Tag Archives: certification

Thoughts After Passing the CWSP PW0-204 Exam

After putting it off until the very last moment, I finally wrote and passed the Certified Wireless Security Professional (CWSP) PW0-204 exam. This was important since it had been almost 3 years since I passed the CWSP (PW0-200) exam and my credentials were set to expire on the 25th of June. Crisis averted! With the exam out of the way, I thought it would be worthwhile to share some thoughts on my experiences while preparing for it.

In no specific order, here are a few things I found very interesting about my time studying for PW0-204: 

  1. Wireless security was much less complicated 3 years ago. When I took the PW0-200 exam, I didn’t have to know anything about 802.11n, 802.11k, 802.11w, or 802.11r. All of these, now ratified, IEEE standard amendments come with their own set of additional security settings and concerns that must be taken into consideration when securing a WLAN. Continuing to educate yourself and staying on top of the latest industry developments is the easiest way to ensure that a certification’s body of knowledge doesn’t leave you behind.
  2. Experience in the field helps immensely with this exam. When I first wrote the PW0-200 exam, 3 years ago, I had a great interest in the subject but very little real-world WLAN experience. This time around, after living and breathing WLANs for 3 years, I found I was able to quickly skim or review a lot of the CWSP Study Guide since I deal with 802.1X/EAP, PKI, and WIDS/WIPS solutions quite frequently in my role as a security consultant. In my opinion, the CWSP certification is a great example of an exam that goes beyond ‘textbook studying’ and really tries to incorporate lessons that can only truly be learned through hands-on experience. Certifications like that rock because they signify practical/useful knowledge instead of just the ability to memorize answers for a test.
Next Step

Keeping my existing CWNA and CWSP credentials was just stop number one on this journey. With that out of the way, I’m now beginning my assault on the Certified Wireless Network Expert (CWNE) designation. Last time I check there were less than 100 CWNEs globally so it’s definitely going to be a challenge. I have to pass both the CWDP and CWAP exams first. Wish me luck and I look forward to posting my thoughts and insights on my next exam this summer.

Dan C.

 

My journey in IT Security Certifications

IT security is one of the largest growing sectors in the IT field overall and as such IT security professionals are in high demand. As a result, security field employers are using certifications more and more as their baseline for evaluating and comparing security professional position candidates. As an IT security professional, I have gone through many certifications in my career.

Here is an overview of the major IT and security certifications I have obtained:

Cisco Track CCNA, CCNP: As many Security professionals, my journey in IT certifications started with Cisco routing and switching track, as I was in the networking field prior to the security field. Cisco certifications are highly technical and very demanding in terms of hands-on abilities on routers and switches. Cisco certifications gave me a strong knowledge on networking technologies and a deep understanding of routing protocols. Currently to obtain the CCNP certification, three exams are required (routing, switching and troubleshooting) after CCNA. Like all Cisco certifications, CCNP is valid for three years and requires taking a professional level exam or expert level written exam before expiration date, in order to renew certification.

Security+: This is the first certification to think of for a junior IT professional aiming to specialize in IT security field. CompTIA Security+ is an international, vendor-neutral certification that demonstrates competency mainly in network security, threats and vulnerabilities, access control and identity management. This was my first step in the IT security world. It was not highly technical; instead, it was more focused on learning the terminology and basic security concepts used by security professionals. Security+ is valid for three years and requires taking the exam in order to renew certification before expiration date.

CISSP: After gaining the required five years experience in the security field (with a strong networking flavour), I took the CISSP exam. This is a very demanding certification with a large volume of documentation to walk through. It took me about 4 months to finish the Shon Harris study guide (studied only during the weekends), then about a month to practice CISSP exam like questions. CISSP is not the most technical certification but by far the most complete one in terms of security subjects’ coverage. It took me around four hours to finish the 250 questions of the exam. CISSP is valid for three years and gaining CPEs is required to maintain and renew the certification.

CEH: It is much more technical than the Security+ certification and focused on penetration testing methodology and various hacking tools. I can’t say I learned pen testing with CEH. Indeed, prior to taking the CEH exam, I already had some experience on pen testing and security assessments, CEH gave me a strong knowledge on methodology and the targets to be defined for each step in the pen testing process. CEHv6.0 was more focused on tools whereas the new CEH curriculum CEH v7.0 is more focused on methodology with an OWASP flavour. CEH certification is valid for three years and CPEs are required in order to maintain the certification.

CISA: CISA is a well known audit certification, most probably the oldest certification in the field of information systems audit. The CISA exam was focused on IT governance, Risk management and General IT audit process & methodology. Unlike the CISSP exam, which I found to be pretty easy; this exam was hard, really hard. Indeed, few questions were of a technical nature and the business process and risk management related questions were very subjective and ambiguous. Just like CISSP, CISA is valid for three years and gaining CPEs is required to maintain and renew the certification.

