Northeast State Community College has established a testing site for computer information technology students seeking to earn industry certifications.
There is an appreciable number of available, high-quality certification programs that focus on digital investigations and forensics. However, there are also many certifications and programs in this area that are far less transparent and widely known.
There’s been a steady demand for digital forensics certifications for the past several years, mainly owing to the following:
- Computer crime continues to escalate. As more cybercrimes are reported, more investigations and qualified investigators are needed. This is good news for law enforcement and private investigators who specialize in digital forensics.
- There’s high demand for qualified digital forensics professionals because nearly every police department needs trained candidates with suitable credentials.
- IT professionals interested in working for the federal government (either as full-time employees or private contractors) must meet certain minimum training standards in information security. Digital forensics qualifies as part of the mix needed to meet them, which further adds to the demand for certified digital forensics professionals.
As a result, there is a continuing rise of companies that offer digital forensics training and certifications. Alas, many of these are “private label” credentials that are not well recognized. Making sense of all options and finding the right certification for you may be trickier than it seems.
To help choose our top five certifications for 2019, we looked at several popular online job boards to determine the number of advertised positions that require these certifications. While the genuine results vary from day to day and by job board, this should give you an idea of the number of digital forensic jobs with specific certification requirements.
Job board search results (in alphabetical order, by certification)*
| Certification | SimplyHired | Indeed | LinkedIn Jobs | LinkUp | Total |
|---|---|---|---|---|---|
| Vendor neutral | |||||
| CFCE (IACIS) | 63 | 82 | 117 | 46 | 308 |
| CHFI (EC-Council) | 106 | 140 | 253 | 68 | 567 |
| GCFA (SANS GIAC) | 422 | 489 | 857 | 294 | 2,062 |
| GCFE (SANS GIAC) | 203 | 226 | 433 | 143 | 1,005 |
| Vendor specific | |||||
| ACE (AccessData) | 25 | 29 | 31 | 12 | 97 |
| EnCE (EnCase) | 110 | 154 | 237 | 114 | 615 |
*We covered two GIAC credentials, presented together in a single GIAC section below.
Digital forensics is a relatively lucrative space for practitioners. The average salary for intermediate digital forensic jobs in the U.S. – $63,959, according to SimpyHired – trails that of network engineers, system administrators and project managers. However, a senior specialist or forensic analyst, whether working in the private industry or government channels, will often earn six figures in major metro areas. We found salaries on the high end running almost $107,000 for forensic analysts and more than $127,000 for digital forensic roles.
ACE: AccessData Certified Examiner
AccessData is the maker of the popular Forensic Toolkit (FTK) solution for digital investigations. The company also offers a variety of related products and services, such as AD Lab, AD eDiscovery, AD Enterprise and AD Triage.
The AccessData Certified Examiner (ACE) is worth pursuing for those who already use or plan to use FTK, which enjoys widespread use in law enforcement and private research and consulting firms. The certification requires one exam, which covers the FTK Imager, Registry Viewer, PRTK (Password Recovery Toolkit) and FTK Examiner Application/Case Management Window tools in detail. AccessData recommends basic to moderate forensic knowledge before attempting the exam. This includes an understanding of digital artifacts, Registry files, encrypting and decrypting files, hashing, attack types, using live and index searching, and other topics. See the latest ACE Study Guide for details.
Recertification is required every two years. Credential holders must pass the current ACE exam, which focuses on the most current versions of FTK and other tools, to maintain their credentials.
ACE facts and figures
| Certification name | AccessData Certified Examiner (ACE) |
|---|---|
| Prerequisites and required courses | None; training recommended:
AccessData FTK BootCamp (three-day classroom or live online) FTK Intermediate courses |
| Number of exams | One test (ACE 6); includes knowledge-based and practical portions
Registration required to receive a join code to access the testing portal |
| Cost per exam | $100 (exam fee includes retakes and recertification exams) |
| URL | http://accessdata.com/training/computer-forensics-certification |
| Self-study materials | There is a link to the free ACE Study Guide is on the certification webpage. The testing portal includes study videos, lessons in PDF and a practice test (with an image file). |
CFCE: Certified Forensic Computer Examiner
The International Association of Computer Investigative certified (IACIS) is the organization behind the Certified Forensic Computer Examiner (CFCE) credential. This organization caters primarily to law enforcement personnel, and you must be employed in law enforcement to qualify for regular IACIS membership.
A formal application form, along with an application fee, is necessary to join IACIS. Regular membership includes current computer/digital forensic practitioners who are current or former government or law enforcement employees or forensic contractors to a government agency. All other practitioners can apply for Associate membership to IACIS, provided they can pass a background check. Membership fees and annual renewal fees are required. IACIS membership is not required to obtain the CFCE credential.
To obtain the CFCE credential, candidates must demonstrate proficiency with CFCE core competencies. One option is IACIS’ Basic Computer Forensic Examiner (BCFE) two-week training course; it meets the 72-hour training requirement, costs $2,995, includes a free laptop and waives the IACIS membership fee for nonmembers. IACIS membership is required to attend the course. Candidates completing the training course can enroll directly in the CFCE program upon completion of the course. Those not attending the BCFE course may meet the 72-hour training requirement with a comparable course (subject to IACIS approval), pay a $750 registration fee, and successfully pass a background check to enroll in the CFCE program and sit for the exam.
The CFCE test is a two-step testing process that includes a peer review and CFCE certification testing:
- The peer review consists of accepting and completing four assigned practical problems based on core knowledge and skills areas for the credential. These must be solved and then presented to a mentor for initial evaluation (and assistance, where needed) before being presented for peer review. Candidates have 30 days to complete each of the practical problems.
- Upon successful conclusion of the peer review, candidates automatically progress to the certification phase.
- Candidates must begin work on a hard-drive practical problem within seven days of the completion of the peer review phase. Forty days are allotted to candidates to independently analyze and report upon a forensic image of a hard drive provided to them. Following specific instructions, a written report is prepared to document the candidate’s activities and findings.
- Once that report is accepted and passed, the process concludes with a 100-question written test (which includes true/false, multiple-choice, matching and short-answer questions). Candidates have 14 days to complete the written examination. A passing score of 80 percent or better is required for both the forensic report and the written test to earn the CFCE.
Upon completion of both the peer review and the certification phase, candidates must submit a notarized form certifying that the practical and written exams were completed independently without assistance from anyone else.
Certificants must recertify every three years to maintain the CFCE credential. Recertification requires proof of at least 40 hours of professional education, a passing score on a proficiency test in the third year, proof of computer/digital forensics work experience, or passing scores on three proficiency tests within three years, and either three years of IACIS membership or payment of a $150 recertification fee.
Despite the time and expense involved in earning a CFCE, this credential has high value and excellent name recognition in the computer forensics field. Many forensics professionals consider the CFCE a necessary merit badge to earn, especially for those who work in or for law enforcement.
CFCE facts and figures
| Certification name | Certified Forensic Computer Examiner (CFCE) |
|---|---|
| Prerequisites and required courses | Basic Computer Forensics Examiner (BCFE) training course recommended ($2,995)
72 hours of training in computer/digital forensics comparable to CFCE core competencies; BCFE training course meets training requirement Without BCFE training: take a comparable course, pay $750 registration fee and pass a background check |
| Number of exams | Two-part process: Peer review (must pass to proceed to subsequent phase) and certification phase (includes hard-drive practical and written examination) |
| Cost per exam | Included in BCFE training; $750 for the entire testing process for those not attending BCFE training |
| URL | https://www.iacis.com/certification-2/cfce/ |
| Self-study materials | IACIS is the primary conduit for training and study materials for this certification. |
CHFI: Computer Hacking Forensic Investigator
The EC-Council is a well-known training and certification organization that specializes in the areas of anti-hacking, digital forensics and penetration testing. The organization’s Computer Hacking Forensic Investigator (CHFI) certification emphasizes forensics tools, analytical techniques, and procedures involved in obtaining, maintaining, and presenting digital forensic evidence and data in a court of law.
