1

ABOUT THE AUTHOR

The author, Aliyu Ahmed Ahmed is a Microsoft Certified

Technology Specialist, a Cisco Certified Network Associate and
an IT Business Process Outsourcing consultant. He has a B.Sc in
Economics and a Diploma in Computer Science from Ahmadu
Bello University Zaria. His other IT certifications include MCP,
MCDST and Linux certification from an Indian (Kolkata)
Software Training Facility called Tathya PVT LTD. He is also an
occasional columnist in the Guardian Newspaper and a
contributing editor in Communicationsweek, an IT magazine.
Ahmed has five years field experience in network support and
has over the years worked in the following IT firms; KarRox Training Institute as MCSE
Instructor, Aptech World Wide/STPL (Software Technology Park Limited), as a
Networking Instructor/Security Administrator, Sphinx Interactive Solutions as a
Technical Support Engineer, and Meridian Technologies as a CCNA/Security Instructor.
He is currently working with Webb Fontaine as a site support engineer, a Geneva based
ICT conglomerate.

“From bits to bytes to gigabytes, humanity

recreated itself into an inter-planetary fragile
ecosystem called the Internet: And into a fear,
the fear of its unknown others. Think before you
click accept, and together we shall clean the
Internet.”

Aliyu Ahmed Ahmed

2
 CHOOSING AND NAVIGATING YOUR IT CAREER PATH

Newton's First Law of Motion states that an object at rest tends to stay at rest, and an
object at motion tends to stay in motion until acted upon by an external force. This is true
of careers as well, including yours. Where do you want your IT career to be in one year?
Do you want to have earned several IT certifications in that time, therefore advancing
your IT career? Or do you want to be in the exact same place you are today? The only
person who can make this decision is you. Moreover, I can speak from experience that
when you begin putting your career into motion - the possibilities are unlimited.
However, you have to get started – today.

Before going around asking experts on what IT career path to take or what IT
certification to pursue, first the only person you should ask that question is yourself.
Whether you want to start an IT career or jumpstart your current one, make the decision
to move forward in your career - and then follow through on that decision. Because the
goal of getting a job is less important than the goal of getting a job that you like. You
have to have passion for whatever you are doing. If not, you will not do it very well. So
try to get a job that you like, pay the whole of your attention on it and then allow nature
to take its course. Also, the passion that led you to a particular field in IT is important,
because employers will ask you why you decide to choose a particular field in IT as
they are looking for people with natural excitement about starting a career in a
particular field in IT.

Other than the obvious passion for computers and technology, salary and job growth
potential are excellent reasons to consider computer careers. Diversity of computer skills
adds to marketability in the workforce. A lawyer that is a Microsoft Certified
Professional will benefit internationally than a lawyer without an MCP, likewise a
medical doctor that is SQL or Oracle certified will have a better outlook globally than a
doctor without any IT certification will. Many employers do not have time to train
workers on basic skills and expect employees to be more than familiar with computers. If
you have an aptitude or interest in math, science or art, and have strong problem solving
and analytical skills, you are a perfect candidate for a computer related career. Computer
careers can be a solitary work, but often require good communication skills. Systems
administrators must know how to relay information to clients and co-workers in order to
maintain order and efficiency in the system.

Computer education is available in many varieties; from certifications, certificate

programs, associate's degree programs, bachelor’s and even master's degree programs.
Many professionals in Nigeria receive degrees in computer science and related fields, but
still cannot produce in the local and international IT markets. Therefore, they are required
to have specific certifications (for example MCSE-Microsoft Certified Systems Engineer,
CCNA or MCSA-Microsoft Certified Systems Administrator) and some hands on

3
experience to fit in. In fact, it is better to have good hands on experience without having
the certifications than having the certifications without knowing the equipments.
Companies are more likely to employ candidates with years of experience on Cisco
equipments without a certification than candidates with CCNA but lack hands- on
experience.

The acceptance of computers in business has created a great demand for IT

professionals. Almost every industry has a need for IT professional for marketing, client
retention and daily operations. Industries such as banking, insurance, hospitals and
utilities absolutely rely on them. The information age has created a wealth of career
opportunities for computer specialists, elevating their status as knowledgeable
professionals and compensating them well financially. If you are a computer specialist, or
would like to become one, a career in the IT profession can be obtained in less than a
year of study with the current spring of various IT certifications.

Certification is recognition given to individuals who have met predetermined

qualifications set by an agency of government, industry, or profession. Certification
provides verification of individuals’ knowledge and experience through evaluation and
approval based on a set of standards for specific profession or occupations’ functional job
levels. Each certification is designed to stand on its own, and represents a certified
individual’s mastery of a particular set of knowledge and skills (US DoD)

A lot of people these days are crazy about getting IT certifications attached to their
foundation degrees or other basic knowledge because certification credentials will
definitely enhance their knowledge. More so, the IT industry now require those
certifications as a proof of sound understanding of IT principles . There are over 400
certifications out there for you, among which are:

A+ 2003, CCDA, CCNA voice, CCNA security, CCNP voice, CCNP security, CCIE,
CEH, CSSP, CISSP Linux+, LPIC2 Linux Junior Level, LCPI2 Linux Intermediate Level,
Master CIW Administrator, Master CIW i-Accelerate. Some others are, MCNE, MCSA
2000, MCSA 2003, MCSE 2000,MCSE 2003, NetWare 5 CNE, NetWare 6 CNE,
Network+, RHCE, RHCT,SCE, SCM,SCP, Security+, Server+, Solaris 8 SCNA, Solaris
9 SCNA, Solaris 9 Security TICSA and a host of others.

The issue is what certification do you start with? Moreover, after then what do you do
next? Do you want to be a programmer, a network engineer, a security advisor, an
animator, a graphic artist, system engineer, a hardware engineer, a database
administrator, a movie or a statistical analyst?

