Thursday, 25 August 2016

Firebrand win EC-Council Accredited Training Centre of the Year 2016

As part of the EC-Council Global Awards 2016, Firebrand Training has been named Accredited Training Centre of the Year (Europe). This extends a record breaking achievement to an eighth successive year, a reflection of our continued dedication to delivering excellence and quality across our full range of accelerated EC-Council courses. 

This includes the globally recognised Certified Ethical Hacker (CEH) and exciting new Certified Chief Information Security Officer (CCISO) certifications. 


Firebrand Lead Instructor for EC-Council courses, Richard Millet, was also recognised in the EC-Council Circle of Excellence. This is the fourth time Richard has been honoured for his achievements by EC-Council - being named previously as Instructor of the Year in 2014 and entering the instructor Circle of Excellence in 2011 and 2015.


Speaking about the awards, Firebrand Training Co-Founder, Robert Chapman said:

"We are immensely proud to be named EC-Council Accredited Training Centre of the Year for the eighth year in succession. Here at Firebrand, we pride ourselves on providing accelerated learning of the highest calibre. Our aim is to quickly develop the vital skills and knowledge our customers need to defend their business from the growing cyber threat. 

To be recognised by EC-Council is an honour and shows we continue to deliver on our promise."

Jay Bavisi, President of EC-Council, gave his opinion on the awards:

"We have some of the best training organisations representing EC-Council across the globe and they have again demonstrated the commitment to high quality training, winning them awards again this year."

How the awards were won

Chosen from over 700 training centres, 107 countries and a wide range of EC-Council certified instructors, Firebrand proved its distinction in picking up the Accredited Training Centre of the Year award (Europe) and Instructor Circle of Excellence (Europe) award. Firebrand and Richard Millet met the extensive and rigorous criterion EC-Council have in place to be awarded as the best in Europe in both of these categories.

The Accredited Training Centre of the Year award seeks to acknowledge training centres that provide the greatest level of information security training. Some of these courses include EC-Council’s flagship Certified Ethical Hacker, the Computer Hacking Forensics Investigator, the Network Security Administrator and the ECSA.

The Instructor Circle of Excellence (Europe) award acknowledge instructors that epitomise the industry's best practices, while raising standards and contributing to a growing body of knowledge surrounding information security. 

Offering the latest EC-Council courses

As an official EC-Council training partner, Firebrand offers the very latest accelerated certification courses. This includes the recent addition of the CCISO certification, for which Firebrand were selected as the launch partner for England.

This CCISO course is aimed at developing the next generation of senior-level information security executives. The credential focuses on developing the technical skills needed of a Chief Information Security Officer, while also teaching the application of information security management principles from an executive management viewpoint. 

Thursday, 11 August 2016

Why CISSP is a must have certification, now more than ever

ISC2's CISSP course is essential if your pursuing a senior role in Information Security. CISSP provides an extensive overview of the Common Body of Knowledge (CBK): a compendium of information security practices and standards compiled and continually updated by (ISC)2.

CISSP is integral in developing an extensive understanding of information security and has gained importance as a key component in the selection process for management-level information security positions. But, for those that are unfamiliar, here are the top reasons why CISSP is the certification to choose, now more than ever.

1. Worldwide recognition:

A certification is only as good as the recognition attached to it. Unlike many standard certs, CISSP boasts industry wide recognition, acknowledged in 2015 by SC Magazine (for the fifth time) as the ‘Best Professional Certification Program’.

This Gold Standard credential is not only recognised by the world’s leading multinationals - such as Google, IBM and P&G - it’s also deemed a requirement in 56% of cyber jobs in the contracting industry. If you’re looking to take on the complicated world of IT security, a CISSP certification is a must have.

2. Job competence:

In the 2015 (ISC)2 Global Workforce Study, the report found that the attributes that best characterise ‘successful’ information security professionals came down to a broad understanding of the security field, communication skills and awareness of the latest security threats. 

