The Most Common Jobs for People Who Hold the EC-Council Certified Ethical Hacker (CEH) Certification

Posted on by
Reply

The term “hacker” is often associated with illegal online activity. However, there are hackers who perform 100 percent legal services, which are based on evaluating the information infrastructures of companies. For those who hold the Certified Ethical Hacker certification from the EC-Council, there are several jobs to consider that come with attractive compensation. Some of the most common jobs for hackers holding the CEH certification include computer forensics, incidence response, penetration testing and security analysis. Penetration testing is the most common job for new hackers, but some later advance to become engineers or take on a wider variety of tasks.

Penetration Testing
Penetration testing, which is commonly called pentesting, involves several different methods of scanning servers, databases, network devices and software. A penetration tester or pentester must be hired by a company or have permission to access its information system. The goal of a tester is to thoroughly check the company’s system for any vulnerabilities that might allow malicious hackers access to sensitive information. Network mapping is used to gain access to the company’s computers, routers, switches, firewalls and servers. Ethical hackers may also test Internet sites and databases. When a penetration tester finishes his or her duties, a report is created to explain any vulnerabilities to the hiring company.

Incident Response
Ethical hackers who work in incident response deal with security breaches. To be successful in this type of work, ethical hackers must stay current with the latest threats. They must also analyze threats and understand how to deal with them. However, incident response involves more than just analyzing. Hackers must know how to prepare for attacks, contain them, defeat them and help a company recover afterward. In addition to being beneficial to hiring companies, the information ethical hackers gather from their analysis of attacks is useful to them for preventing future incidents with the same client or other clients.

Computer Forensics
For ethical hackers, this job is often similar to incidence response when a crime has occurred. Computer forensics specialists work with investigators to determine how reliable digital evidence is, and they assist in collecting evidence. They may use lab searches or work on site. After obtaining evidence, forensics specialists analyze the data to prepare for trial. They may also collect statements or set up interviews when needed.

Security Analyst
These hackers are responsible for ensuring the integrity and security of data. This is normally a job held only by experienced ethical hackers. They are responsible for protecting all of a company’s most sensitive data, and they are required to ensure systems have solid enough security to prevent any attacks. To be successful, an analyst must be knowledgeable about every aspect of information security within a company. The main job of a security analyst is to review the security measures of a company to determine if they are effective. Most of these professionals work with IT employees and business administrators within the companies that hire them. In the event that there are any breaches, a security analyst must also create documentation to assist hiring parties in dealing with such issues.

Engineers may also perform the duties of security analysts. Both positions come with the largest amounts of responsibilities and the widest ranges of tasks. In the United States, ethical hackers may earn annual salaries as low as $55,000 to more than $80,000. Pay rates increase with years of experience, and many ethical hackers with more than 20 years of experience can expect to earn six-digit salaries. As a rule, the higher-paying jobs are in larger cities.

Get information on our certified ethical hacker certification training!

TrainACE’s Cyber War Course Receives Killer Review from Industry Blogger

Posted on by
Reply

The Cyber War bootcamp held at TrainACE is not for the faint of heart. At 40 hours long, it’s jam packed with agressive exploitation and pentesting techniques surmounting anything seen in traditional hacking classes. Recently Luis Santana, founder of Hack Talk Security (@hacktalkblog), attended this training at our Greenbelt, MD location and offered up this glowing review on the class. Here’s a snippit of what Luis had to say:hacktalkblog

To view the article in it’s entirety, visit the HackTalk.net blog at: http://blog.hacktalk.net/trainace-com-a-review/

Average Salaries of the Most Common Entry Level Information Technology (IT) Jobs

Posted on by
Reply

The Bureau of Labor Statistics (BLS) expects employment in the field Information Technology, which it labels “Computer and Information Systems Managers,” to grow 18 percent in the decade between 2010 and 2020, a rate of growth that it considers average across all occupations. Growth will be driven by technology upgrades, changes in networks, increased attention to security and the growing needs of the healthcare industry. The BLS expects conflicting forces, including the risk that jobs will move to lower-wage countries, to affect salary ranges in IT, with a wide range of pay among the common IT roles defined by the agency.