You can consider your foundation degree or any basic expertise you have acquired and
see what IT skill can enhance it, that is if you are bent on making a career out of your
undergraduate studies. Then, you certify on that IT course. If you are say a structural
engineer, an architect, a builder, surveyor, a planner or a photographer, before thinking of

4
any IT certification you have to think of obtaining a certification on AutoCAD, 3D
Studio Max or some sort of graphic design and animation diploma/certification. This will
definitely add speed, color and effects to your designs because the era of paper and pencil
design has been long forgotten. Hot selling skills in graphic design are: 3D Design Skills,
Computer Animation Skills, Computer Design skills, Web Design Skills, Internet Design
Skills, Media Production Skills, Vector Imaging Skills, and Raster Imaging Skills. Lest I
forget, an architect who is good in animation in 3D Studio Max or similar packages can
fit into the advertisement industry or the movie industry. Those who completely pursue
an education in Graphic design will be prepared to enter the workforce in a variety of
roles such as graphic designer, advertising designer and computer artist. These sectors
rely a lot on animations and pay good money. Also, most businesses these days need to
create content that will be viewed both on the Web and in print. Businesses use computer
graphics for business presentations. Television and movie producers use computer
graphics for special effects and animation. Advertising agencies use computer graphics
for images in advertisements for print and television. The outlook for growth among
employees in the computer graphics field is very good. As the technology grows in this
field the need for employees who are trained continues to grow, especially as the internet
expands the methods for visual merchandising. More and more industries require
computer graphics for advertising, films and various visual merchandising needs.
Therefore, this is an IT sector worth eying.

If you are going into graphic design you should know that there are three main types of
graphics packages: Image editing software, illustration software and layout software.
Image editing software lets you work with photos or other digital files at the pixel level
to crop, enhance, alter and otherwise modify the image. Leading image editors (such as
Adobe Photoshop) contain drawing tools that let you incorporate illustrated elements
with the photos you’re working with. Illustration software, on the other hand, lets you
create original artwork -- logos, icons, electronic drawings and so on - using points, lines,
curves, polygons and color. Leading illustration packaged like Corel’s CorelDraw,
Maya, 3D max etc give you the tools to also work with bitmap images and do some
rendering and animation. If you are very good with illustration software, just one job
with a movie firm can suddenly bring you into big money. Layout software lets you
assemble text, images and illustrations into a single document that will likely be printed
or distributed electronically, most often as a PDF file.

Also, if you are an economist, an administrator, or into related discipline, obtaining a

certification in office applications like Excel, statistical packages or Econometric View
will do you a lot of good as your will be involved in a lot of projections and predictions
using past or real-time data, and running data a lot. It will also be a big plus for you if
you know a lot of accounting packages like Tally, Peachtree, Paymaster etc. companies
pay good money for their installations, training and support. You should really eye
technologies where people are spending some money or likely to spend money in
future.

Further more, people now venture more into how the computer functions, like networking
and system support as computers have now flooded every nook and cranny of the world

5
and they need support. Popular certifications in this section include MCSE, CCNA CCIE
and a host of others. The idea is, because people make projections as regards to the
sectors where investment are moving to, they prepare themselves through certifications to
exploit those sectors in future, and IT is the place to go. In addition, if you are trained in
other fields and you are unemployed, you can retrain in less than a year in IT
certifications to transform into a hot cake. For instance, I am a trained economist but I
work as a network support engineer. Yeah! Am always carrying cables, crimpers and
laptops to test routers and switches but I feel happy even though it makes me the dirtiest
personnel among my colleagues. Therefore, majoring in IT requires starting with A+ and
N+ then any other thing can follow.

Now to the certification. Let us start from networking because I am a Cisco trained
network engineer. The CCNA is a very good entry-level certification and if you study for
it properly, you will have a very solid understanding of lower level networking which is
essential to do any admin job. The nice part about doing the Cisco Certification is that
the information from there can be applied to so many other certifications. Even though it
is a vendor specific cert, the skills you have gained will serve you well in most situations.

CCNA training allows you the ability for installations and operation of LAN, WAN, and
dialup access services for small networks with 100 nodes or less. The CCNA course
includes, but not limited to using the different networking protocols such as Ethernet,
Access Lists, Serial, IP, IGRP, Frame Relay, IP RIP, and VLANs. Cisco's CCNA Prep
Center Pilot offers simulations and sample questions, beside the e-learning modules and
laboratories. Computer training includes also valuable tips from CCNA professionals, in
addition to expert advice, and encouragement through CCNA certification success
stories. CCNA training does not require any prerequisite and makes available many other
resources to help students with the preparation of their CCNA certification exams.

CCNA course, exams and recommended training include the Introduction to Cisco
Networking Technologies (INTRO), the Interconnecting Cisco Networking Devices
(ICND) or both. CCNA training and additional training, probably cover most of your
career path expectations. However, Cisco's CCNA certifications are valid for 3 years, so
it is necessary for additional computer training to re-certify. This is achieved by either
passing the current CCNA exam at the point of the original certification's expiration,
passing the ICND exam, passing the 642 professional levels. Presently, Cisco has
introduced CCENT, CCNA SECURITY, CCNA wireless, CCNA voice, CCVP, and
CCIE voice with the security and wireless elements to the certification to encourage
specialization. ICND 1 is equivalent to CCENT, coupled with ICND 2 you get your
CCNA.

After CCNA training your can also re-certify by passing the Cisco Qualified Specialist
exam, excluding the Sales Specialist exams, or passing a CCIE written exam, which is a
re-certify form valid for individuals who had a CCNA certification starting from October
1, 2004. Cisco CCNA online training certification program, offers the same value,
knowledge and skill earned on a traditional CCNA course, and it is a nationally
recognized certification. With computer training online, you will gain knowledge of

6
switched LAN Emulation networks, which is made up of Cisco original equipment.
CCNA training online focuses on the coverage of Cisco router configuration procedures,
mapped to exam objectives in order to prepare you for Cisco Exam 640-801, in
partnership with major Universities and Colleges offering CCNA certification as well. I
was privileged to under study in a Cisco Academy in Zaria (Nigeria) with some medical
doctors. These days as the voice technology is gaining ground, you can now obtain
CCNA voice, CCVP or CCIE voice specializing in call centre set or IP telephony.

The Computer training program online consists of 2 sections; "Introduction to Network

Engineering", which allow the students to understand the world of network engineering,
learning fundamental facts of data network theory and current technologies that makes
the Internet tick. The second section of the online CCNA course is "Practical Network
Engineering.” This is an approach to some of the most powerful networking technologies.
It involves extensive work on switches, Cisco routers, and firewalls in a simulated
network environment, preparing students to earn the CCNA certification.