2015 (ISC)2 Global Information Security Workforce Study

CISSP’s core content, seen in the domains listed below, actively seeks to develop this wide range of information and security management. The CISSP CBK consists of the following eight domains:
  • Security and Risk Management: Addresses a broad spectrum of general information security and risk management topics.
  • Asset Security: Addresses the collection, handling and protection of information throughout its life cycle. 
  • Security Engineering: Is the practice of building information systems and related architecture that continue to deliver the required functionality in the face of threats that may be caused by malicious acts. 
  • Communication and Network Security: Encompasses the network architecture, transmission methods, transport protocols, control devices and the security measures used to maintain the confidentiality, integrity and availability of information transmitted over both private and public communication networks. 
  • Identity and Access Management: Involves provisioning and managing the identities and access used in the interaction of humans and information systems, of disparate information systems and even between individual components of information systems. 
  • Security Assessment and Testing: Involves the evaluation of information assets and associated infrastructure using various tools and techniques for the purposes of identifying and mitigating risk. 
  • Security Operations: Involves the application of information security concepts and best practices to the operation of enterprise computing systems.
  • Software Development Security: Involves the application of security concepts and best practices to production and development software environments. 
The Global Workforce study also compares the job roles of (ISC)2 members versus non-members. 

The findings show those with an (ISC)2 certification such as CISSP, although in possession of a wide range of information, are more likely to take on specialised job roles. Examples of such specialist positions include Security Consultant, Security Architect, Information Assurance Manager or Security Advisor. Nannette Ripmeester, founder of Expertise in Labour Mobility, believes these “specific skills are valued more [by employers] because they are more difficult to teach”. Non-members, however, are more likely to have generalist IT roles such as Network Administrator, Security Systems Administrator or Technical Consultant. 

3. (ISC)2 Membership:

Once you have completed an (ISC)2 certification and subject to annual maintenance fees, you become an (ISC)2 member. This membership offers plenty of resources and benefits that can help further your knowledge and network. Some of these include:

  • Access to a vast network: With over 110,000 members across 160 countries, you will gain access to other CISSP certified individuals and the shareable knowledge of this community. 

  • The opportunity to earn CPEs - critical for maintaining your certification in good standing

  • Discounts on industry conferences and access to free online events. 

  • Access to industry-leading research: Includes the ISC Journal and the Global Information Security Workforce Study. 
  • Security central: An exclusive resource that researches and tracks vulnerabilities using proprietary, state-of-the-art algorithms to aggregate, categorise and prioritise vulnerabilities affecting tens of thousands of products.
  • Industry recognition: An event acknowledging distinguished information security professionals. 
  • Digital badges: Allows you to share your credentials online through the use of a badge.

4. Earning potential:

The CISSP certification proves you have the advanced skills, knowledge and commitment required, to command higher wages.

The challenging standards require students to have at least 5 years of experience in two of the eight (ISC)2 domains listed above. Additionally, the student must complete a 250 question multiple choice exam in order to be officially certified.

Although a difficult process, requiring students to fully understand the CBK and framework of information security practices and standards, the return on investment makes it one of the most highly sought after courses available. 

Those with a CISSP certification command an average an salary of £76,700, compared with £62,500 for similar job titles without a CISSP certification.

5. Growing demand for Security Professionals/Higher spending on IT security:

CISSP has and is likely to always remain a well-performing certification, but what makes it so special today?

As businesses become increasingly dependent on information technology, the importance of cyber security has never been so important. Cybersecurity Ventures projects $1 trillion will be spent globally on cyber security from 2017 to 2021. Editor-In-Chief, Steve Morgan, stated that “IT analyst forecasts are unable to keep pace with the dramatic rise in cyber-crime”. Forbes echoed this in a recent article, stating that the booming cyber security market is expected to grow from $75 billion in 2015 to $170 billion by 2020.

Despite the industry experiencing rapid growth, (ISC)2 found that by 2019 there will be a shortage of 1.5 million information security professionals. So, not only is CISSP a qualification that can propel your IT career, its current high demand in a growing industry make 2016 the best time to start. 

Monday, 1 August 2016

Becoming a Certified Ethical Hacker - 5 things you need to know

Photo Credit - The Preiser Project
‘Ethical hacker’ may sound like a contradiction in terms, but as the saying goes, ‘it takes one to know one’.

Businesses are increasingly realising the value of employing ‘white hat’ (ethical) hackers to employ the same tools and techniques as the nasty ‘black hat’ hackers, to find and close their IT systems’ security vulnerabilities.

If you’re serious about a career as an ethical hacker, gaining a certification is a powerful way to
demonstrate your expertise, and boost your employment prospects.