The EC-Council offers training for this credential but permits candidates to challenge the test without taking the course, provided they have a minimum of two years of information security experience and pay a non-refundable $100 eligibility application fee.
The CHFI course covers a wide range of subjects and tools (click the test Blueprint button on the certification webpage). subjects include an overview of digital forensics, in-depth coverage of the computer forensics investigation process, working with digital evidence, anti-forensics, database and cloud forensics, investigating network traffic, mobile and email forensics, and ethics, policies and regulations. Courseware is available, as well as instructor-led classroom training.
The EC-Council offers numerous other certifications of potential value to readers interested in the CHFI. These include the Certified Ethical Hacker (CEH), CEH (Practical), EC-Council Certified Security Analyst (ECSA), ECSA Practical, Certified Network Defender (CND) and Licensed Penetration Tester (LPT), Certified Application Security Engineer (CASE), and Certified Chief Information Security Officer (CCISO). It also offers credentials in related areas such as disaster recovery, encryption and security analysis. Visit the EC-Council site for more info on its popular and respected credentials.
CHFI facts and figures
| Certification name | Computer Hacking Forensic Investigator (CHFI) v9 |
|---|---|
| Prerequisites and required courses | Application with resume and current or previous employer info required.
Candidates must agree to the EC-Council Non-Disclosure, Candidate Application and Candidate Certification agreement terms. Training recommended but not required:
To challenge the test without training, you must have two years of information security work experience and/or education to reflect specialization, pay a non-refundable application fee of $100, and complete the Exam Eligibility Application Form. More information on the application process is located on the Application Eligibility Process webpage. |
| Number of exams | One exam: EC0 312-49 (150 questions, four hours, passing score 70 percent, multiple choice). Available through the ECC test portal. |
| Cost per exam | $500 (plus $100 application fee; candidates who do not participate in training must pay a $650 test fee plus $100 application fee) |
| URL | https://www.eccouncil.org/programs/computer-hacking-forensic-investigator-chfi/ |
| Self-study materials | Visit the EC-Council Store and search for “CHFI” for preparation materials, including labs. Study guide and test guides are available on Amazon, as well as some practice exams. |
EnCe: EnCase Certified Examiner
Guidance Software, acquired by OpenText in 2017, is a leader in the forensics tools and services arena. Its well-known and widely used EnCase Forensic software helps professionals acquire data from many different types of devices, complete disk-level examinations and produce reports of their findings. The company also sells software for remote investigations (EnCase Endpoint Investigator), eDiscovery, risk management, mobile investigations and endpoint security.
The company’s certification program includes the Certified Forensic Security Responder (CFSR), EnCase Certified eDiscovery Practitioner (EnCEP) and EnCase Certified Examiner (EnCe). Available to professionals in the public and private sector, the EnCE recognizes an individual’s proficiency using EnCase Forensic software and mastery of computer investigation methodology, including evidence collection, preservation, file verification, file signatures and hashing, first responder activities, and much more.
To achieve EnCe certification, candidates must show proof of a minimum of 64 hours of authorized computer forensic training or 12 months of qualified work experience, complete an application, and then successfully complete a two-phase test that includes a written and practical portion.
EnCE certifications are valid for three years from the date obtained. Recertification requires one of the following:
- 32 credit hours of continuing education in computer forensics or incident response
- A computer forensics or incident response-related certification
- Attendance at an Enfuse conference (at least 10 sessions)
EnCE facts and figures
| Certification name | EnCase Certified Examiner (EnCe) |
|---|---|
| Prerequisites and required courses | Required: 64 hours of authorized computer forensic training or 12 months of work experience in computer forensics
Training options through Guidance Software:
Completion of the EnCE application |
| Number of exams | One two-phase exam:
Passing the Phase I test earns an electronic license to complete the Phase II exam. |
| Cost per exam | $200 total, or $300 international
$75 renewal fee |
| URL | https://www2.guidancesoftware.com/training/Pages/ence-certification-program.aspx |
| Self-study materials | Study materials provided in Guidance Software courses. Check Amazon for availability of current and practice exams.
Learning On Demand subscription provides access to 400 courses across the OpenText Learning Services platform. |
GCFA And GCFE Certifications
SANS is the organization behind the Global Information Assurance Certification (GIAC) program. It is a well-respected and highly regarded player in the information security field in general. SANS not only teaches and researches in this area, it also provides breaking news, operates a security alert service, and serves on all kinds of government, research and academic information security task forces, working groups, and industry organizations.
The organization’s incident response and forensics credentials include the following:
- GIAC Certified Forensic Examiner (GCFE)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Reverse Engineering Malware (GREM)
- GIAC Network Forensic Analyst (GNFA)
- GIAC Advanced Smartphone Forensics (GASF)
- GIAC Cyber Threat Intelligence (GCTI)
The intermediate GCFE and the more senior GCFA are the focus of this section. Neither credential requires taking SANS courses (which have a strong reputation for being among the best in the cybersecurity community, with high-powered instructors to match), but they are recommended to candidates and often offered before, during or after SANS conferences held around the U.S. at regular intervals.
Both the GCFE and GCFA focus on computer forensics in the context of investigation and incident response, and thus also focus on the skills and knowledge needed to collect and analyze data from Windows and/or Linux computer systems during such activities. Candidates must possess the necessary skills, knowledge, and ability to conduct formal incident investigations and advanced incident handling, including dealing with internal and external data breaches, intrusions, and cyberthreats; collecting and preserving evidence; understanding anti-forensic techniques; and building and documenting advanced digital forensic cases.
Most SANS GIAC credentials are valid for four years. Candidates may recertify for the GCFE and GCFA by earning 36 continuing professional experience (CPE) credits. In addition, credential holders must pay a certification maintenance fee of $429 every four years.
The SANS GIAC program encompasses more than 36 information security certifications across a broad range of subjects and disciplines. IT professionals interested in information security in general, as well as digital forensics, would be well advised to investigate further on the GIAC homepage.
GCFE and GCFA facts and figures
| Certification name | GIAC Certified Forensic Examiner (GCFE)
GIAC Certified Forensic Analyst (GCFA) |
|---|---|
| Prerequisites and required courses | None
GCFE recommended course: FOR500: Windows Forensic Analysis ($6,210) GCFA recommended course: FOR508: Advanced Digital Forensics, Incident Response, and Threat Hunting ($6,210) |
| Number of exams | One test for each credential (115 questions, three hours, passing score of 71 percent)
Exams proctored by Pearson VUE. Registration with GIAC required to schedule an exam. |
| Cost per exam | $769 if part of training/bootcamp
$1,899 (no training – referred to as a certification challenge) Additional details available here. |
| URL | www.giac.org |
| Self-study materials | Practice tests available on the GIAC test preparation page (two tests included in test fee; additional practice exams are $159 each). Study guides and practice exams can be found on Amazon and other typical channels. |
Beyond the top 5: More digital forensics certifications
There are lots of other certification programs that can help to further the careers of IT professionals who work in digital forensics.
One certification we’ve featured in the past is the CyberSecurity Institute’s CyberSecurity Forensic Analyst (CSFA). The CyberSecurity Institute provides digital forensic services aimed at law firms, businesses and individuals, and administers a small but well-respected certification program. The CSFA is designed for security professionals with at least two years of experience performing digital forensic analysis on computers and devices running the Windows operating system and creating investigative reports. Although the certification didn’t generate as many job board hits as our other featured certifications, the CSFA is still worth your attention.