IT Support Specialists
Working in the only category in which a bachelor’s degree is optional, according to the BLS, computer support specialists earn up to $28,300 at the entry level, the approximate salary attributed to support specialists in the lowest 10 percent of workers in the category. Median earnings are significantly higher, at $46,260, with an exceptionally wide range separating the highest and lowest earners in the group. The top 10 percent of support specialists earn over $76,970.

Network and Systems Administrators
Median pay for network and systems administrators stood at $69,160 in 2010. The lowest 10 percent, consistent with entry-level positions, earned up to $42,400, but salary estimates are complicated by wide variation among industries. Network and systems administrators employed by educational institutions, whether public or private, earned median salaries of $59,230. Their peers in finance and insurance earned median salaries of $72,660. Similar discrepancies can be expected in pay at the entry level, as well.

Computer Programmers
Starting pay for programmers, consistent with compensation offered to the lowest 10 percent of the category, was as much as $40,820 in 2010. Median salary was $71,380. The BLS takes special note of the category’s vulnerability to overseas outsourcing, perhaps partly explaining a relatively anemic growth rate of 12 percent.

Database Administrators
Like network and systems administrators, database administrators are faced with significant variation among different industries. On the whole, entry-level administrators, at the lowest 10 percent of the salary range, can expect to earn up to $41,570, with a median for all administrators of $73,710. Database administrators in educational services earn a median income of $62,580, while those in finance and insurance earn $81,640, a disparity that can also be expected to apply at the entry level.

The rate of growth for database administrators is noteworthy, projected at 31 percent between 2010 and 2020, well above the 22 percent rate for computer occupations in general and the 14 percent rate for all occupations.

Systems Analysts
Computer systems analysts earned a median of $77,740 in 2010, and the lowest 10 percent earned $48,360. Incomes varied according to sector, but not to the extent shown in other categories. Database administrators in government earned least, with median incomes of $70,430, compared to a median of $77,890 for analysts employed in finance and insurance.

Growth is expected to match the 22 percent rate projected for all computer occupations.

Security Analysts and Network Architects
While the median income for security analysts and network architects was $75,660 in 2010, and the lowest 10 percent earned $43,190, there are enormous variations in the field. Robert Half Technology, for example, estimated that the salary for a security analyst ranged from $89,000 to $117,750, with pay dependent on factors including location, industry and specific technical qualifications.

Software Developers
Median incomes for developers are the highest IT incomes for positions that do not require advanced degrees. In 2010, median pay stood at $90,530. Developers in the lowest 10 percent earned up to $61,040. With a projected rate of 30 percent, growth is expected to be robust for the category.

For developers, variations in pay depend on the type of development they do, rather than the specific industry in which they work. Developers of systems software have the highest median incomes, earning $94,180. Software developers who focus on applications development have median earnings at the low end of the scale, with median salaries of $87,790.

Get entry level IT training information

The Most Common Jobs for CISSP Certified Professionals

Posted on by
Reply

A Certified Information System Security Professional (CISSP) is someone with considerable experience in information technology (IT) security fields who has also completed a rigorous exam to verify his or her qualifications. CISSP holders must also meet continuing education requirements to maintain their certification.

Studies show that people with the CISSP certification earn significantly more than their non-certified peers do, perhaps as much as $20,000 to $30,000 per year. There are several career paths open to CISSP holders; this overview discusses some of the most common ones.

Network Architect: People in this job do all the planning needed to set up a network for a business. The network may be within a single location; between two or more offices; or it could be international. Network architects need to thoroughly understand an organization’s structure, operations and goals in order to plan a network that will fulfill its needs. They design the network, present the plan to management, determine the equipment needed to implement the plan and organize the physical layout for equipment. Network architects also sometimes supervise the staff that builds the network. They must know about current and upcoming technology to plan for future needs, and they must incorporate information security into network designs.