The CCNA is a starting point to do the more advanced Cisco courses such as CCNP
(more advanced networking), CCSP (security, i.e. firewalls, VPNs, IDS, etc.), and then
you get things like VoIP. The CCNP examination is highly regarded and consists of
exams, covering switching, routing, support and remote access, plus a few more topics.
After getting your CCNA, you have to then decide whether to major in design,
implementation routing and switching which is the CCNP or major in security, which is
heavily theoretical and analytical like CCSP, which I will discuss later, or CCVP (voice).
You can move from CCNA security to CCSP or CCNA Voice to CCVP, but having to do
your CCNP before CCSP is an added advantage before moving to CCIE.

CCNP new modules will comprise of:

642-901 BSCI
Building Scalable Cisco Inter-networks, ISR routers, updates to Cisco IOS
Software 12.4 routing protocol, routing authentication security, multicast routing, IPv6

642-812 BCMSN
Building Cisco Multilayer Switched Networks, High availability, new wireless LAN
fundamentals for Airspace thin-client, voice, and Cisco IOS switch security

642-825 ISCW
Implementing Secure Converged Wide-Area Networks, Cable and DSL broadband
access, Multi-Protocol Label Switching (MPLS)/MPLS VPN fundamentals Cisco IOS
Security featuring S2S VPN (IPsec and generic routing encapsulation/IPsec
[GRE/IPSEC]), Cisco Easy VPN, Cisco IOS Firewall, Cisco IOS Intrusion Prevention
System (IPS), Cisco AutoSecure, Role-Based CLI Access, and Cisco Security Device
Manager (SDM)

7
642-845 ONT
Optimizing Converged Cisco Networks Voice over IP (VoIP) fundamentals, techniques
to address VoIP challenges, concepts and implementation methods for quality of service
(QoS), wireless security standards, and Cisco wireless LAN (WLAN) networks

Cisco Certified Security Professional (CCSP) validates advanced knowledge and skills
required to secure Cisco networks. With a CCSP certification, a network professional
demonstrates the skills required to secure and manage network infrastructures to protect
productivity, mitigate threats, and reduce costs. The CCSP curriculum emphasizes Cisco
Router IOS (ISR) and Catalyst Switch security features, Adaptive Security Appliance
(ASA), secure VPN connectivity, Intrusion Prevention Systems (IPS), Cisco Security
Agent (CSA), Security Enterprise and Device Management, Network Admission Control
(NAC) as well as techniques to optimize these technologies in a single, integrated
network security solution. In addition, CCSP leverages the new CCNA Security
certification as a prerequisite.

Note combining a CCNP and an MSCE will make you a hot cake in the field of IT. Start
your CCNA then follow it up with the MCSE tracks one after the other and then round up
with a CCNP. Don’t forget to be flexible with the Unix descendants too, because these
days, Linux and Windows coexist in most of today’s networks.

At the risk of sounding arrogant, I believe CCIE (Cisco Certified Network Executive) is
the mother of all certifications (You know you cannot go wrong with Cisco in
networking). In addition, currently there are just barely over 21000 CCIE holders in the
world. CCIE is very expensive and it is only given in selected locations. You pay $300
for the test and $1250 per lab for the lab test, which is an 8 hours test. The highest paid
Certified IT professionals are CCIEs partially because of the demand for them and
partially because of the small population. The CCIE certification opens doors
internationally for the network engineer because the skills are portable and in demand in
virtually every country on the globe. There have been some great strides in developing
talent and Cisco has been right there to monitor and support the hiring of talent through
the SRS (Strategic Recruitment Solutions) Program and the Cisco Partner Talent Portal.
Becoming a CCIE is easier today with many training options available for career minded
networking professionals.

You also need a certain amount of experience to take CCIE exam and the test is multiple
choice and hands on. What they do with the hands on, apparently, is to put you in a room
with a bunch of devices and give you a scenario. You are then supposed to create the
network based on this scenario. When you are about half way through, they send you out
of the room and then mess up what you have done and you are now supposed to
troubleshoot the problem and fix it. In addition, the certification is only valid for two
years. When you are preparing for your CCIE, your neighbors will think you have gone
crazy, just do not let that bother you, as you will be talking to yourself a lot. Even your
wife may start suspecting something; just hold on- until you get there.

8
Presently, Cisco has announced a new certification higher than CCIE called CCA. The
Cisco Certified Architect certification (CCA) recognizes the architectural expertise of
network designers who can support the increasingly complex networks of global
organizations and effectively translate business strategies into evolutionary technical
strategies. A Cisco Certified Architect gathers the business requirements and objectives
necessary to produce a blueprint for an integrated, large-scale, complex, global network.
They can translate business parameters and objectives into functional requirements for a
network design. In addition, Cisco Certified Architects can clearly communicate and
advocate proposed Cisco network architectures, valid CCDE along with a thorough
understanding of networking infrastructure principles is a prerequisite to obtaining CCA.
Candidates must also have an active login to the Cisco Learning Network. I want to sum
up this section with an important point; if you choose to work on Cisco equipments,
please learn how to install Vsat, Fibre Optic termination, and radio equipment installation
because the Cisco curriculum will not practically take you through these installations.

Cisco Certifications in order of specialty

Entry Level
IP Networking (CCENT)

Associate Level
Design (CCDA), Routing and Switching (CCNA), Security (CCNA Security), SP
Operations (CCNA SP Ops) Voice (CCNA Voice),Wireless (CCNA Wireless)

Professional
Design (CCDP), Routing & Switching (CCNP), Security (CCSP), Service Provider
(CCIP), Voice (CCVP) Wireless (CCNP Wireless)

Expert Level
CCDE Design Expert, CCIE SP Operations, CCIE Routing and Switching, CCIE
Security, CCIE Service Provider, CCIE Storage Networking, CCIE Voice, CCIE
Wireless

Specialist Level
Advanced Routing and Switching, Data Center, Foundation for Channel Partners,
Security, Unified Communications & Video, Wireless LAN

Architect Level
Cisco Certified Architect

Once again, before taking any certification adventures make sure, you are equipped with
your COMPTIA A+ and N+. I won’t respect a programmer that doesn’t know how to

9
replace his RAM. These courses are very easy to pass; from there you can decide a
particular course. The CCNA tracks are very demanding and practical oriented. When the
Cisco academy took off in my state (Ahmadu Bello University Zaria), many people
fought for the form. They were under the mistaken impression that since Cisco is a hot
cake IT certification, Cisco certified professionals will be working in well ironed
presidential suites wearing garish looking neck ties. However, to their surprise we were
always carrying cables, pliers, LAN tester and dusty patch panels around, and after our
first module most of them ran away. When you are working in an open standing switch
like 4500 series switch or an open Linux box you use for routing, your necktie could be
trapped in a rolling fan. When I started working with my organization, I had the
opportunity of designing and implementing a multi-floor LAN. At the site, my crew and I
were working simultaneously with welders, tilers and some carpenters; you could hardly
differentiate us, except if you look closely to figure out my original made washout
Armani jeans or my Bruno Mali made shoes or probably if I am answering my black
berry from time to time.