The same goes for the Certified Computer Examiner (CCE) from the International Society of Forensic Computer Examiners, also known as ISFCE. The CCE is well recognized in the industry and in the law enforcement community as a leading credential for digital forensics professionals, but it fell a little short on job board hits during our review this year.
Other good certifications include the Professional Certified Investigator (PCI), a senior-level, vendor-neutral computer investigations and forensics credential available through ASIS International. The organization also offers the Certified Protection Professional (CPP), which includes an investigation component, and the Physical Security Professional (PSP) in its certification program. Forensics candidates can also pursue one of the High Tech Crime Network vendor-neutral certifications – the Certified Computer Crime Investigator or Certified Computer Forensic Technician, both of which have a Basic and an Advanced credential.
If you look around online, you’ll find numerous other forensics hardware and software vendors that offer certifications and plenty of other organizations that didn’t make the cut for the 2019 list of the best digital forensics certifications. But before you wander outside the items mentioned in this article, you might want to research the sponsoring organization’s history and the number of people who’ve earned its credentials, and then determine whether the sponsor not only requires training but stands to profit from its purchase.
You might also want to ask a practicing digital forensics professional if they’ve heard of the certifications you found on your own and, if so, what that professional thinks of those offerings.
Cybersecurity is one of the most crucial areas for ensuring a business’s success and longevity. With cyberattacks growing in sophistication, it’s essential for business owners to protect their companies by hiring qualified cybersecurity experts to manage this aspect of their business. The best candidates will have a certification in information security and cybersecurity. This guide breaks down the top certifications and other guidance you’ll need to make the right hire for your company. It’s also a great primer for individuals who are embarking on a cybersecurity career.
When evaluating prospective InfoSec candidates, employers frequently look to certification as an important measure of excellence and commitment to quality. We examined five InfoSec certifications we consider to be leaders in the field of information security today.
This year’s list includes entry-level credentials, such as Security+, as well as more advanced certifications, like Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA). According to CyberSeek, more employers are seeking CISA, CISM and CISSP certification holders than there are credential holders, which makes these credentials a welcome addition to any certification portfolio.
Absent from our list of the top five is SANS GIAC Security Essentials (GSEC). Although this certification is still a very worthy credential, the job board numbers for CISA were so solid that it merited a spot in the top five. Farther down in this guide, we offer some additional certification options because the field of information security is both wide and varied.
1. CEH: Certified Ethical Hacker
The CEH (ANSI) certification is an intermediate-level credential offered by the International Council of E-Commerce Consultants (EC-Council). It’s a must-have for IT professionals who are pursuing careers in white hat hacking and certifies their competence in the five phases of ethical hacking: reconnaissance, enumeration, gaining of access, access maintenance and track covering.
CEH credential holders possess skills and knowledge of hacking practices in areas such as footprinting and reconnaissance, network scanning, enumeration, system hacking, Trojans, worms and viruses, sniffers, denial-of-service attacks, social engineering, session hijacking, web server hacking, wireless networks and web applications, SQL injection, cryptography, penetration testing, IDS evasion, firewalls and honeypots. CEH V11 provides a remapping of the course to the NIST/NICE framework’s Protect and Defend (PR) job role category, as well as an additional focus on emerging threats in cloud, OT and IT security, such as fileless malware.
To obtain a CEH (ANSI) certification, candidates must pass one exam. A comprehensive five-day CEH training course is recommended, with the test presented at the course’s conclusion. Candidates may self-study for the test but must submit documentation of at least two years of work experience in information security with employer verification. Self-study candidates must also pay an additional $100 application fee. Education may be substituted for experience, but this is evaluated on a case-by-case basis. Candidates who complete any EC-Council-approved training (including with the iClass platform, academic institutions or an accredited training center) do not need to submit an application prior to attempting the exam.
Because technology in the field of hacking changes almost daily, CEH credential holders are required to obtain 120 continuing-education credits for each three-year cycle.
Once a candidate obtains the CEH (ANSI) designation, a logical progression on the EC-Council certification ladder is the CEH (Practical) credential. The CEH (Practical) designation targets the application of CEH skills to real-world security audit challenges and related scenarios. To obtain the credential, candidates must pass a rigorous six-hour practical examination. Conducted on live virtual machines, candidates are presented 20 scenarios with questions designed to validate a candidate’s ability to perform tasks such as vulnerability analysis, identification of threat vectors, web app and system hacking, OS detection, network scanning, packet sniffing, steganography and virus identification. Candidates who pass both the CEH (ANSI) and the CEH (Practical) exams earn the CEH (Master) designation.
CEH facts and figures
| Certification name | Certified Ethical Hacker (CEH) (ANSI) |
|---|---|
| Prerequisites and required courses | Training is highly recommended. Without formal training, candidates must have at least two years of information security-related experience and an educational background in information security, pay a nonrefundable eligibility application fee of $100 and submit an test eligibility form before purchasing an test voucher. |
| Number of exams | One: 312-50 (ECC Exam)/312-50 (VUE) (125 multiple-choice questions, four hours) |
| Cost of exam | $950 (ECC test voucher) Note: An ECC test voucher allows candidates to test via computer at a location of their choice. Pearson VUE test vouchers allow candidates to test in a Pearson VUE facility and cost $1,199. |
| URL | https://www.eccouncil.org/programs/certified-ethical-hacker-ceh |
| Self-study materials | EC-Council instructor-led courses, computer-based training, online courses and more are available at ECCouncil.org. A CEH skills assessment is also available for credential seekers. Additionally, Udemy offers CEH practice exams. CEH-approved educational materials are available for $850 from EC-Council. |
Certified Ethical Hacker (CEH) training
While EC-Council offers both instructor-led and online training for its CEH certification, IT professionals have plenty of other options for self-study materials, including video training, practice exams and books.
Pluralsight currently offers an ethical-hacking learning path geared toward the 312-50 exam. With a monthly subscription, you get access to all of these courses, plus everything else in Pluralsight’s training library. Through Pluralsight’s learning path, students can prepare for all of the domains covered in the CEH exam.
CyberVista offers a practice test for the CEH 312-50 certification that includes several sets of exam-like questions, custom quizzes, flash cards and more. An test prep subscription for 180 days costs $149 and gives candidates access to online study materials, as well as the ability to get the materials for offline study. Backed by its “pass guarantee,” CyberVista is so confident its practice test will prepare you for the CEH test that the company will refund its practice test costs if you don’t pass.
Besides certifications in information security and cybersecurity, the best IT certifications cover areas such as disaster recovery, virtualization and telecommunications.
2. CISM: Certified Information Security Manager
The CISM certification is a top credential for IT professionals who are responsible for managing, developing and overseeing information security systems in enterprise-level applications or for developing organizational security best practices. The CISM credential was introduced to security professionals in 2003 by the Information Systems Audit and Control Association (ISACA).
ISACA’s organizational goals are specifically geared toward IT professionals who are interested in the highest-quality standards with respect to the auditing, control and security of information systems. The CISM credential targets the needs of IT security professionals with enterprise-level security management responsibilities. Credential holders possess advanced and proven skills in security risk management, program development and management, governance, and incident management and response.
Holders of the CISM credential, which is designed for experienced security professionals, must agree to ISACA’s code of ethics, pass a comprehensive examination, possess at least five years of experience in information security management, comply with the organization’s continuing education policy and submit a written application. Some combinations of education and experience may be substituted for the full experience requirement.
The CISM credential is valid for three years, and credential holders must pay an annual maintenance fee of $45 (ISACA members) or $85 (nonmembers). Credential holders are also required to obtain a minimum of 120 continuing professional education (CPE) credits over the three-year term to maintain the credential. At least 20 CPE credits must be earned every year.