Information Security Analyst: This position is responsible for maintaining the security of a business’s computer network. Analysts have to stay up-to-date on ever-changing security measures to prevent cyberattacks. They develop safe practices for an organization and implement them, which may involve installation of data encryption software, firewalls and virus protections. They continually monitor network systems and investigate breaches, and they develop disaster recovery plans to protect and preserve data should something drastic occur. Analysts also help a company’s employees learn about security features.

Computer and Information Systems Manager: People in this position coordinate all the computer operations within a business. They analyze needs; determine the hardware and software required to meet those needs; and they plan and direct installations. These individuals are also responsible for maintaining the security of a business’s electronic documents and computer systems.

IT Security Manager: Sometimes considered a sub-category of Computer and Information Systems Management, an IT security manager oversees all information security measures within an organization; this includes both data and network security. They work with executives to develop security policies and to arrange training for employees. They supervise investigations of breaches, and they must always stay up-to-date with the latest IT security developments.

Security Auditor: Security auditors independently evaluate the quality of a company’s information security. This broad category may involve interviewing employees as well as testing computer and network systems. Security auditors need to thoroughly understand an organization’s practices, including organization charts, job descriptions, operating systems, equipment usage, IT policies, disaster recovery plans, access permissions granted to various system areas, backup procedures and more. They meet with managers to discover where there might be concerns and to establish the goals of an audit before actually performing the work.

Beyond direct information security, auditors often look at additional elements that affect IT security, including supervision of outside vendors entering a business; physical security against unauthorized access; and environmental controls that protect data from fires and floods. Security auditors issue detailed reports of their findings that may include recommendations for improvements.

IT Security Consultant: Companies that aren’t big enough to maintain a full-time IT department, or larger ones that simply don’t want one, may hire an IT security consultant to analyze computer and information security needs; to develop a plan to upgrade equipment, software and security procedures; and to oversee the implementation of that plan. A security consultant may work independently or through a consulting company.

Introducing the FREE CEH Study Guide

Posted on by
Reply

The Certified Ethical Hacker (CEH) certification has become the benchmark for penetration testing certifications. From 2007-2011it became all the rage among the community. More and more hackers fled to the scene and started their careers off by passing the coveted CEH certification exam. There is no question that the CEH is still a highly sought after certification (especially because it was added to the DoD 8570 Directive), but its place in the field has changed. Before, the CEH was a symbol of hacking prowess, dignity, strength, wisdom, reverance, veneration, amazement (OK thats enough)…  Now, it holds its spot firmly as the preeminent baseline or entry-level hacking / penetration testing certification.

Being that the CEH teaches a strong foundation of skill sets to aspiring cyber security professionals, we (TrainACE) obviously want more and more people to achieve the certification, because our goal (you may have noticed by now) is to play a significant hand in advancing the skill sets of the cyber security community. We still provide quite a bit of CEH training, but we also offer a great deal of advanced cyber security courses which require a skill level that one can meet by passing the CEH certification exam.

So, in order to serve our own interests help folks along the path of cyber security excellence, we thought we would do you a solid and give away a FREE CEH exam prep study guide. We have been preparing people for the CEH exam since 2005, we are pretty freakin good at it. So feel free to download your copy of the CEH study guide and make sure to check back in with us when you are ready to move on to an advanced cyber security class like Exploit Development, Cyber War, Threat Intel, Honey Pots etc.  Here you go:

Download FREE Here: CEH Study Guide

What are the Must-Know Cyber Security Standards

Posted on by
Reply

In the face of constant cyber threats, formal security standards have evolved to guide organizations in implementing effective countermeasures. With so many critical systems at risk, Information Assurance and other IT security experts rely on government and industry standards to keep an organization’s cyber security robust. Vendors and systems integrators also develop, test, and install systems and products according to these standards.