Did I hear somebody say ‘how about Juniper certifications? Juniper is a company that
produces networking hardware just like Cisco, and together they formed a kind of
duopoly in the networking market, with Cisco taking 60%, Juniper 30% and the others
sharing the remaining 10%. Juniper produces T-series, M-series, E-series, MX-series, and
J-series families of routers, EX-series Ethernet switches and SRX-series security
products. JUNOS Juniper's network operating system runs on most of the Juniper
products. In 2009, Juniper made its debut on Fortune Magazine's 100 Best Companies to
Work for. Juniper ranked 4 in Fortune Magazine's World's Most Admired Companies list
in Networking Communications category in 2009. M40 of M-series was the first product
by Juniper Networks, which was released in 1998. JNCIA-ER is the entry-level
certification in Juniper, much like Cisco's enhanced qualifications for the CCNA
certification. Next is the JNCIS-ER, which requires a bit more advanced-level
knowledge. The idea here is to represent a CCNP-type knowledge level. Then, there's the
newly listed JNCIE-ER certification, which offers a lab-based exam, just like the CCIE
R&S. Prometric is Juniper's only choice for testing centers, whereas Pearson Vue is
Cisco's. Juniper is a little behind the curve in terms of the number of qualified/certified
individuals out there interested in its products compared to Cisco. These days Juniper is
awarding free exam vouchers to Cisco Certified Professionals, to initiate them into
the Juniper platform. Though, I have met CCIE holders that are beginning to take
Juniper exams so as to move into the 30% margin of the networking market.

Other certifications offered by Juniper include:

10
Associate Level Certifications

JNCIA-M: Juniper Networks Certified Internet Associate on M-Series router network.

JNCIA-E: Juniper Networks Certified Internet Associate on E-Series router network.
JNCIA-ER: Juniper Networks Certified Internet Associate on enterprise routing (former
JNCIA-J, J-Series routers associate).
JNCIA-EX: Juniper Networks Certified Internet Associate on EX-Series SwitchNetwork.

Specialist level certifications

JNCIS-M, JNCIS-E, JNCIA-FWV, JNCIS-ES, JNCIS-ER.

JNCIS is short for Juniper Networks Certified Internet Specialist.

M stands for M-Series router certification path, E stands for E-series router certification
path, and FWV stands for Firewall/VPN certification path, ES for Enhanced Services, ER
for Enterprise Routing certification path.

Professional level certifications

JNCIP-M, JNCIP-E
JNCIP is short for Juniper Networks Certified Internet Professional. M stands for M-
Series router certification path, and E stands for the E-Series router certification path.

Expert level certifications

JNCIE-M, JNCIE-ER

JNCIE is short for Juniper Networks Certified Internet Expert. M stands for M-Series
router certification path and, ER stands for Enterprise Routing certification path.

I want to now move into a very challenging field in IT, i.e. Information Security
(infosec). This is a dollar making profession. When the Internet started accommodating
ecommerce, organizations weren’t bothered about the security implication of the
transactions they just want to see communication happen. But now through bitter
experience organizations will approve any budget on security. An Information Security
Specialist, also known as an information security engineer, or security administrator, is
an IT professional who designs and manages an organization’s security infrastructure.
This includes choosing the network hardware and network operating systems, locking
down those systems, and staying focused on possible weaknesses in those systems and
hardening them as appropriate.

Duties of an information security specialist include the analysis of an organization’s

security risks and requirements, rating the importance of a company’s products and

11
services, and the related design, implementation and maintenance of the security
infrastructure to protect the business from security breaches. This role has overlap with
that of a network engineer but is higher, in that it is a more specialized role. A very good
understanding of networking, both hardware and operating systems, and the web is
critical. As the old saying goes, bank tellers do not spend as much time learning about
counterfeits as they do with knowing the real thing. The same applies to security
specialists: they must have an intimate knowledge of their systems in order to know their
weaknesses and how to overcome them. A strong interpersonal skill is also important, as
a security specialist must be able to convey to management the security risks, as well as
be able to keep close tabs of newly discovered holes in their systems. They are likely to
work in a team with more and less qualified security staffs and so must be able to
communicate both up and down the chain of command.

A person may consider entering this field after attaining a Computer Science or
Computer Engineering University degree or a one or two years computer diploma from a
local technical institute or a CCNA certification. However, some information security
specialists may also have a technically related MBA degree. Either way, a lot of
dedicated training and related certification in one or more leading network operating
systems is highly recommended as is training and certification on network equipment and
protocols. Optimally, security specific certification should be pursued. In addition, this
person should be proactive when it comes to applying security patches and the like but
should also be prudent by being in the habit of ensuring that patches are first tried out in a
test environment and by ensuring that data backup and disaster recovery plans are in
place and followed as required. Candidates for this job should also be exceptional
troubleshooters in order to help them discern between security breaches and innocent
technical bugs.

An information security specialist often starts out as a network engineer and may move
on to more specialized roles within the security or educational realm, such as information
security architect, or else move towards IT management. Whichever path they take, these
professionals tend to be at the high end of the IT pay scale. Salary information is so
dependent on an IT professional’s particular skill set, experience and geographic location.
However, experienced information security specialists can attain salaries of $70,000 or
$80,000 USD or higher in the international market. Below is a salary survey in thousands
of dollars per annum by Techrepublic in 2010.

Table 1

12
Source: Global Knowledge/Techrepublic 2010

13
Source: Global Knowledge/Techrepublic 2010

14
Source: Global Knowledge/Techrepublic 2010

Computer security is a growing field. Many businesses have created networks, websites
and become reliant on computer technology, without employing safeguards to protect
their data. Many malevolent computer geeks out there attack systems, or software for fun,
curiosity or profit. Data extortion is now a common organized crime. Security violations
have created new careers in network security and software development. Courses of
study are mainly in Microsoft products and software development languages like Visual
Basic, C++, .net, compiler and assembly languages. Career positions in this category
include network security, software programming, web design, web development and
website administration (server side).