CISM facts and figures
|
Certification name |
Certified Information Security Manager (CISM) |
|---|---|
|
Prerequisites and required courses |
To obtain the CISM credential, candidates must do the following:
|
|
Number of exams |
One: 150 questions, four hours |
|
Cost of exam |
Exam fees: $575 (members), $760 (nonmembers) Exam fees are nontransferable and nonrefundable. |
|
URL |
https://www.isaca.org/credentialing/cism |
|
Self-study materials |
Training and study materials in various languages, information on job practice areas, primary references, publications, articles, the ISACA Journal, review courses, an test prep community, terminology lists, a glossary and more are available at ISACA.org. Additionally, Udemy offers comprehensive training for the certification exam. |
Other ISACA certification program elements
In addition to CISM, ISACA offers numerous certifications for those interested in information security and best practices. Other credentials worth considering include the following:
- Certified Information Systems Auditor (CISA)
- Certified in the Governance of Enterprise IT (CGEIT)
- Certified in Risk and Information Systems Control (CRISC)
The CISA designation was created for professionals working with information systems auditing, control or security and is popular enough with employers to earn it a place on the leaderboard. The CGEIT credential targets IT professionals working in enterprise IT management, governance, strategic alignment, value delivery, and risk and resource performance management. IT professionals who are seeking careers in all aspects of risk management will find that the CRISC credential nicely meets their needs.
Certified Information Security Manager (CISM) training
Pluralsight offers a CISM learning path containing five courses and 17 hours of instruction. The courses cover the domains addressed in the exam, but the learning path is aimed at the CISM job practice areas.
CyberVista offers a CISM online training course in both live and on-demand formats. The course includes more than 16 hours of training videos, supplementary lessons, custom quizzes, practice test questions and access to experts through the instructor. As with other CyberVista courses, the CISM training course comes with a “pass guarantee.”
According to CyberSeek, there are enough workers to fill only 68% of the cybersecurity job openings in the U.S. A cybersecurity certification is an important way to demonstrate the knowledge and ability to succeed in these job roles.
3. CompTIA Security+
CompTIA’s Security+ is a well-respected, vendor-neutral security certification. Security+ credential holders are recognized as possessing superior technical skills, broad knowledge and expertise in multiple security-related disciplines.
Although Security+ is an entry-level certification, the ideal candidates possess at least two years of experience working in network security and should consider first obtaining the Network+ certification. IT pros who obtain this certification have expertise in areas such as threat management, cryptography, identity management, security systems, security risk identification and mitigation, network access control, and security infrastructure. The CompTIA Security+ credential is approved by the U.S. Department of Defense to meet Directive 8140/8570.01-M requirements. In addition, the Security+ credential complies with the standards for ISO 17024.
The Security+ credential requires a single exam, currently priced at $381. (Discounts may apply to employees of CompTIA member companies and full-time students.) Training is available but not required.
IT professionals who earned the Security+ certification prior to Jan. 1, 2011, remain certified for life. Those who certify after that date must renew the certification every three years to stay current. To renew, candidates must obtain 50 continuing-education units (CEUs) or complete the CertMaster CE online course prior to the expiration of the three-year period. CEUs can be obtained by engaging in activities such as teaching, blogging, publishing articles or whitepapers, and participating in professional conferences and similar activities.
CompTIA Security+ facts and figures
|
Certification name |
CompTIA Security+ |
|---|---|
|
Prerequisites and required courses |
None. CompTIA recommends at least two years of experience in IT administration (with a security focus) and the Network+ credential before the Security+ exam. Udemy offers a complete and comprehensive course for the certification. |
|
Number of exams |
One: SY0-601 (maximum of 90 questions, 90 minutes to complete; 750 on a scale of 100-900 required to pass) |
|
Cost of exam |
$381 (discounts may apply; search for “SY0-601 voucher”) |
|
URL |
https://certification.comptia.org/certifications/security |
|
Self-study materials |
Exam objectives, demo questions, the CertMaster online training tool, training kits, computer-based training and a comprehensive study guide are available at CompTIA.org. |
CompTIA Security+ training
You’ll find several companies offering online training, instructor-led and self-study courses, practice exams and books to help you prepare for and pass the Security+ exam.
Pluralsight offers a Security+ learning path as a part of its monthly subscription plan for the latest SY0-601 exam. Split into six sections, the training series is more than 24 hours long and covers attacks, threats and vulnerabilities; architecture and design; implementation of secure solutions; operations and incident response; and governance, risk and compliance.
CyberVista offers a Security+ practice test so you can test your security knowledge before attempting the SY0-601 exam. The test comes with a 180-day access period and includes multiple sets of test questions, key concept flash cards, access to InstructorLink experts, a performance tracker and more. As with CyberVista’s other offerings, this practice test comes with a “pass guarantee.”
4. CISSP: Certified Information Systems Security Professional
CISSP is an advanced-level certification for IT pros who are serious about careers in information security. Offered by the International Information Systems Security Certification Consortium, known as (ISC)2 (pronounced “ISC squared”), this vendor-neutral credential is recognized worldwide for its standards of excellence.
CISSP credential holders are decision-makers who possess the expert knowledge and technical skills necessary to develop, guide and manage security standards, policies and procedures within their organizations. The CISSP certification continues to be highly sought after by IT professionals and is well recognized by IT organizations. It is a regular fixture on most-wanted and must-have security certification surveys.
CISSP is designed for experienced security professionals. A minimum of five years of experience in at least two of (ISC)2’s eight common body of knowledge (CBK) domains, or four years of experience in at least two of (ISC)2’s CBK domains and a college degree or an approved credential, is required for this certification. The CBK domains are security and risk management, asset security, security architecture and engineering, communications and network security, identity and access management, security assessment and testing, security operations, and software development security.
(ISC)2 also offers three CISSP concentrations targeting specific areas of interest in IT security:
- Architecture (CISSP-ISSAP)
- Engineering (CISSP-ISSEP)
- Management (CISSP-ISSMP)
Each CISSP concentration test is $599, and credential seekers must currently possess a valid CISSP.
An annual fee of $125 is required to maintain the CISSP credential. Recertification is required every three years. To recertify, candidates must earn 40 CPE credits each year, for a total of 120 CPE credits within the three-year cycle.
CISSP facts and figures
|
Certification name |
Certified Information Systems Security Professional (CISSP) Optional CISSP concentrations:
|
|---|---|
|
Prerequisites and required courses |
At least five years of paid, full-time experience in at least two of the eight (ISC)2 domains or four years of paid, full-time experience in at least two of the eight (ISC)2 domains and a college degree or an approved credential are required. Candidates must also do the following:
|
|
Number of exams |
One for CISSP (English CAT exam: 100-150 questions, three hours to complete; non-English exam: 250 questions, six hours) One for each concentration area |
|
Cost of exam |
CISSP is $749; each CISSP concentration is $599. |
|
URL |
https://www.isc2.org/Certifications/CISSP |
|
Self-study materials |
Training materials include instructor-led, live online, on-demand and private training. There is an test outline available for review, as well as study guides, a study app, interactive flash cards and practice tests. |
Certified Information Systems Security Professional (CISSP) training
Given the popularity of the CISSP certification, there is no shortage of available training options. These include classroom-based training offered by (ISC)2, as well as online video courses, practice exams and books from third-party companies.
Pluralsight’s CISSP learning path includes 12 courses and 25 hours of e-learning covering the security concepts required for the certification exam. Available for a low monthly fee, the CISSP courses are part of a subscription plan that gives IT professionals access to Pluralsight’s complete library of video training courses.
When you’re ready to test your security knowledge, you can take a simulated test that mimics the format and content of the real CISSP exam. Udemy offers CISSP practice exams to help you prepare for this challenging exam.
5. CISA: Certified Information Systems Auditor
ISACA’s globally recognized CISA certification is the gold standard for IT workers seeking to practice in information security, audit control and assurance. Ideal candidates can identify and assess organizational threats and vulnerabilities, assess compliance, and provide guidance and organizational security controls. CISA-certified professionals demonstrate knowledge and skill across the CISA job practice areas of auditing, governance and management, acquisition, development and implementation, maintenance and service management, and asset protection.