ISO/IEC 27001 for Information Security Management

Published in 2005, the ISO/IEC 27001 standard sets forth 12 domains that an information security management program should address. Organizations can apply for ISO certification and be audited for compliance. Major areas covered include:

Risk management
Security policy and governance
Information asset management
Computer facility security
Communications and network security
User access controls
Application security
Security incident management
Business continuity processes and disaster recovery
Standards and regulatory compliance

ISO 15408 for Security Product Evaluation

The ISO 15408 standard addresses computer security certification. It is built on an internationally accepted framework standard called Common Criteria against which computer security systems and products are evaluated. Customers, vendors, and independent testers use the Common Criteria as a shared frame of reference to ensure that products meet customer and industry expectations in a consistent, truthful, and robust manner. ISO-certified testing laboratories perform evaluations that seek to validate product claims and to establish a confidence level in the product’s security features and functionality.

Several documents drive the product validation process. A Protection Profile defines user security specifications for a product class and serves as a guide for vendors producing those products. ISO 15408 provides a list of security functional requirements that vendors can choose to implement and be evaluated against. A product’s implemented requirements are detailed in a published Security Target document as a reference for testing labs and customers.

The evaluation’s quality assurance component examines the processes and procedures followed during product development to ensure quality. Typical examples are a formal change control process and standardization of prototypes used in development test. A product is also rated according to the rigor of the evaluation process. Evaluations are assigned one of seven levels on a scale called the Evaluation Assurance Level. Each level consists of a package of security assurance requirements that a product must meet at that rating.

National Institute of Standards and Technology (NIST)

Part of the Department of Commerce, NIST sets standards and specifications for many areas of technology including information security. Various publications provide guidance that is especially useful to government and private sector managers with security responsibility. Areas covered include IT security management, a computer security overview, and security policy best practices. Some guidelines have been developed specifically for federal information systems.

Standard of Good Practice

The Information Security Forum publishes this set of best practices for information security and updates it every two years. The publication addresses real-world business concerns in cyber security along the supply chain and provides guidance on various certifications and compliance requirements. It is an invaluable handbook for CIOs, risk managers, and IT experts in various roles. Recent content covers critical subjects such as cloud computing that are at the forefront of IT initiatives.

Other Cyber Security Standards

The North American Electric Reliability Corporation, or NERC, is a nonprofit that sets enforceable standards for the nation’s bulk power grid. NERC also monitors the grid’s cyber safety and has publicly warned that cyber attack is a serious threat. Its Critical Infrastructure Protection program is designed to protect the North American electric power infrastructure and sets standards useful to IT professionals involved with mission critical systems.

A standard specific to the military is Department of Defense Directive 8570. The standard applies to personnel who work in a security role with DOD information systems and mandates certification as of 2010. All Information Assurance positions are also now categorized with specific qualification requirements.

The ISO Common Criteria standard is generally used for IT security products that can be sold discretely such as software applications and firewalls. Other ISO standards address security issues such as interoperability or specific international markets. An exception in the security field is cryptography, which is subject to national and industry standards although ISO has begun including certain implementations.

Cyber security standards span all domains, from user behavior to firewall design, and form a common reference among customers, vendors, and developers. As the cyber security field grows in response to critical threats, cyber standards can be expected to evolve more quickly than most. One key to success is the participation of top security experts who work in the real world and can help keep it safer through involvement with standards initiatives.

View Upcoming Cyber Security Classes

Introducing the Cisco ISR-AX

Posted on by
Reply

Two IT hosting trends, the central data center and the cloud, are changing Internet infrastructure requirements. Organizations are seeking to lower cost and complexity while better serving internal and external customers in diverse locations. As IT centralizes application hosting, Cisco has responded with the introduction of the Integrated Services Router with Application Experience or ISR-AX. ISR-AX combines a branch router, application optimization, and security and performance features in one box.