A certification in security starts with compTIA’s Security +. This is meant more for
administrators who want to show they have some security knowledge. Sec+ seems to
cover a lot of disaster recovery, such as hot\warm\cold sites, and remembering the
different backup types. While it is security, and definitely good to know, it is not the type
of security exams most people think of. It does cover some of what most people think of
when they think of security, like covering the differences between AH and ESP when
using IPSec. Another thing that sets it apart, like most compTIA exams, its wording
seems a lot simpler than Cisco\Microsoft exams. Generally, no need to scroll the page
like you do those two exams. In addition, Sec+ counts as a certification for MCSE +
Security, at least on 2000 spec. Like many compTIA exams, it seems like the starting
exam for that branch like Net+ is the starting exam many people take for MCSE or
CCNA, and A+ is a starting for people who also take MCSE. After that, you move to
CCNA, then Cisco Certified Security Professional CCSP. You can also couple that with
your CISSP (certified information security system professional) which is vendor
independent and all the GIAC individual certifications.

The CISSP is the credential for professionals who develop policies and procedures in
information security. It was the first credential in the field of information security,
accredited by the ANSI (American National Standards Institute) to ISO (International
Organization for Standardization) Standard 17024:2003. CISSP certification is not only
an objective measure of excellence, but a globally recognized standard of achievement.

For your CISSP credential, your professional experience has to be in two or more of these
10 (ISCs) CISSP domains:

Access Control
Application Development Security
Business Continuity and Disaster Recovery Planning
Cryptography
Information Security Governance and Risk Management
Legal, Regulations, Investigations and Compliance
Operations Security
Physical (Environmental) Security

15
Security Architecture and Design
Telecommunications and Network Security

The GIAC individual certifications are:

http://www.giac.org/

GIAC Certified Firewall Analyst (GCFW)

GIAC Certified Intrusion Analyst (GCIA)
GIAC Certified Incident Handler (GCIH)
GIAC Certified Forensic Analyst (GCFA)
GIAC Certified Incident Handler (GCIH)
GIAC Security Expert (GSE)
GIAC Security Essentials Certification (GSEC)
GIAC Security Leadership Certificate (GSLC)
GIAC Systems and Network Auditor (GSNA)
GIAC Information Security Fundamentals (GISF)

A recent aspect of security consultation that is making headlines is penetration testing

(pen test) and cyber forensic. Basically, a security consultant is someone who specializes
in securing computer systems -- that’s a very basic description. Since more and more
critical information is stored on computers, you need people who specialize in
information security. The reason it is a specialization is because security is constantly
evolving and the approach you take to systems is different from that of a programmer, or
a network designer.

Penetration testing is an activity where you pay security specialists to attempt to break
into your systems so that you can discover what vulnerabilities exist, and fix them. It
should not be confused with vulnerability test, which is finding loopholes in a system
(OS) using specialized tools. Pen–test is sometimes called 'ethical-hacking'. Penetration
testing is great fun. It involves a lot of creative thinking and can be very challenging. .
Some of the industry leading certifications in pentesting include:

Pentesting with BackTrack: PWB

"Pentesting with BackTrack" (previously known as Offensive Security 101) is a flagship

course designed to take you from basic information gathering to writing your own buffer
overflows. This course will introduce you to real-life hands-on penetration testing
techniques using the award winning pentesting distribution - BackTrack. This course
leads to the Offensive Security Certified Professional.

16
OSCP

The OSCP, or Offensive Security Certified Professional, is one of the world's first
completely hands on information security certifications. The OSCP challenges the
students to prove they have a clear understanding of the concepts of the Pentesting With
BackTrack material, as well as a depth of knowledge in penetration testing. A lab that the
student never has seen before is set up with only a limited amount of machines. Each
machine is awarded points if a successful hack is performed. The student must
demonstrate their depth of understanding by submitting both the steps they took to
penetrate the box as well as the proof.txt file. If both of these are submitted the students
receives points for that particular box. If they achieve the points they need they can stop
and pass or continue on to try and penetrate the whole network. The OSCP is a twenty
four hour exam, where a straight 24-hour period is given to the student to attempt this
certification. It is a very difficult and challenging exam that will truly test the limits of the
student. If a passing score is achieved the student is awarded a coveted OSCP
certification.

OSCE

The OSCE, or Offensive Security Certified Expert, takes security certification to a high
level. After the student completes the very challenging Cracking the Perimeter class the
core of their understanding and knowledge is challenged to the limits in the special OSCE
certification labs. The OSCE labs are set up with a limited amount of machines and very
specific "hacks" must be performed in order to pass this amazingly challenging 48-hour
exam. The student must submit their completed exploits and the steps they took to obtain
the proof.txt files on the servers they are challenged with.

OSWP

The OSWP, or Offensive Security Wireless Professional, is one of the world's leading
wireless attack certifications. After the student studies the internal workings of wireless
signals and how to successfully crack the most popular and common encryption protocols
in the market they are challenged with the OSWP certification. In the testing centre, a
specially designed lab has been built to give a student access to a BackTrack machine
that is within range of a challenging access points. The student is given only 4 hours to
crack a limited number of WEP and WPA networks. The Student must submit the correct
encryption codes as well as the attack vectors they used to obtain them in order to be
awarded the OSWP certification.

Advanced Windows Exploitation: AWE

Advanced Windows Exploitation Techniques (AWE) is an in depth, hardcore drilldown

into advanced Vulnerability Exploitation Techniques on the Windows platform - from

17
Offensive Security. The course covers topics such as Egghunters, NX Bypassing
Techniques, Function Pointer Overwrites, Heap Spraying, Venetian Shellcode, writing
Immunity plugins, WinDgb, Encoding and custom shellcode creation.

Intrusion analysis involves figuring out how an attack was orchestrated. Say for example,
your website was hacked. An intrusion analyst will try to recreate what happened from
the available logs. Incident handling is slightly similar to intrusion analysis. An incident
handler is a person who is trained to respond correctly to that incident, keeping the
integrity of the evidence, and restoring the systems to a normal state as soon as possible.