1) One certification to rule them all 

There is a wide selection of IT security certifications, for all levels of experience, and with various biases towards either the technical or managerial sides. But for ethical hacking the choice is easy, as one certification is regarded as the gold standard: the EC-Council Certified Ethical Hacker (CEH). By way of evidence: on ITJobsWatch, in the past 3 months 258 jobs cited ‘Ethical Hacker’ or ‘Ethical Hacking’, but 343 explicitly cited ‘EC-Council Certified Ethical Hacker (CEH)’.

The latest version of CEH, v9, was introduced at the end of 2015, so make sure this is the one you study. It offers incredibly comprehensive coverage of the latest techniques and methodologies, based upon the expertise of the world-leading experts at the EC-Council (International Council of Electronic Commerce Consultants). To give you an idea of the certification’s scope, you’ll gain exposure to over 2200 hacker tools.

You don’t need decades of previous experience in order to take the CEH certification. The EC-Council suggests two years’ IT security experience, although this is flexible if you have previous IT-related qualifications.

2) Do a course 

There’s often a choice with certifications whether to take a course, or self-study. With CEH, self-study is rather challenging, because it’s difficult to gain sufficient practice and ensure you are not accidently breaking the law!

On an official CEH course, you practice your skills on EC-Council's 140 labs covering a vast range of security vulnerabilities. Ethical hacking, probably more than any other IT skill, requires you to ‘think outside of the box’, so realistic mind-stretching practice environments are essential.

3) Be a child 

Ethical hacking is a creative and exploratory process. Yes, there is a suite of standard tools and techniques with which you need to be comfortable, but a mindset of almost child-like curiosity is essential. You’ll constantly need to find unexpected ways of using existing systems to expose the back doors that everyone else has overlooked.

The CEH course places a strong emphasis on teaching you to ‘think like a hacker’. It’s your job to take the red pill, and actively explore how deep the rabbit hole goes.

4) With great power comes great responsibility 

Perhaps as important as curiosity is a strong sense of responsibility. The CEH teaches you the same techniques that ‘black hat’ hackers use for malicious purposes. Consequently, you’re required to sign a form stating that you won’t misuse your knowledge.

The Computer Misuse Act, which mandates prison sentences for hacking, has no provision for curiosity or good intentions – so only ever attack live systems when you have explicit permission from the owner!

5) It’s big money 

Cyber attacks affected 1 in 4 UK businesses in 2015, costing the economy a staggering £34 billion. The cost of each breach was £1.46 million on average. It’s no surprise, then, that businesses are crying out for skilled staff to combat the problem – and they’re willing to pay.

As you may have gathered, the shortfall in certified ethical hackers is rapidly driving up salaries. The current median salary is a very respectable £57,500, having risen from £50,000 two years ago.

Tuesday, 19 July 2016

World’s most expensive cyber security training programmes launched

Today, we launch a brand new product known as Firebrand Max. Imagine luxury 5-star service combined with our accelerated learning to create a unique training experience like no other.

Think one-on-one instruction, helicopter travel and castle accomodation. We’ve supercharged every aspect of the Firebrand experience:

Even faster

Each programme combines up to five official and accelerated certification courses enabling you to attain a level of expertise that would take years elsewhere. One-on-one instruction from an expert instructor allows the training experience to be tailored to your every need.

State of the art technology and super-fast broadband further accelerate the teaching experience, with on-site testing and a personal exam invigilator removing the need to travel for exams.

Free from distraction 

Your every need is catered for, allowing you to focus entirely on training. You’ll be flown by helicopter to the prestigious Aikwood Tower in the Scottish countryside. The location provides complete seclusion, allowing you to train and sit exams in perfect isolation. 

A personal chef will deliver specially crafted meals to maintain your energy levels and concentration throughout. While a technical support team, available 24/7, ensures all systems for training remain uninterrupted.

Even more included

We’ve packed even more into our all-inclusive package. One simple price covers:

  • Travel - helicopter and chauffer driven transport to and from the training location
  • Food – all meals, drinks and snacks specially prepared by your personal chef
  • Accommodation - up to 25 nights in the prestigious Aikwood Tower
  • Training – one-on-one personal instruction 
  • Exams vouchers and Course Materials - including a personal exam invigilator
  • Tech support – 24hr support ensuring all systems stay online

The first Firebrand Max programmes

The first Firebrand max programmes focus on cyber security. There are three programmes aligned to senior cyber security roles - Chief Information Security Officer, Security Architect and Ethical Hacker.