A True Integrated Router Appliance

ISR-AX is a cost-effective and comprehensive appliance solution to the growing need to support a mobile and distributed workforce. In addition to layers 2 and 3, ISR-AX addresses layers 4 through 7 to improve application delivery. The appliance adds application optimization to Cisco’s ISR G2 1900, 2900 and 3900 router models. These product lines already offer comprehensive network management and automation capability to extend the Internet edge to the branch office. AX adds Cisco’s Wide Area Application Services (WAAS) license for application acceleration and its Application Visibility and Control (AVC) license for granular application management. AVC gives IT staff visibility into application performance that lets them determine whether any delivery issues are at the branch level. They can also prioritize applications and optimize deployment.

ISR-AX incorporates comprehensive security features with the cloud in mind. In addition to a firewall, it includes SSL-based VPN and intruder detection. The security bundle eliminates the need for standalone products and simplifies IT security management, optimizing the branch’s direct cloud interface and safe use of mobile devices.

An Affordable Business Solution

Until now, Cisco’s market strategy has been to sell the ISR-AX’s functions separately in a modular approach. While in theory the customer can build a tailored solution, the reality is often quite expensive. Further, adding or upgrading is not always seamless when the infrastructure must accommodate a distributed and mobile workforce while staying within budget.

ISR-AX solves the issue by integrating support for layers 2 through 7 in one appliance and offering it at over 30 percent less than its own separate solutions. For example, the ISR-AX 2951 lists for $12,900 while its ISR router competitor retails for $17,695. Using one router box, branch offices can have secure and high-performance access to corporate resources. IT can free up the central data center from its inefficient servicing of satellite locations.

ISR-AX Moves Branches Toward the Cloud

Branch offices are becoming more essential to business operations and also must support more diverse work roles. Application performance is critical if branch users are to enjoy the same experience as centralized workers. Further, IT staff must have network visibility to safely configure branches to access cloud solutions. As companies move to the cloud, satellite sites often remain served by the centralized data center. The ISR-AX changes the game with application optimization that lets IT manage the quality of service to the end user. The branch can connect directly to the Internet without relying on central resources for delivery and security.

BYOD policies also benefit from ISR-AX implementation. BYOD or Bring Your Own Device is the employee practice of using personal mobile devices for work. As more and more people bring their own tablets and smartphones to the office, IT must manage the resulting provisioning and security issues. This complexity makes it difficult to adopt a standard policy that reflects both the IT issues and the reality of the mobile workforce. ISR-AX simplifies the process by bundling routing, security, and application management in a single appliance at the worker sites. BYOD cloud traffic no longer has to take up network resources outside of the branch infrastructure, and IT can manage mobile security at the branch level. This allows an organization to roll out a standard BOYD policy across sites and realize the cost savings that BOYD often provides.

An Application Experience Work in Progress

Companies looking for a complete application router solution may have to wait a bit longer. AX is not yet available for the 800 ISR, ASR1000 and CSR1000V series although Cisco plans on including them. The 800 ISR series supports the small business and teleworker markets, so organizations too small for enterprise solutions cannot yet take advantage of WAAS software and AVC functionality. Larger businesses must also make do with their current edge and cloud services routers until future AX releases support them.

Meanwhile, companies can leverage the ISR-AX in satellite locations to provide a first-rate application experience to the end user and simplified management for IT. The appliance’s security and monitoring features make cloud connectivity and BYOD cost-effective alternatives for branches. Cisco has created the router solution to beat, and upcoming releases should continue to bring it within reach of most everyone.

Cisco Systems is a company that is most well known for it’s extenisve product base in routers and other networking devices. They are also the authoritative body for many networking certifications, such as the Certified Cisco Network Associate credential, which will ensure employers that candidates are well versed in routing and switching.

We are a provider of online CCNA training as well as many other information technology and cyber security certifications.