Cyber-forensics is like normal police forensics, but on computers. It is a highly

specialized field. You work with law enforcement, courts etc. and have to be able to find
things in computer systems where there is seemingly nothing to find. Some leading
certifications in forensic include:

Certified Computer Forensics Examiner (CCFE) Certification

Certified Hacking Forensics Investigator (CHFI) Certification
Certified Computer Examiner (CCE) Certification

Other popular certifications in security are:

Computer Security Incident Handler (CSIH)

Certified Ethical Hacker (CEH)
Certification and Accreditation Professional (CAP)
Information Systems Security Architecture Professional (CISSP-ISSAP)
Information Systems Security Engineering Professional (CISSP-ISSEP)
Information Systems Security Management Professional (CISSP-ISSMP)
System Security Certified Practitioner (SSCP)
Certified Information Security Manager (CISM)
Certified Information Security Auditor (CISA)
Microsoft Certified System Administrator: Security (MCSA Security)
Security Certified Network Professional (SCNP)
Security Certified Network Architect (SCNA)

Being a security consultant is fun if you are passionate about technology and security. It
can also be quite painful as people view you as someone who restricts access and just
causes inconvenience. It is a field that is really coming up these days. Remember, if you
want to get into security, you should first make sure your networking skills are in order.

18
Then you need to learn a programming language, something that lets you talk right to the
operating system like C. After that you have to learn all the different aspects of security,
types of attacks, common vulnerabilities etc. Practical experience is the best teacher.
Most people learn on other people’s networks (if you know what I mean). However, it is
far better if you setup your own lab, since you do not want to end up going to jail while
trying to make a career. And finally one has to be flexible on a Unix operating
system and its descendants. Popular flavors are sun Solaris and Irix, and most
organization build their networks on UNIX and then spread them to Window boxes.

Another important certification today is the MCSE (Microsoft Certified System

Engineer). Microsoft certification is increasing day by day. It is the most widely
recognized technical certification in the industry, which is on high demand. The MCSE
boot camp institutes make them earn their Microsoft certification and make them lead the
organization in successful manner. The MCP personnel administer the most advanced
Microsoft windows platform and Microsoft server products. The survey of MCP
magazine states that the average base salary of MCP ranges from $60,000 to $70,000.
The MCSA (Microsoft certified system administrator) is more for Administration. This
would be if you were managing a Windows environment that had already been setup. It
will give the skills on that aspect. (This also can count towards the MCSE so if you do
this, you would be on your way to completing the MCSE). The MCSE consist of seven
tracks including two electives. These days, Microsoft is now emphasizing on MCITP-
Microsoft Certified Information Technology Professional. Microsoft has thrown away the
‘engineer’ thing in MCSE and now decided we should be called IT professionals instead
of system engineers (though MCSE is still supported). Therefore, with an MCSE we can
upgrade to MCITP or start MCITP tracks afresh, writing five exams. The codes for
MCITP are stated below.

MCITP

070-620 windows vista

070-640 Fundamental of Window Server 2008 Active Directory
070-642 configuring and troubleshooting window 2008 network infrastructure
070-643 fundamentals of windows 2008 network infrastructure
070-647 Designing windows 2008 network infrastructure

From MCSE one can upgrade MCITP as server administrator or enterprise administrator,
most people in my region opt for enterprise administrator, and the
Tracks are stated below:

MCITP Enterprise upgrade

070-647 Windows 2008 Network Infrastructure design
070-649 Updating network infrastructure and Active Directory
070-620 Mobile computing Application Windows vista

19
MCITP server administrator upgrade
070-646 Planning and Administering Windows 2008
070-649 Updating network infrastructure and Active Directory

MCM (Microsoft Certified Master)

The Master series certification enables senior-level IT professionals to demonstrate and

validate their technical expertise on Microsoft server products and is a prerequisite for the
Architect Series

MCM: Microsoft Exchange Server 2007

MCM: Microsoft SQL Server 2008
MCM: Windows Server 2008: Directory
MCM: Microsoft Office SharePoint Server 2007
MCM: Microsoft Office Communications Server 2007

Note, you can easily Google the MCP codes to get more information.

Also, I want to bring this point to the attention of some of us living in the poorer
countries( developing world). MCSE or MCITP is a good certification for you and you
can take it to anywhere in the world, but it is not bad if an MCSE can install a VSAT,
radio equipments, knows how to terminate fibre optic cables, or work on AutoCAD
applications. Or if a CCNA guy can install and give training on accounting packages like
IQ restaurant, Peachtree etc. Or an Oracle database guy that can install CCTV and IP
cameras. They are very easy to learn, and people spend money on these technologies on
daily bases. This dynamism will also help you economically because when you are on
site clients present you with all sorts of problems. In the advance world you can afford to
specialize, like doing access-list alone because these people are centuries ahead of us,
with centuries of organized production efficiency, and they have conquered poverty.
That is why a lawyer in the U.S can afford to tell a client that ‘sorry I am only a
personal injury lawyer or an antitrust lawyer’. If a lawyer says that in Nigeria, there are
nine out of ten chances that he would starve. But the operating systems and the Internet is
the same wherever you go. That means being in Africa you can be a better system
engineer that someone in the U.S, because the Internet has created a favorable
environment for us compete. I receive lots of email from system engineers in the U.S
trying to resolve issues and my suggestion often work for them.

Now, to the ultimate IT skill, programming. It is a very old IT skill. In fact, it makes
everything happen. The first programmer in the world is a lady called Ada Byron, her
work is the first intended algorithm to be processed by a machine. She foresaw the
ability of computers to go beyond mere calculation or number crunching. Everything you
see is some sort of codes, I mean programs, and I mean software. If the internet is a car,

20
then software is its engine. The business world has plenty to lose if software fails. When
software fails, millions of dollars are lost and sometimes people are killed. It is like this;
functions makes up commands, and commands makes up programs and programs finally
makes up software. Therefore, if you have a degree in software engineering, you should
be conversant with some programming skills like Java, C/C++, HTML, Perl etc.

Programming can be very difficult, but also very rewarding. It is the highest paying and
time consuming IT skill. I will never forget how happy I was when I compiled and ran
my first COBOL program in Zaria in 1996. I started programming in Dbase and now I
am into C/C++ to enhance my security skills. Now, how you go about your programming
career is the big issue you will have to deal with.