To earn the CISA certification, candidates must pass one exam, submit an application, agree to the code of professional ethics, agree to the CPE requirements and agree to the organization’s information systems auditing standards. In addition, candidates must possess at least five years of experience working with information systems. Some substitutions for education and experience with auditing are permitted.
To maintain the CISA certification, candidates must earn 120 CPE credits over a three-year period, with a minimum of 20 CPE credits earned annually. Candidates must also pay an annual maintenance fee ($45 for members; $85 for nonmembers).
CISA facts and figures
|
Certification name |
Certified Information Systems Auditor (CISA) |
|---|---|
|
Prerequisites and required courses |
To obtain the CISA credential, candidates must do the following:
|
|
Number of exams |
One: 150 questions, four hours |
|
Cost of exam |
$575 (members); $760 (nonmembers) |
|
URL |
|
|
Self-study materials |
ISACA offers a variety of training options, including virtual instructor-led courses, online and on-demand training, review manuals and question databases. Numerous books and self-study materials are also available on Amazon. |
Certified Information Systems Auditor (CISA) training
Training opportunities for the CISA certification are plentiful. Udemy offers more than 160 CISA-related courses, lectures, practice exams, question sets and more. On Pluralsight, you’ll find 12 courses with 27 hours of information systems auditor training covering all CISA job practice domains for the CISA job practice areas.
Transparency is critical to our credibility with the public and our subscribers. Whenever possible, we pursue information on the record. When a newsmaker insists on background or off-the-record ground rules, we must adhere to a strict set of guidelines, enforced by AP news managers.
Under AP's rules, material from anonymous sources may be used only if:
1. The material is information and not opinion or speculation, and is vital to the report.
2. The information is not available except under the conditions of anonymity imposed by the source.
3. The source is reliable, and in a position to have direct knowledge of the information.
Reporters who intend to use material from anonymous sources must get approval from their news manager before sending the story to the desk. The manager is responsible for vetting the material and making sure it meets AP guidelines. The manager must know the identity of the source, and is obligated, like the reporter, to keep the source's identity confidential. Only after they are assured that the source material has been vetted by a manager should editors and producers allow it to be used.
Reporters should proceed with interviews on the assumption they are on the record. If the source wants to set conditions, these should be negotiated at the start of the interview. At the end of the interview, the reporter should try once again to move onto the record some or all of the information that was given on a background basis.
The AP routinely seeks and requires more than one source when sourcing is anonymous. Stories should be held while attempts are made to reach additional sources for confirmation or elaboration. In rare cases, one source will be sufficient – when material comes from an authoritative figure who provides information so detailed that there is no question of its accuracy.
We must explain in the story why the source requested anonymity. And, when it’s relevant, we must describe the source's motive for disclosing the information. If the story hinges on documents, as opposed to interviews, the reporter must describe how the documents were obtained, at least to the extent possible.
The story also must provide attribution that establishes the source's credibility; simply quoting "a source" is not allowed. We should be as descriptive as possible: "according to top White House aides" or "a senior official in the British Foreign Office." The description of a source must never be altered without consulting the reporter.
We must not say that a person declined comment when that person the person is already quoted anonymously. And we should not attribute information to anonymous sources when it is obvious or well known. We should just state the information as fact.
Stories that use anonymous sources must carry a reporter's byline. If a reporter other than the bylined staffer contributes anonymous material to a story, that reporter should be given credit as a contributor to the story.
All complaints and questions about the authenticity or veracity of anonymous material – from inside or outside the AP – must be promptly brought to the news manager's attention.
Not everyone understands “off the record” or “on background” to mean the same things. Before any interview in which any degree of anonymity is expected, there should be a discussion in which the ground rules are set explicitly.
These are the AP’s definitions:
On the record. The information can be used with no caveats, quoting the source by name.
Off the record. The information cannot be used for publication. Background. The information can be published but only under conditions negotiated with the source. Generally, the sources do not want their names published but will agree to a description of their position. AP reporters should object vigorously when a source wants to brief a group of reporters on background and try to persuade the source to put the briefing on the record.
Deep background. The information can be used but without attribution. The source does not want to be identified in any way, even on condition of anonymity.
In general, information obtained under any of these circumstances can be pursued with other sources to be placed on the record.
ANONYMOUS SOURCES IN MATERIAL FROM OTHER NEWS SOURCES
Reports from other news organizations based on anonymous sources require the most careful scrutiny when we consider them for our report.
AP's basic rules for anonymous source material apply to material from other news outlets just as they do in our own reporting: The material must be factual and obtainable no other way. The story must be truly significant and newsworthy. Use of anonymous material must be authorized by a manager. The story we produce must be balanced, and comment must be sought.
Further, before picking up such a story we must make a bona fide effort to get it on the record, or, at a minimum, confirm it through our own reporting. We shouldn't hesitate to hold the story if we have any doubts. If another outlet’s anonymous material is ultimately used, it must be attributed to the originating news organization and note its description of the source.
ATTRIBUTION
Anything in the AP news report that could reasonably be disputed should be attributed. We should give the full name of a source and as much information as needed to identify the source and explain why the person s credible. Where appropriate, include a source's age; title; name of company, organization or government department; and hometown. If we quote someone from a written document – a report, email or news release -- we should say so. Information taken from the internet must be vetted according to our standards of accuracy and attributed to the original source. File, library or archive photos, audio or videos must be identified as such. For lengthy stories, attribution can be contained in an extended editor's note detailing interviews, research and methodology.
Today at the Open Hardware Summit in Portland, Alicia Gibb and Michael Weinberg of the Open Source Hardware Association (OSHWA) launched the Open Source Hardware Certification program. It’s live, and you can certify your own hardware as Open Hardware right now.
What Is Open Source Hardware?
Open Source Hardware can’t be defined without first discussing open source software. At its very core, open source software is just a copyright hack, enabled by a worldwide universal computer network. The rise of open source software is tied to the increasing ease of distributing said software, either through BBSes, Usenet, and the web. Likewise, Open Source Hardware is tied to the ease of distributing, modifying, and building hardware.
In the 1980s, there were no services that could deliver a custom circuit board to anywhere on the planet for a dollar per square inch. When open software began, CNC machines were expensive tools, now you can build a very good machine for just a week’s wages. We are currently living at the dawn of Open Source Hardware, enabled by the creation of Open Source design tools that have themselves been used to create physical tools. Inexpensive 3D printers, open source oscilloscopes, circuit board plotters, and the entire hackerspace movement are as revolutionary as the Internet. These devices and the Internet are the foundations for Open Hardware and software, respectively. The objections to why hardware is incompatible with Open Source no longer apply and small-scale manufacturing techniques are only going to get better.
Open source is a moral imperative in the truest Kantian sense of the word. It is a good unto itself. Of course, this means open source is also mind-numbingly prescriptivist. Holy scrolls have defined dozens of different open source licenses. The relevant license for Open Source Hardware has already been laid out to define the freedoms and responsibilities of all Open Source Hardware creators. Open Source Hardware is a tangible thing, from a laptop to a lampshade, whose design is available so anyone can make, modify, distribute, and sell that thing. Native documentation is required, and software required to run this thing must be based on an OSI-approved license.
The definition of Open Source Hardware has been around for a few years now, and since then the community has flourished, there’s a great gear logo, and you can buy real, functional hardware that bills itself as Open Source Hardware. It’s become a selling point, and this has become a problem.