Why CompTIA A+ and Network+ Certification Training is Beneficial

Posted on by
Reply

Are you a recent graduate looking to enter into the IT world or maybe you are somebody that is considering a career change into a more in demand field? Are you someone who can think logically as well as creatively? More and more technology employers in the D.C., Maryland and Virginia area are looking for candidates that possess solid computer abilities as well as industry certifications.

TrainACE is offering a custom A+/Network+ combination certification training course that is necessary for anyone looking to work in an entry to mid-level IT career.

About CompTIA A+ and Network+ Training

The combined A+/Network+ training course at TrainACE will help you successfully navigate your way into the IT industry by giving you an extensive background in DOS, Windows 9x, 2000, NT 4.0 and XP.

With the A+/ Network+ certification course not only will you be provided with PC hardware and operating systems knowledge, but you will also receive crucial hands-on training, which usually makes up 60% of the course.

The A+/Network+ training course is 96 Academic Clock Hours, with 3 exams needed for certification. The exams cover network technologies, configuration, management, preventative maintenance, security, troubleshooting and other core certification skills. At $2,495.00, which includes the tuition, registration fee and books, you money will be well spent on securing a useful expertise for your professional resume.

With these certifications you will be able to explore careers in:

  • Computer Repair
  • Network Administration
  • Security Engineer
  • Systems Administration
  • Desktop/Technical Support Technician
  • Application Developers
  • Computer Operator
  • Technical Trainer
  • Web Developer
  • Information Security Specialist
  • Software Developer
  • Database Analyst

A Plus and Network Plus Certification Training at TrainACE

The combined A+/Network+ certification course at TrainACE is designed to cater to individuals with basic IT knowledge. This certification course will assist you in gaining entry to mid-level jobs; most of which have an average yearly salary of $50,000*.

TrainACE has established an exceptional reputation in the D.C., Maryland and Virginia area not only for their in-class room training, but also for their live online training. The instructors are experts in their subject matter and will guide you in becoming a skilled network professional.

Even if you aren’t exactly positive about what IT field you want to get into, it never hurts to have a solid foundation in computer repair and troubleshooting. Many of today’s most influential business owners started in IT positions. You may find that with your new knowledge and certification, there is now the opportunity to be self-employed and start your own company.

a+network+

*Salary information obtained from http://www.computerworld.com/spring/salary-survey/2012/job_level/3

PMP Online Training Comes to TrainACE

Posted on by
Reply

TrainACE is proud to welcome Project Management Professional training to our extensive list of online course offerings! It can be delivered to you in one of two ways; 1.) Instructor-led, live online courses, or 2.) Self-paced, pre-recorded training courses.

These offerings present a new kind of versatility which we are excited to share with future Project Managers!

Is the PMP for Me?

Project Managers are needed in countless areas across almost every job field. The Project Management Institute’s (PMI) Project Management Professional credential is the top dog of the industry. PMI has established a set of standards that are meant to protect and uphold the reputation that all their credentials have. To apply for the PMP, you must fulfill one of the following prerequisite categories:

  1. Bachelor Degree Holders: 4,500 hours of experience in project management and a minimum of three years project management experience within the six year period prior to applying to take the exam
  2. Non-Degree Holders: 7,500 hours of experience in project management and a minimum of five years project management experience within the eight year period prior to the application

No matter which category you fit in, you must also obtain 35 learning credit hours. Completing the instructor-led, live PMP training class fulfills this learning credit hour requirement.

Why PMP Online Training?

There are various reasons why people may choose not to attend in classroom training. It could be because they can’t get time off work or maybe they just need a more budget friendly option; no matter what the issue is, purchasing an online training package can be the answer! When choosing the instructor-led option, attendees gain the same benefits as choosing in classroom training. You have live interaction with a group of students, as well as interaction with one of TrainACE’s SMEs.If you choose the self-paced option, you’ll get access to an entire library of modules and 24/7 access to an expert who can answer questions for you. The best thing is you can go back, again and again, to ensure you thoroughly understand the material.