The major goal of any programming language is to bridge the gap between the
programmer's brain and the computer. Most of the popular languages you've probably
heard of, like C, C++, C#, and Java, are considered high-level languages, which means
that they're closer to human language than machine language. What I mean is that you
write source codes that looks like English, then you run it into a program that outputs 0s
and 1s that the CPU understands. It is important to note that you can program in high
level, middle level or lower level language. The High Level Language is a machine-
independent, sophisticated programming language that uses familiar English (or any
human language) like syntax. The lower level language as I said is a machine readable
language, while the middle level language can only call functions and it shares both
attributes of the higher and the lower level language. Compilers translate High Level
Language to machine readable language. Also, you can program with either object
oriented or non-object oriented program. What is an Object Oriented Program? Programs
are usually made up of objects. In a non object oriented program like FORTRAN which
is still in use today, the programs are executed in a highly procedural manner( step
by step) i.e from A to B to C to D and so on. In an Object Oriented Program the objects
can interact irrespective of hierarchy, one can get from A to D without passing through B
and D. The business world is object oriented. In Nigerian institutes of higher learning,
students of computer science begin with BASIC and FORTRAN. In the UK, students are
introduced to Pascal in their first year. All these languages teach you the basics of
programming that helps you understand how to think while programming in any
language. However, with line numbers, GOTO commands, etc, in these languages, it does
not encourage structured, modular programming like Perl, Python, and C.

Nowadays there are so many different choices in programming and some are more suited
to certain applications than others are. If you are doing mainly web stuff, PHP, Perl, ASP,
are some good tools for you. Perl, php and python mentioned above are scripting
languages and they can do the work of each other. Scripting languages are called
interpreted languages because they don’t need to be converted to 1s and 0s. Perl
(Practical Extraction and Report Language) is a general purpose programming
Language derived from C basically for text manipulation. It was created by a linguist
called Larry Wall who got the name Perl from the Gospel of Mathew in the new
testament in The Parable of Pearl. Scripting languages enable fast development,
though there is usually a performance penalty. Even within scripting languages we have

21
server side scripting languages like php, Perl and client side scripting languages like
JavaScript. In the past, our parents used old scripting languages like REXX, ISPF and
JCL.
REXX (REstructured eXtended eXecutor) is an interpreted programming language which
was developed at IBM. It is a structured high-level programming language which was
designed to be both easy to learn and easy to read. Both proprietary and open source
interpreters for REXX are available on a wide range of computing platforms, and
compilers are available for IBM mainframes (Wikipedia).

ISPF: In computing, Interactive System Productivity Facility (ISPF) is a software

product for the z/OS operating system that runs on IBM mainframes. It includes a screen
editor, the user interface of which was emulated by some microcomputer editors sold
commercially starting in the late 1980s, including SPFPC (Wikipedia).

Job Control Language (JCL) is a scripting language used on IBM mainframe operating
systems to instruct the system on how to run a batch job or start a subsystem. The term
"Job Control Language" can also be used generically to refer to all languages which
perform these functions, such as Burroughs' WFL and ICL's OCL(Wikipedia).

When venturing into programming, I always recommend C. It is about the best language
to learn how to program. In addition, it is incredibly powerful (the fact that almost all
exploits and low-level handling is written in C is a proof). Besides, you need to learn the
issues that come along with writing in a language like C. Perl and Python are great, but I
think they are too high level. They take away many of the important decisions. You do
not need to think about data-types too much. Therefore, Python will provide a quick
learning curve with real results for less time invested.

Python also has an ordered way of doing things, so it will teach discipline.
Python can be scaled for larger projects and has good community support. This means, it
will be a language that is versatile. Despite that, C is the choice because it appears
fundamental to many other languages and it is a lot more "pure" i.e. in handling memory
better. However, this is at the cost of the speed of development. Start with C and every
other thing is easy.

The argument of which programming language to start with or stick to is a never-ending

one; be it C, C++, java or Python. Python seems easy, powerful and well documented.
Python, PERL and PHP as I said earlier are the kind of languages that you can stick with
and play forever, making all kinds of useful apps and interfaces. The great thing is you
see fast results. Just as soon as you read a couple of pages describing the basic syntax,
rules and constructs, you are ready to go (by referring to the function list for whatever
you need of course). Mistakes often do not bring punishment and you need not to be

22
concerned with some of the behind-the-scenes stuffs, like the memory allocations etc. Of
course, let us not forget that some real developers bother with these to allow us to work
without them. That is the difference between C and scripting languages. With C, you get
to see things the way they actually work on your computer -better even, make them work
yourself, while in Python for instance you only mess with things that appear more
directly functional and practical. Depending on one's interests and needs, he might find
the extra control of C exciting.

If someone gets seriously involved with a powerful high-level language that provides the
wanted results with small effort, it is easy to get used to it. However, I still stick to my
recommendation - start directly with C, because other languages may spoil you enough to
stay away from C later on. Moreover, if you are a very ambitious person, then start with
C/C++. However, if you are the mere play code type, start with Perl. Perl is fun, and for
someone just starting to get their feet in programming, you are less likely to get
discouraged when some odd error keeps your first few programs from working. In
addition, it is hard not to stay interested when you go on CPAN and see a module that is
easy and fun and allows you to connect and use IRC. Even a beginner can boast of some
skill, and then you start learning because it is fun. Then, later you can move to C/C++.

Programming is like a chameleon that changes color in different environments.

Structured programming like C does not allow any bad habits and you have to learn how
to structure your programming properly. When you use a language that forces you to
structure your programs properly, once you have mastered it, it really does not matter
what language you wish to use after that, your programs will always be structured
correctly and thus much easier to write and design even large complex applications. You
also have to bear in mind what you are going to be creating applications for we are in the
.NET arena and Object Oriented so take your VB, C# (C sharp), C++, j# etc very
serious. I like the flexibility of VB and C sharp as they all run on .NET platform. VB is
very easy to learn, it is an event driven language. You can build an application in few
minutes with VB. What could take you a week to do in C++ could take you few
hours to do with VB. There are lots of forms embedded that you could just drag and
past. And then you can place scripts like python, Perl, php or JavaScript under the forms
so that when you click on the forms the scripts will run.