Many hardware creators don’t adhere to the definition of Open Source Hardware. In some cases, the design files simply aren’t available. If they are, they could be unmodifiable. The software used to create these design files could cost thousands of dollars per seat. This is the problem the movement faces — Open Source Hardware must have a certification program. Unlike open source software, where the source is almost proof enough that a piece of software complies with an open source license, hardware does not have such obvious assurances.
Software Is Closed By Default, Hardware Is Open And The Licenses Are Harder
All software is closed by default. Anything written is covered by copyright, and the developers of open source software choose to license their works under an open source license. Open source software, then, is a copyright hack, enabled because all software is closed by default.
Hardware, on the other hand, is open by default. If you build a device to automatically inject epinephrine intramuscularly, you must go out of your way to patent your device. Only a patent will give you the ability to license your work, and before that patent is published anyone can make their own epinephrine pen. If you build something with an FPGA, the code that programs the FPGA is covered by copyright, but an arbitrary circuit that uses that FPGA isn’t. Any generic piece of Open Source Hardware could be covered under patents, trademarks, and a dozen licenses. Therefore, an Open Source Hardware license is impractical. This is why OSHWA is not releasing an Open Source Hardware license, and instead creating an Open Source Hardware certification program. No Open Source Hardware license could cover every edge case, and a certification is ultimately the only solution.
The Open Source Hardware Certification Program
At last year’s Open Hardware Summit, OSHWA formally announced the creation of the Open Hardware Certification program. Now, this program is live, and the certification database will growing very, very quickly. At its heart, the Open Source Hardware Certification program is pretty simple — create hardware that complies with the community definition of Open Source Hardware.
The theoretical basis for the need of an Open Source Hardware license is the fact that anyone is able to manufacture hardware. Of course, there are limits to technology and no one has a 14nm silicon fab line in their garage. This is a problem for any piece of Open Source Hardware, and the technical capability for anyone to recreate integrated circuits and other high technologies is the sole source of the traditional objections to any open hardware license. Garage-based fabrication is always improving, though, but closed hardware in the form of NDA’d chips will remain a problem for years to come.
The clearest example of the problem with closed-source chips is bunnie’s Novena laptop. This laptop is designed as both a hacker’s laptop and an artifact of Open Hardware. Although most of the chips used in the Novena are available without signing NDAs, open source, and blob-free 3D graphics acceleration was unavailable when the laptop launched. This non-open graphics problem will be fixed with open source drivers, but it does illustrate the problem of Open Source Hardware. Even though chips might be available, there might be binary blobs required for full functionality. You can build an Open Hardware chip in VHDL, but it’s not really open if you have to use closed-source FPGA dev tools.
OSHWA’s solution to this problem is simply asking for hardware creators to act in good faith. The certification program won’t knock points off for using closed source binary blobs if that’s the only way of doing something. Open Source Hardware is just slightly more aware of the pace of technical progress, and what is closed today may be open tomorrow. Building a piece of Open Source Hardware isn’t an all or nothing proposal; just give your best effort to make it open, and technology or reverse engineers will probably make it more open in the future.
Of course, with any certification program, there must be some effort given to enforcement. If an Open Hardware project is certified under the program but does not meet the guidelines of the certification program, fines may be levied against the project creators. Again, good faith of the project creator is assumed, and a project found not in compliance with the certification program will be given 90 days to either fix the problem or remove the project from the certification program. After 90 days, there’s a 120-day period of public shaming, and after that small fines of $500 per month. The worst offender will get a fine of up to $10,000 per month, but that would require years of non-compliance, and it’s very doubtful any conflict with OSHWA will ever reach that stage. It should be noted these fines have a legal basis in the trademark of the OSHW certification logo, and if you don’t use the OSHW logo or certify your project, there’s nothing OSHWA can do.
The old Open Source Hardware ‘gear’ logo — unquestionably a better logo — will still remain in use, and no one is going will look down on you for using it. Using the trademarked OSHW logo, though, is the only way any certification program can be enforced.
The Objections To Open Source Hardware
Of course, the Open Source Hardware Certification program has been more than two years in the making, and that’s time enough for a few people to start having very strong opinions about it. A few years ago, Saar Drimer of Boldport said he won’t be using the Open Source Hardware logo on his boards. This is despite the fact that he loves Open Source Hardware, has written open source PCB design software, and offers a 20% discount on open source contract work. His reason is simple: adding a logo brings baggage, and building Open Source Hardware is not mutually exclusive with putting a logo on a board. Dave Jones is a big supporter of Open Hardware, but he realizes the famous gear logo is becoming meaningless through abuse.
You need only look back on the last twenty or thirty years of the world of Open Source Software to get a sense of where Saar and Dave are coming from; Stallman does not believe in a moral imperative to Open Hardware, whereas most everyone in attendance of today’s Open Hardware Summit does. Gnome versus KDE is nothing compared to the religious war we potentially face between various Open Hardware philosophies. The Open Source Hardware community is relearning what the open source software community learned twenty years ago. We can only hope to learn from their missteps.
But Open Source Hardware has a much bigger obstacle to adoption than politicking and empire building. Open source software is a simple concept — you have a (copy) right to whatever software, music, words, or boat hull designs you create. You can, therefore, give others the right to use, study, share, and modify that work. Physical objects and artifacts do not have copyright, they have patents. Patent law in the United States is atrocious, and just because you were the first to create a useful invention doesn’t mean a patent would be invalidated. This is the greatest challenge to anything developed as Open Source Hardware. The only solution to this is prior art and patent inspectors that know where to look.
This Will Take a While to Work Out
The Open Source Hardware Certification program is going to take a while to unravel. OSHWA doesn’t believe this certification program will be a repository used by patent inspectors looking for prior art. The legal basis for the certification is literally built upon every piece of intellectual property law. It is, perhaps, an answer to the most complex legal questions ever: what is property, what is intellectual property and can the concept of physical things be given away.
No one has an answer to these questions, or at least an answer that can be summed up in one-page FAQ. The Open Source Hardware Certification program is an attempt to answer these questions, and so far it’s the best attempt yet.
None of this matters unless the community gets behind it, and if another competing Open Source Hardware certification or license pops up, the community may very well migrate to that. Judging from the last thirty years of open source software license drama, we can only hope that the community figures this out the first time, and we hope this certification program is a rousing success.
Recently, I stumbled upon a cool write-up by [DHowett], about reprogramming a Framework laptop’s Embedded Controller (EC). He shows us how to reuse the Caps Lock LED, instead making it indicate the F1-F12 key layer state – also known as “Fn lock”, AKA, “Does your F1 key currently work as F1, or does it regulate volume”. He walks us through adding custom code to your laptop’s EC firmware and integrate it properly into the various routines the EC runs.
The EC that the Framework uses is a MEC1521 chip from Microchip, and earlier this year, they open-sourced the firmware for it. Now, there’s a repository of microcontroller code that you can compile yourself, and flash your Framework laptop’s motherboard with. In a comment section of HackerNews, a Framework representative has speculated that you could add GPIOs to a Framework motherboard through EC firmware hacking.
Wait… Microcontroller code? GPIOs? This brings us to the question – what is the EC, really? To start with, it’s just a microcontroller. You can find an EC in every x86 computer, including laptops, managing your computer’s lower-level functions like power management, keyboard, touchpad, battery and a slew of other things. In Apple land, you might know them as SMC, but their function is the same.
Why have we not been reprogramming our ECs all this time? That’s a warranted question, too, and I will tell you all about it.
What’s The EC’s Job?
The EC controls a whole bunch of devices in your laptop. Not devices connected to USB, LVDS/eDP or PCIe, because those would fall within the purview of the chipset. Instead, these are devices like power switches, the charger chip, and various current monitors, since these have to work correctly even when the chipset and CPU are powered off. But of course, it’s not just power management – there’s a whole lot of things in a laptop you need GPIOs for.
