Welcome to the second in a series of articles addressing IT-related training and certification issues, with a focus on Microsoft’s certification program. Each week, I'll provide you with information that will assist you in your training and certification efforts.

Should You Wait for Windows 2000 to Begin Certification Training?
Students and professionals contemplating certification training have been asking whether they should start training now or wait for the release of Windows 2000 (Win2K). In 1996, we faced similar questions in the months before the release of Windows NT 4.0. I told people then that they should not put off training simply because Microsoft was planning to release a new version of its network operating system (NOS). My response is the same today, as we anticipate the release of this new version.

If you’re ready to start training, then do it. Those individuals inclined to wait for Win2K are likely to find other excuses for delaying training even after Microsoft releases the new version. Here are some more reasons for pursuing certification now:

  • Most of the network managers I’ve talked to have decided to delay upgrading their NT 4.0 operating environments to Win2K, choosing to let more adventurous network managers proceed down that bleeding edge path first.
  • Although there are some significant differences between NT 4.0 and Win2K, these differences pertain to improved network management capabilities for large enterprise networks. For the most part, you can apply what you learn about NT 4.0 to Win2K.
  • MCSE certification is not version specific. A new certification based on a new version of Microsoft’s NOS won’t invalidate the existing NT 4.0 certification path. If the exam retirement practice Microsoft used for NT 3.51 is any example, MCSEs following the NT 4.0 certification path will not have to take new certification exams until Microsoft creates a new path based on a major revision of Win2K--something I don’t expect before 2004.
  • The upgrade knowledge path for MCSEs from NT 4.0 to Win2K won’t be all that difficult. Microsoft’s suggested training for MCSEs, presented in Course 1579: Accelerated Training for Updating Support Skills and Designing a Directory Services Infrastructure for Microsoft Windows 2000, supports this claim. Microsoft has teamed with its Certified Technical Education Center (CTEC) channel to offer this instructor-led course to MCSEs at half-price (approximately $1000). See http://www.microsoft.com/ train_cert/win2000/ for more information.

CISSP Certification Overlooked
One of the benefits of subscribing to Windows NT Magazine is that you receive your copy before it hits the newsstands. I was reminded of this last month, when I received several quick responses from other subscribers about a certification I left out of my article, "Companion Certifications for MCSEs."

Two magazine subscribers provided immediate feedback, letting me know I should have mentioned the Certified Information Systems Security Practitioner (CISSP) program developed by the International Information Systems Security Certification Consortium (ISC2). I might have brushed off this oversight by claiming that the certification is not important, but that isn’t true. Unfortunately, my research, which relied on keyword searches at the major search engines on the Web, failed to reveal even the existence of this certification.

What I’ve found since convinces me that the CISSP certification is an advanced certification that some of you should consider pursuing. I characterize this certification as advanced for several reasons, including the experience required to obtain CISSP status. Applicants must have 3 years of direct work experience "in one or more of the 10 test domains of the information systems security Common Body of Knowledge (CBK)." The information systems security test domains are identified as:

  • Access control systems and methodology
  • Computer operations security
  • Cryptography
  • Application and systems development
  • Business continuity and disaster recovery planning
  • Telecommunications and network security
  • Security architecture and models
  • Physical security
  • Security management practices
  • Law, investigations, and ethics

According to the ISC2, approximately 1500 individuals hold CISSP status. The CISSP certification exam consists of 250 multiple choice questions drawn from the 10 topical test domains of the CBK. Candidates are given up to 6 hours to complete the exam. With an exam fee of $395, this is one test you won’t want to retake.

If you’re interested in obtaining CISSP status, your first step might be to order the CISSP Examination Study Guide. The guide contains a description of the 10 test domains, sample test questions, and a list of reference materials. To get a copy from within the United States, send a large self-addressed shipping label and $10 for Priority Mail handling to:

(ISC)² Inc.
415 Boston Turnpike, Suite 105
Shrewsbury, MA 01545-3469 USA

For information about delivery outside of the United States, see http://www.isc2.org/guide.html.