Combining official courses including EC-Council, ISACA and (ISC)2; they have been specially built to develop the senior expertise required to tackle a terrifying rise in UK targeted cyber crime.

Discussing the decision to start with cyber security programmes, UK Managing Director, Emma Seaman says;

It was an obvious decision. The frequency and sophistication of cyber-attacks is on the rise. The potential damage these attacks can inflict on the modern connected business is deeply concerning. With an ever increasing percentage of sales coming via online transactions, a FTSE 500 business being forced offline could lose upwards of £11 million a day in revenue.

The need for cyber security experts in senior positions to protect businesses from these attacks has never been higher. The Firebrand Max cyber security programmes are designed to develop these much needed experts, in an industry where we are facing a severe skills shortage.

Following in the footsteps of the Cyber Security pathways, Firebrand plan to launch a series of additional programmes focussing on Cloud and Development.

To discover more about Firebrand Max, head to the website.

Thursday, 14 July 2016

10 tips to pass Microsoft's MCSA 70-412 exam

If you’re considering achieving the MCSA Windows Server 2012 certification, you’ll need to pass 3 exams 70-410, 70-411 and 70-412. Having launched our “10 tips to pass Microsoft’s MCSA 70-411 exam” we now focus on the final exam 70-412: Configuring Advanced Windows 2012 Services. This exam measures your skills in configuring network services, configuring file and storage solutions, implementing business continuity and disaster recovery, and managing high availability.

The 70-412 exam builds upon the fundamental skills demonstrated in the 70-410 and 70-411 exams and confirms that you can configure and manage the Windows Server 2012’s functions. Remember, you are required to pass all three exams before you are MCSA: Windows Server 2012 certified.

We’ve researched and gathered 10 top tips that will help you obtain the skills and knowledge to pass the third and final Microsoft MCSA: Windows Server 2012 certification exam, 70-412.

1. Use the Microsoft Virtual Academy

Microsoft’s Virtual Academy is one of the most useful resources Microsoft provides. Watch videos from Microsoft experts, giving you in-depth training and guidance on core Microsoft technologies. There are also online courses aligned to Microsoft exams. 

You can watch the video for the MCSA: 70-412 exam here. This takes you through a review of the topics covered in this exam in a fast-paced format, as well as receiving some valuable test taking techniques. The session is led by a Microsoft Certified Trainer (MCT), experienced in delivering sessions on the exam's aims and contents.

I’d highly recommend using the Microsoft Virtual Academy to prepare you for your studies. Once you fully understand what you’ll be facing, you’ll be in a better position to begin your exam preparation and studying.  

2. Use a revision guide

A revision guide is a must-have essential for any exam. It’ll guide you through your studies, highlighting which topics require more focus than others. Study guides often define terms you may not understand and explain theory with a high level of detail.

Don’t waste your study time searching for guides, here’s our top recommendations. Like the 70-411 exam and 70-410 exam before it, Microsoft have a really useful official 70-412 exam revision guide called, “Exam Ref 70-412 Configuring Advanced Windows Server 2012 R2 Services”. If you used Microsoft’s guide for the 70-411, this will continue nicely where you last left off, using a similar style and layout. It is well structured to help you focus on each exam objective and also presents real-world scenarios to put your knowledge into context. Furthermore, published from Microsoft itself, you can trust that it contains all the information you need for the exam.

You can find it on Amazon here. The ISBN is 978-0735673618.

Another great book to use for revision is William Panek’s MCSA Windows Server 2012 R2 Complete Study Guide: Exams 70-410, 70-411, 70-412. It comes with weight as it’s written by one of Microsoft’s MVPs and covers all the topics in all three of the MCSA: Windows Server 2012 certification exams. This goes into extensive detail to improve your knowledge and prepare you for the 70-412 exam. Other features include hands-on exercises, practice exam questions, electronic flashcards and over two hours of video content. All of this creates a revision guide package that is perfect at improving your Windows Server 2012 knowledge in all the areas in the three exams.

You can find it on Amazon here. The ISBN is 978-1118859919.

3. Join a forum

Joining a community and sharing your Microsoft 70-412 exam queries and experiences can help you gain and share knowledge. It allows you to bounce ideas off others in the same position as yourself or with those who've already passed the exam. Doing this in an online forum can be a well-earned break from revision and may surprise you in the amount of questions it answers. Take each answer with a pinch of salt – not everyone is an expert.