Generally, anything that you’d control with a digitalWrite or monitor using a digitalRead, measure through an ADC, or talk to using I2C – these are things handled by the EC. Thus, the EC reads battery state and charger voltages, drives the fans with PWM and takes temperature measurements from various sensors. The laptop keyboard is a key matrix, and the EC scans that matrix and processes key presses, forwarding the key events to the chipset that your OS then reads. Whether your touchpad is PS/2 or I2C, the EC handles it and exposes it to the OS, too.
Your laptop’s power button is connected directly to the EC. As a result, your EC is the first thing to get powered on; and if a broken laptop of yours has no reaction to the power button, it means the EC can’t do its power management job for whatever reason. In fact, if you check Framework laptop’s recently published reduced schematics, you’ll see that the EC has it own separate power rail coming directly from the battery.
How does it even talk to the chipset? For about two decades, ECs have been using the LPC bus – a four-bit wide bus superficially resembling qSPI. Apart from ECs, it’s only really been used by TPMs in the exact times. LPC uses frequencies from 25MHz to 100MHz. Thus, if you want to put a logic analyzer to your LPC signals and capture some packets, your typical cheapo 25Msps LA won’t do, but an off-the-shelf FPGA board or a way faster LA will work wonders, and there’s a pretty cool paper using LPC manipulation and an FPGA to extract keys from TPMs.
LPC is about two decades old, and is a direct successor to the ISA bus – in fact, in some laptop schematics from 2003 you’ll find the EC connected through ISA instead, but it’s all LPC beyond that. However, exact ECs talk eSPI instead, a qSPI-like interface meant to replace LPC, and the Framework EC talks eSPI, too.
Of Course, There’s Firmware Involved
Every EC has firmware, and every laptop (and desktop, and server!) has an EC. The EC firmware is nearly always closed-source. As such, the EC firmware is one of the binary blobs we tend to miss when talking about proprietary parts inside our computers. Often, the EC firmware is stored on the same SPI flash chip as the BIOS – other times, there’s a separate external or on-chip flash, in which case, you typically have an UART bootloader you can reflash your EC through. All of that depends on which specific manufacturer and model of the EC you have.
Often, your EC is built on something like ARM or 8051 architecture, other times it’s something more obscure like CompactRISC. The common thing is – at most, you’ll get a binary blob when it comes to your EC’s firmware. At some point, when Google got into laptop business, a group of their engineers presumably said “enough”, and open-sourced their EC code – which is what Framework has been building on when it comes to their own EC firmware. Last year, System76 opened up their EC code, too. Unfortunately, the situation remains dire for other laptop manufacturers.
Could your EC get backdoored? Not likely – it tends to be harder to modify and update EC firmware than it is to do the same with BIOS images. Now, could you yourself modify your EC’s behavior? It’s at least technically possible, and I’d argue that you should have always been able to do that.
So, What About Hacking?
Of course, with every subsystem of a laptop, you’ll find a subgroup of Thinkpad enthusiasts that have already dug deep and used it to pull off some fun and useful things. The EC is one such aspect, and they sure have something to offer – reprogramming keyboard layouts and removing battery locks, mainly. With keyboard layouts, they’ve managed to make older (and apparently more superior) keyboards work with newer laptops, with a tutorial talking about how specifically you need to insulate certain pins, and a super convenient way to flash the changes.
The battery part is more vital, however – you can more often than not live with a subpar keyboard, even on supposedly otherwise-stellar ThinkPads. The problem is the “genuine” battery check in the EC, which doesn’t let you charge (or even operate from) the battery if it doesn’t pass. This isn’t just limited the third-party battery options, in case that’s what it sounds like – such checks also prohibit use of Lenovo batteries that were just meant for a different kind of Thinkpad, but otherwise mechanically, electrically and electronically perfectly suitable.
There’s a video on how ThinkPad EC hacking unfolded, and I recommend you check that one out to see what’s up. Now, Lenovo didn’t seem to like that people were swapping keyboards and enabling use of third-party batteries that Lenovo themselves stopped selling ‘genuine’ counterparts for anymore. So, at some point, they decided to close one of the most comfortable ways for EC firmware updating, and release a BIOS update citing “security improvements”. The relevant CVE says this:
A vulnerability was reported in various BIOS versions of older ThinkPad systems that could allow a user with administrative privileges or physical access the ability to update the Embedded Controller with unsigned firmware.
If you ask me, this description is bonkers. This sentence essentially means “the laptop’s owner can flash EC firmware not approved by Lenovo”. I do wonder what led to it and what the possible justification might be, but in the end, whatever the reason, it’s a distraction from what I believe. That is, updating the EC firmware on one’s own laptop should be possible, and Lenovo closed a user-friendly way to do just that.
Also, without doubt, not all manufacturers respect your right to repair when it comes to ECs. As an example, for almost a decade now, Dell has been shipping their laptops with ECs that have encrypted firmware, keys fused inside the EC. This has been a particular problem for Dell laptop repair, as EC die every now and then. While you can buy a blank EC and reflow it in place of the Dell’s dead one, it won’t have the decryption keys Dell flashes into the EC at the factory, and therefore won’t run Dell’s encrypted firmware. Modifications are off the table here – it’s not even possible to source a fitting replacement for the EC when your laptop is broken, even though the chips themselves are abundant.
What Can You Do Now?
Now there’s three manufacturers that have open source firmware for ECs – Google, System76 and Framework. What could you do with this firmware, though? As with any underutilized area of hacking, it will take time to realize its full potential. Remapping keys is not the only thing – you could implement a 80% battery charge limit for cell longevity if your laptop’s manufacturer didn’t provide you with one, add extra layers to your laptop keyboard without any need for OS support, maybe tweak your fan curves. Or, indeed, you could add some GPIOs inside your laptop, for whatever sensors or buttons your heart desires.
You can also fix bugs, which crop up in ECs every now and then, and can be quite annoying to deal with – imagine keyboard keys getting stuck every now and then, seemingly randomly, and that’s exactly what happens when you have an EC bug. Bug fixes or improvements, just like with any firmware currently closed to us, we won’t see a slew of cool hacks starting tomorrow, but there are definitely cool things on the horizon when it comes to EC hacking.
To earn educator certification in Texas or another state, candidates must complete certain steps at their institution and apply with the appropriate state agency.
To become certified in one of the Baylor educator preparation programs, a Baylor student must first be officially accepted into the program.
- In the School of Education program for undergraduates, this process typically occurs during the sophomore year, before the student may begin the Teaching Associate experience.
- For graduate students, different timelines apply to those seeking certifications, so please check with the Office of Professional Practice or the applicable graduate program director for guidance.
- Different timelines also apply to students in academic programs that are housed outside of the School of Education, so students should check with the appropriate program director.
The Office of Professional Practice in the School of Education handles the TEA educator certification process for all Baylor students.
Important Documents and Process Descriptions:
• Testing for Certification (all programs)• Criminal History Evaluations
• Texas Requirements & Process for Certification
• Baylor Process for Admittance to Teacher Education Program (undergraduate & MAT)
• Baylor Process for Admittance to Superintendent Certification Program (EdD in K-12)
• Baylor Process for Admittance to Principal Certification Program (MA in School Leadership)
• Benefits and Waivers for Military Service Members
CICRA Institute of Education will commence Certified Ethical Hacker training for the next batch on September 28 while its first group of Certified Ethical Hackers completed their training in Colombo recently.
The five day training programme was part of CICRA's objective to arm Sri Lankan corporates against the raising wave of cybercrimes worldwide. Trained by Krishna Rajagopal, an international trainer accredited by US based International Council of E-Commerce Consultants (E-CCouncil), these ethical hackers will receive C|EH qualification from the E-C Council after completing an extensive examination.
CICRA has been accredited to train cyber soldiers to fight against newest forms of cyber terrorism that could cripple national security interests and corporate network structure following a partnership with E-C Council, which in turn has been endorsed by US Department of Defense and the National Security Agency (NSA).