The journey is not finished yet; this year I’m targeting GIAC certifications and will focus more on audit process, risk and security program management.

Maher G.

What has your certification path been like? Are there any certifications you would highly recommend? Do you agree or disagree with emphasis and importance that employers place on certifications during the hiring process?

Thoughts After Day 3 of Aruba WLAN Training

Course complete!. All the gear is factory reset, packed away, and the test has been written and passed. It was a fun three days of configuring, tweaking, and experimenting with wireless controllers, access points, and AirWave, but all fun things must come to an end.

The last day of the 3-day Implementing Aruba WLANs course was a bit like a catch-all day for the topics that didn’t fit nicely into the other sections. We covered captive portals, remote APs, Adaptive Radio Management, and Spectrum Analysis. Given the wide choice of topics, it was actually a little difficult to come up with just a few thoughts based on the days activities, but here goes:

  1. As wireless vendors roll out amazing features like remote APs, which allows the office to follow the users regardless of where they are physically located, we will see WLANs positioned nicely to start displacing wires in a more permanent way at head offices and branch offices alike. The ability to control authentication, access, and encryption for wired and wireless users regardless of where they are is very empowering for organizations and I can’t see how this won’t be a standard offering by all wireless vendors in the very near future. I can already think of a few WLAN vendors who have rolled out remote AP offerings so, as far as I’m concerned, the flood gates have been opened.
  2. Spectrum analysis is a cool feature which can be quite handy when it comes to keeping your WLAN running optimally. However, I can’t over-stress the importance of not relying too heavily on having your tools do all the troubleshooting and interpretion for you. Some decisions can be made fairly accurately by tools while others still require human interpretation. The introduction of spectrum analysis by a few large WLAN vendors is definitely a good thing but, like all things in IT, you need to take the time to learn what the tools output actually means so that you can make educated desicions regarding the behaviour and configuration of your WLAN deployment. Spectrum analysis is meant to provide more information which should help us make more informed decisions; the decisions still need to come from a trained WLAN professional though.

I would definitely recommend the Implementing Aruba WLANs course for anyone involved in deploying or administering a small to medium-sized Aruba deployment. For larger deployments involving multiple sites and controllers I suggest taking your training beyond ACMA certification and checking out the Scalable WLAN Design & Implementation course which will prepare you for the Aruba Certified Mobility Professional (ACMP) certification.

Dan C.

If you have any questions about wireless training or are planning a wireless deployment and would like to have a discussion about it, please feel free to contact us or post a comment.

Thoughts After Day 1 of Aruba WLAN Training

I firmly believe that the only way to stay on top of the wireless networking industry is to fully embrace the idea of lifelong learning. To me, this doesn’t just mean learning new skills and products, but also taking the time to revisit and refresh the things you think you already know. That’s why I jumped at the chance to sit in on a three-day Implementing Aruba WLANs course being held at my office. True, I do already have my ACMA, but I attained this back when controllers were running ArubaOS 3.x. Now that ArubaOS 6.x is out, I figured it couldn’t hurt to revisit the course and make sure I’m still up to date. Here are a few observations after completing the first day:

  1. Regardless of how simple a WLAN controller is to configure, anyone involved in designing, securing, or administering a WLAN must still understand the underlying 802.11 technology. Fancy wizards and snazzy interfaces are great when things are working fine, but don’t expect your WLAN to run as efficiently, securely, or resiliently if you don’t know what all those knobs and dials are actually doing. That beings said, Aruba Networks has done a great job improving and enhancing their configuration wizards. These wizards do such a good job of simplifying the basics of configuring your controller(s) that someone could technically get a secure WLAN up and running with very little wireless knowledge or experience. Unfortunately, there is no WLAN Administration Wizard. Until that day arrives, hit the books and start learning the underlying technology. A good place to look for vendor neutral wireless certification is the CWNP organization.
  2. Wireless networks are at a critical, and potentially dangerous, juncture in their relatively short lives. If we spend the time to properly plan, design, and secure wireless networks they have the potential to dramatically affect the way we work and play in a very positive and reliable way. However, if we rely too heavily on the perceived simplicity of deploying wireless networks without doing our homework first, then we are setting mobile computing up for failure or, at the very least, an existence that falls very short of the true potential of wireless networking.

Overall, day one was very informative and a lot of fun. It’s always great to see people putting in the time and effort required to properly implement a wireless network. So far the Deploying Aruba WLANs course has delivered what was promised and I am looking forward to sharing my thoughts on the next two days.

Dan C.

Full Disclosure: NCI is a partner with Aruba Networks.