What’s this PMP Training Include?

Whatever option you choose, this online PMP training class is going to include everything you need to successfully pass the respective exam. Both training options include course ware to reinforce the concepts you learn via the instructors as well as instant access to SME’s who can personally answer your questions.  If you’re familiar with TrainACE, you may already know about our free class re-take policy. We are happy to extend this offer to our live, virtual students! When you choose an instructor led, live training class, you can re-take the same class free as long as it’s within a year of your enrollment date.

If you’ve been thinking about gaining your PMP certification, there’s no better time than now. Get more information on PMP online training and view the full online class catalog today!

Latest CompTIA A+ 800 Series Tests Pose New Challenges for Candidates

Posted on by
Reply

In October, CompTIA announced the release of new tests, the 800 series, that will replace the 700-series exams that had been the basis of CompTIA’s A+ certification, the certification that covers entry-level technicians. The 700 series will remain in use through August 31, 2013. Until then, candidates can choose either series as a testing option for the A+ designation.

The new series differs from its predecessor in several significant respects, but it retains the two-part format of the earlier series.

According to CompTIA, exam 220-801 is devoted to “the fundamentals of computer technology, installation and configuration of PCs, laptops and related hardware, and basic networking.” Exam 220-802 focuses on installation and configuration for the PC operating system, on security in different contexts and on troubleshooting a wide variety of systems and devices. Responding to the increasing popularity of smartphones and tablets, the new test also covers the configuration of features for both iOS and Android devices.

“The changes reflect new demands being placed on the entry-level IT technician, who must now help integrate and manage computer networks interfacing with a wide range of devices,” according to CompTIA’s Janet Pinkerton

While the inclusion of mobile devices represents a change in emphasis for the exam, the adoption of a new format may be the most dramatic difference for test takers.

Earlier exams had consisted solely of multiple-choice questions. The 800 series adds “performance-based” questions. As described by CompTIA, the test will present candidates with a simulated IT environment in which they must solve problems or complete tasks. Likening the new format to the difference between written tests and road tests for drivers’ licenses, CompTIA sees the performance-based approach as the best way for a candidate to demonstrate the ability to do more than provide critical analysis of a problem.

The simulated environment attempts to replicate a variety of scenarios that candidates are likely to encounter in the real world. “The simulated environments may include different aspects of IT infrastructure, such as command prompts, Windows or networking environments,” according to information published by CompTIA. “Once candidates use the simulated environment to perform the requested task or solve the stated problem, they click a ‘Done’ button to submit their answer.”

CompTIA advises candidates to pay close attention to problem details and wording. The company also recommends that candidates supplement textbook preparation by seeking out opportunities for hands-on practice.

The adoption of the 800 series also brings a change in CompTIA’s recommendations with respect to experience. While candidates taking the 700-series exam were advised to have six months or 500 hours of experience, CompTIA recommends 12 months of experience, whether in the field or in the lab, for candidates intending to take the 800 series.

In addition to those changes, the 800 series adds comprehensive coverage of Windows 7, eliminating Windows 2000 from the test, and adds areas devoted to virtualization and mobile devices, two topics that were not part of the 700 series. The new test puts increased emphasis on troubleshooting in varied hardware and software environments, adding wireless as an entirely new troubleshooting focus. Testing on security-related issues has been extended to include those issues especially relevant to small office and home office situations.

CompTIA updates its A+ exam every three years, revising the test in consultation with large technology companies and the U.S. military. The company also surveys certified professionals in the field in order to evaluate the usefulness and value of proposed changes.

Phil Norton, a systems analyst who serves on the CompTIA committee charged with exam review, sees the changes made by the 800 series as a way to insure that candidates stay abreast of developments in IT and that the A+ test is a meaningful one: “The new objectives attest to the trends in the marketplace, and with the deeper-level, performance-based questions, we are making sure the exam is the benchmark we want it to be.”