Under this partnership, CICRA will retain EC-Council accredited international trainers to coach and certify individuals in the specific network security discipline including security officers, auditors, security professionals, site administrators, and anyone concerned about the integrity of the network infrastructure in Sri Lanka.
For the first time in Sri Lanka, CICRA is running EC-Council certified combo training programmes in Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI), Licensed Penetrating Tester (LPT) and Advanced Security Training in Advanced Penetration Testing (APT), Digital Mobile Forensics Deep Dive, Advanced Application Security (AAS), Advanced Network Defense and Cryptography Deep Dive.
A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, CICRA Director Boshan Dayaratne said.
Computer investigation techniques are being used by police, government and corporate entities globally and many of them turn to EC-Council for the Computer Hacking Forensic Investigator (CHFI) Training and Certification Programme.
CICRA is also offering training in advanced security testing through the EC-Council's Centre for Advanced Security Training (CAST) that has been created to address the need for highly technical and advanced security training for information security professionals. CAST programmes stand out from others through their extreme hands-on approach. These highly technical lab intensive advanced security training courses will allow a participant to combat real life scenarios.
E-C Council is a member-based organization that certifies individuals in cyber security and e-commerce and is the owner and developer of 16 globally recognized security certificates. Its certificate programmes are offered in over 84 countries around the world.
EC-Council has trained over 90,000 individuals and certified more than 40,000 members worldwide. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Federal Government via the Montgomery GI Bill, Department of Defense via DoD 8570.01M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS).
EC-Council based in Albuquerque, New Mexico, USA also operates EC-Council University and the global series of Hacker Halted and TakeDownCon security conferences.
The first group of Certified Ethical Hackers trained by CICRA Institute of Education completed their training in Colombo recently. Picture shows Boshan Dayaratne (Director, CICRA), Sandamali Silva (SriLankan Airlines Ltd), Sajith Bandara Thennakoon (Software Developer), Kanagarajah Krishan (Allianz Sri Lanka), Dhanushka Fernando (Seylan Bank PLC), Krishna Rajagopal (EC-Council Trainer), Suranga Sahabandu (Suntel Ltd), Nalaka Umagiriya (John Keels PLC), Dr. Roshan Hewapathirana (Postgraduate Institute of Medicine), Dr. Clive James (Health Informatics - Ministry of Health), Vasana Wickremasena (Executive Director, CICRA) posing for a picture following completion of the training programme.
Have you:
- Met all of the University of North Georgia's institutional requirements?
- Met all of the graduation requirements for your teacher certification program?
- Completed our teacher preparation program, in a specific teaching field?
If so, then you are eligible to apply for a Georgia teaching certificate!
Establishing Connection...
Located on the second floor of the Technical Education Complex building of the College’s Blountville campus, the Pearson VUE center provides a testing site for computer science students seeking certifications from top-tier technology companies, according to a written statement.
Pearson VUE is a computer-based test proctor and delivery company used worldwide. The center welcomed its first students for exams at the Northeast State site in spring of 2023. The center houses exams used for information technology companies such as Cisco, CompTIA, and EC-Council among others.
“It is an excellent demonstration of skill as an IT job candidate has taken the time to learn the content to the level to be able to sit down and take that exam,” said Jim Holbrook, instructor and chair of the College’s Computer and Information Sciences department. “Certifications are vital for people in computer science as it is a testament to a skill.”
People are also reading…
- PREP FOOTBALL: Another lost season for star-crossed Burton QB Drew Culbertson
- NBA: After magical 2022-23 season, Mac McClung will begin third year as a pro with Orlando Magic per report
- Amazon imposes new fees on sellers who ship their own products to customers
- PREP FOOTBALL: Welcome back to the Hogo, Honaker. Tigers make tough league even tougher.
- FRIDAY'S PREP ROUNDUP: Tyler Cross (Sullivan East), Trey Frazier (West Ridge), Braxton Emerson (John Battle), Gabe Hackney (Ridgeview), Hunter Vaught (Rural Retreat), Ayvree Ziegler (Tazewell), Toby Baker (Lebanon), Brayden Houchins (Castlewood), Peyton Musick (Honaker), Erin Littleton (Tennessee High) among stars
- PREP FOOTBALL: 2023 Hogoheegee District Preview Capsules (Plus George Wythe)
- PREP FOOTBALL: Rural Retreat's Tucker Fontaine making up for lost time
- PREP FOOTBALL: 2023 Cumberland District Preview Capsules
- PREP FOOTBALL: Lebanon's Michael Reece has found niche at quarterback
- PREP FOOTBALL: 2023 Black Diamond District Preview Capsules
- PREP HOOPS: Annsley Trivette transfers from Richlands to Abingdon as several basketball standouts in SWVA switch schools
- Norwegian Cruise Line denies Virginia family’s plea for $58,300 refund
- First half fireworks lift Greeneville past Tennessee High
- ‘Rich Men North of Richmond’ singer says he doesn't want $8M record deal, reveals real name
- THURSDAY'S PREP ROUNDUP: Richlands (football), Sullivan East (volleyball), West Ridge (golf), Castlewood (golf), Patrick Henry (golf) prevail
As a test center, Northeast State delivers certification exams that demonstrate a high level of knowledge by students earning certifications while completing their associate degrees. Proctors monitor students during testing via video as required by Pearson VUE site control.
The new testing center gives individuals access to take the coveted Cisco Certified Network Associate (CCNA) certification test among other Cisco certifications. The Northeast State networking curriculum for the associate degree includes CCNA 1, 2, and 3 classes, giving students a deep dive into Cisco networking.
The certifications specific to Northeast State computer science students also include the CompTIA Network+, A+, Linux+, and various cyber defense certifications. Northeast State offers a UNIX/Linux class that amplifies the students’ knowledge of both class operating systems. Holbrook said the department seeks to make all course content more robust to prepare students for passing the exams and demonstrating their knowledge.
“We are going a step beyond and teaching all of the content to each of those certifications in their respective classes,” he said. “It is going to make for more rigorous classes; however, the students will benefit from it as they will be exposed to that whole certification path.”
Holbrook said many of the certification exams, particularly the Cisco networking categories and various cyber security subjects, were challenging to say the least. Students needed to know a great deal of base knowledge and core knowledge prior to pursuing the certification exam. He noted Cisco exams required scores of 80 percent correct to pass the test with others even more rigorous.
Holbrook said that students earning subject-specific certifications, a technical certificate, and/ or an associate degree stand out among candidates when entering the workforce. He explained that many companies wanted to see students who have demonstrated a deep knowledge of information technology subject matter to meet the expectations of their workplace, and potential employees with certifications are the ones who stand above the others.
“I have lost jobs because I didn’t have specific certifications during the interview process,” said Holbrook. “I have gotten jobs by having specific certifications because it set me apart.”
Holbrook said he planned to expand certification test offerings in the coming months for students. Two popular certification avenues were Amazon web service certifications and a selection of Google certifications. Those exams are smaller, with knowledge bases broken up into more specific topics.
Northeast State offers associate degree pathways in the academic programs of Cyber Defense, Networking, Programming, and Systems Administration in addition to transfer-specific degrees. The department also features associate degrees in computer science and information systems through the Tennessee Transfer Pathway options for students pursuing a four-year degree.
Students majoring in computer information technology move into professional careers as cybersecurity technicians, system administrators, network technicians, or move on to four-year institutions to continue their education. Holbrook said the CompTIA and EC-Council curricula marked only the first of many new opportunities he plans to implement going forward.
“As our capabilities progress, we may bring in more certification content as they come online and become relevant to the field,” said Holbrook.
dmcgee@bristolnews.com | Twitter: @DMcGeeBHC
