems. The CEH exam focuses on how hackers find and exploit vulnerabilities. The course includes everything from the tools of the trade to ethics.

What many security professionals do not yet realise is that the benefits of studying for and achieving this certification stretch beyond the field of penetration testing and into everyday network and application security. In addition to meeting the regulatory standards for employment for many top security positions, you can gain a wealth of knowledge that is otherwise not easy to obtain.  Besides your unique, new title, you’ll also get the following benefits, if you decide to get your CEH certification:

Understanding risks and vulnerabilities

The CEH course is made up of the following task and knowledge domains:

Task domains
  • System development and management
  • System analysis and design
  • Security testing
  • Reporting
  • Mitigation
  • Ethics

Knowledge domains
  • Background
  • Analysis/Assessment
  • Security
  • Tools
  • Procedures
  • Policy
  • Ethics

These domains are comprehensive and form a solid foundation for understanding how vulnerabilities affect organisations on a day-to-day basis.

Thinking like a hacker

The CEH course gives “white hat” IT professionals a glimpse into the mindset of a typical hacker. The focus of an IT professional is always on keeping bad guys out and maintaining secure systems. Over time, many IT pros develop a reactionary mindset. Battling with the bad guys will always involve reacting to threats and events as they occur, but it’s far more valuable and powerful to understand how the bad guys think and to be able to anticipate their moves. By learning the hacker mindset, you’ll be able to take a more proactive approach and see beyond current security tools and policies to know where and how an attacker might try to gain access to your network.

Learning how exploits evolve

Besides demonstrating the hacker mindset, the CEH course also provides valuable insight into the entire life cycle of an exploit. For many security professionals, the way exploits evolve to take advantage of vulnerabilities is a mystery. While security pros are trained to prevent and respond to known vulnerabilities, little attention is paid to the life cycle of the exploit itself, from its conception to its destructive use in the real world. The level of insight gained by becoming a CEH allows you to look at exploits and vulnerabilities objectively and to spot potential attack vectors and weaknesses before the hackers do.

Learning about the tools of the trade

Another overlooked benefit of the CEH certification is the amount of knowledge you can get regarding the tools of the hacker trade. While most IT pros have experience with at least some of the tools used by a CEH, they often lack the in-depth knowledge that’s required to use these tools for criminal purposes. Learning how malicious attackers use various tools allows you to better secure your networks, applications, and other assets.

To learn more about Ethical Hacking and its benefits, watch the following video with EC-Council President Jay Bavisi:



About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Thursday, 20 June 2013

CEH v8 released!


By 



EC-Council have finally released the much awaited CEH v8, which now contains 20 of the most up-to-date hacking domains you'll need. Whether it's to strengthen the security of your company or start your own Ethical Hacking career.

The new enhancements includes: core content updates, new content flow, new concepts and attacks, the latest hacking techniques, pentesting components, and many more. Here are some of the latest updates v8 will focus on:
  • Security issues in the latest operating systems. Including Windows 8 and Windows Server 2012
  • Existing threats to operating environments dominated by Windows 7 and other operating systems
  • The latest hacking attacks targeted to mobile platform and tablet computers and countermeasures to secure mobile infrastructures
To beat a hacker, you must think like on and this is exactly what being a Certified Ethical Hacker is all about. Hacking has quickly moved from being something weird and rebellious to a clear sign of power and intelligence. It is now one of the most desired information securities training programs every professional wants.

The course covers all domains needed to test system vulnerabilities and employ countermeasures. The attempts are made using the same methods and techniques as a Hacker.

The objective is to ensure your organisations vulnerabilities and security flaws are found before they are exploited by hackers. Ethical hackers mimic the approach adopted by hackers with minimum disruption in services. The extent of the tests depends on the contract between the ethical hacker and the organisation.

CEH v8 - EC-Council logo

The Certified Ethical Hacker certification is vendor neutral and enhances the skill sets of security administrators, network administrators, security auditors and other IT professionals. 

Master the ethical hacking methodology and use it in penetration testing or in as ethical hacking situation. Finf out more about the Certified Ethical Hacker v8 certification here.

Jay Bavisi, Co-Founder and President of EC-Council, recently spoke to us about the highly anticipated Version 8 of the Certified Ethical Hacker (CEH v8) credential. Watch below:




To embed this video copy the text in the box below:


About the Author:
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.