One of the best for Microsoft exams is TechNet’s forums. You can search for specific exam related questions, or look up general technology related queries. You could pose a direct question yourself, or use an existing thread with many responses and answers already available. There are many ways in which an online forum could be helpful to your 70-412 exam studies.

To point you in the right direction, here is a link to the Windows Server 2012 section and a link to the MCSA exams section.

4. Take a practice test

Practice tests are the closest you can get to a real exam. They’re designed to replicate the same question style and cover the same topics as the actual exam, therefore augmenting your chances of passing. Practice tests allow you to identify areas that may need a tighter focus or more revision.

The best place to go for Microsoft practice exams is MeasureUp. They’re Microsoft official and have copious resources for all Microsoft exams. You can find the 70-412 practice exam package here, which contains 156 questions in total. Its features include a timed certification mode that mimics an exam scenario, a study mode that walks you through all topics and an instant score and break-down of how you’ve done to see where you need to improve.

You can buy the package for £79 or download 60 and 30 day editions costing £72 and £66 respectively.

5. Take a course

There is no substitute to immersing yourself with like-minded students - who are in fact a resource themselves as they are focused on passing the same exam. You will learn from experts in the field, dedicated to building your Windows Server 2012 skills and knowledge putting you in the best position to pass your 70-412 exam. They get you hands-on with Windows Server 2012, whilst taking you step by step through the courseware.

Firebrand offer a 9 day accelerated Microsoft MCSA: Windows Server 2012 R2 course which covers all three exams, of course including the 70-412. 

There’s no better way to help you get certified than taking time out to study and giving it 100% of your time and attention, especially when you combine a course with some of our other tips and resources.

6. Avoid brain dumps

You should avoid brain dumps at all cost! It is important to remember that these are illegal and you will be immediately disqualified from exams. They are a false economy, teaching you to cheat in order to pass, rather than focusing on building the necessary skills and knowledge required to pass. 

Make sure you steer clear of 70-412 brain dumps.  Even if you pass, you’ll not have learned the skills the certification aims to teach you, meaning you won’t be able to put these into practice in real-world situations and your job. 

7. Download a trial version of the software

You can get hands-on with a trial version of Windows Server 2012. Put your knowledge into practice, reinforcing your learning of configuring advanced services in Windows Server 2012. Using all the Windows Server 2012 features, you’ll discover things you didn’t in your studies, that’ll be handy in your exam.

To make it more relevant, I’d recommend combining your exploration of the trial version with a study guide and the exam objectives. This’ll on critical knowledge areas aligned to the exam including the configuration of Network Services and the implementation of Disaster Recovery features.

8. Join a study group

Study groups are useful for connecting with other students who are focusing on the same goal as you, sitting the 70-412 exam. Sharing study tips and experiences could be useful to your study method. Collaboration is always helpful when it comes to studying, joining a study group is also a great way to stay motivated.

One of the biggest study groups for Microsoft certifications can be found on the Born to Learn blog. Here is the link to the MCSA: 70-412 exam study group. This is where you can find forums and discussions in which you can interact with others.

9. Do some practice labs

If you’re looking to try out Windows Server 2012, but don’t yet feel confident enough to attempt the practices in the 70-412 exam, a practice lab is for you. It is based around guided learning so you can tackle the challenges in a safe environment, removing the danger of anything going badly wrong.

You may already be aware of TechNet’s 31 Windows Server 2012 R2 virtual labs. Although there isn’t one specifically for the 70-412 exam, they are all free and many of these cover topics that overlap with 70-412 exam content – such as an introduction to failover clustering or identity services with Active Directory.

10. Download a study app

Revision for your 70-412 exam has not escaped the modern world of the smartphone. Study apps have 70-412 exam resources to help you revise at your convenience. Whilst these should not be solely relied upon when revising, they can be useful tools to suit a specific need and are helpful for studying on the go, or when you’re away from home or the office. The three below are some of the best currently available and all have specific 70-412 sections:

  • Transcender
    • A highly customisable app allowing you to tailor your studying and has a setting to replicate the exam environment and style of questions.
  • uCertify
    • Includes one of the most extensive libraries of practice questions plus a well-structured study guide to assist you through your exam practice.
  • Pass-Guaranteed
    • Another app with a collection of outstanding practice questions. This is because you can customise the type of questions you face, to vary your exam practice.