The .NET platform is a collection of technologies that allow Microsoft applications

and programs to work together. With the exception of Windows 95 the .NET
framework runs on all Win32 operating systems. The .NET platform is totally
standardized in the sense that you can write an XML application in Java and my C#
can read the XML generated. Before the .NET era the VB programmers where greatly
hindered compared to C++ programmers. The languages involved in the .NET
platform are: VB .NET, C#.NET, J#, ASP.NET, and even Cobol.NET, Pascal.NET etc.
All these Languages have the same access to the .NET class library i.e. mostly what
VB can do C# can also do. ASP.NET is a mixture of C#, HTML and server control
syntax for ASP. Visit msdn.microsoft.com/Netframework for more information.

23
Here are programming tracks using Microsoft platforms, you can Google the codes.

WEB developer
070 536 + 070 528 + 070 547 = Microsoft Certified Professional Developer

Windows Developer
070 532 + 070 526 + 070 548 = Microsoft Certified Professional Developer (Win Apps)

Enterprise Application Developer

070 529 + 070 536 + 070 526 + 070 528 + 070 549 = MCPD

Java was introduced in 1995, and .NET is Microsoft's response to the Java phenomenon.
Microsoft has jumped headlong into the mobile code fray with their .NET framework, as
.NET architecture has much in common with Java. One major difference is a smaller
emphasis on multiplatform support. However, Java introduced the world to mobile code
and modern network-centric software design. Java is also another good object oriented
programming that is platform independent. Java is an extremely powerful full -featured
object oriented language which is platform independent i.e It can be written in
Windows and run Unix. Just about any business application can be written in Java
which includes: database applications, games applications, web based applications,
mobile applications, server-side applications etc, but, I am afraid to say this –Java is
very difficult to learn. Java is free and can be downloaded from:

http://java.sun .com
http://www.java.com

The various flavors of Java technology are:

J2SE- Corel Desktop

J2EE- Enterprise/Server
J2ME- Mobil/Wireless
Java Card
Java Web Service

Also, Java language is written tightly to avoid malicious intent, because when you
have a java applet executed in an environment there is going to be what we call a
sandbox environment created, that is that applet is going to be restricted to the
resources within a certain limitation of that environment, unlike some other
programming languages that will allow control over a whole device once it is being
executed in a particular environment. C and C++ have out-of-date memory management

24
capability and technically speaking, C and C++ are "unsafe" languages because the
seething sea of bits can be referenced, manipulated, cast, and moved around by the
programmer with impunity. More advanced languages, including Java and C#, are "type
safe" and are for this reason much preferred from a security perspective.

Recommended learning paths for Java Certifications

Java Programming Fundamentals and Application Development

Learning Java with Minimal Experience - Sun Certified Java Associate

Java Programming for Professionals - Sun Certified Java Programmer
Java Application Development - Sun Certified Java Developer
Java Mobile Applications Development - Sun Certified Mobile Application Developer
JavaFX Development
Web 2.0 Technology

Enterprise Application Development with Java EE6

Sun Certified JavaServer Faces Developer

Sun Certified Servlet and JavaServer Pages (JSP) Developer
Sun Certified Java Persistence API (JPA) Developer
Sun Certified Enterprise JavaBeans (EJB) Developer
Sun Certified Web Services Developer

Enterprise Application Development with Java EE 5

Sun Certified Business Component Developer

Sun Certified Developer for Java Web Services
Sun Certified Web Component Developer
Enterprise Architecture

Enterprise Architecture - Sun Certified Enterprise Architect

Another important aspect of programming is called music programming. When

computers became prominent part of our lives, people try to make music with computers
using assembly languages, later on programmers started using FORTRAN which is
much more portable to create music. These days people use ChucK ( watch the spelling)
programming language to create music instead of assembly language. ChucK is a
concurrent, strongly timed audio programming language for real-time synthesis,
composition, and performance, which runs on Mac OS X, Linux, and Microsoft
Windows. It is designed to favor readability and flexibility for the programmer over other
considerations such as raw performance. Assembly language is a low-level programming
language used mostly in the early 1950s. It can be used to write viruses or device

25
drivers. Do you remember Atari games, Sega and Super Nintendo? Assembly language
was used to create their games.

We cannot just pick which is good or best programming language. Every programming
language got its own importance and benefits, so it depends upon the requirement and its
usability, functionality and robustness. You can stick to one or two for dynamism and
you are in business. These days, you can make as high as $500,000 for a custom built
software for a financial institution excluding training and cost of maintenance which is
usually charged per person-hour.

In addition, to be a good programmer all you need is a very curious mind, that is patient
and able to follow through on problems; just like practicing math or martial arts where
you discover something new that you are supposed to master and then you go around
practicing for quite sometime until you are good at it. What you need is interest, time and
the right environment. You could also attach your self with a programmer, but before
then, make sure you have studied one or two books on programming. Without knowing a
little in the programming world, you will be a pest to the programmer because you will
keep asking him irritating questions in every single world he/she says, and that could be
disgusting.

Administering database is another cash line these days. Almost every industry has a need
for databases and, developing countries are now fast collecting database to centralize data
in the country for important decision-making. Creation of these databases relies on
software, mainly developed by Oracle for large-scale databases, Microsoft SQL for web
based applications and Microsoft Access for smaller scale and custom applications. Jobs
in the database category include data architects, database administrators and information
systems managers. Certifications in this category include
Oracle Certified Associate (OCA), advancing to Oracle Certified Professional (OCP) to
the ultimate Oracle Certified Master (OCM)

It is one thing getting the certifications and another thing getting the experience. There is
no substitute for experience; the idea here is that we don t want people to be too crazy
about getting certifications at the expense of getting experience. Experience is something
you cannot buy you can study brain dumps to get some certifications in a couple of
weeks but the same is not applicable to experience. Usually, Knowledge + know how =
skill, and skill repeated repeatedly will result to expertise and now we are talking of
experience. IT is a “skills-crazy industry” that is why top IT firms in the world are
devaluing grades in order to focus more on personality, experience, and talent.
Remember, in job interviews, extra points will be given to candidates who made the
effort to pursue on-the-job work experience in IT before completing their education or
seeking entry-level positions. People who worked part-time jobs in school, participated in
internships, volunteered their IT expertise to nonprofit enterprises or worked on short-
term assignments. This shows that they have taken proactive steps to gain practical job

26
knowledge and enhance their marketability. Therefore, get some experience, certify, then
may be with any university degree, and the world before you. A university degree is
important because no matter what kind of job you are pursuing, some qualities will
always be in demand. It is more important than ever to exhibit strong communication and
leadership skills, as well as a proven ability to collaborate with others in a team.

Like I said, give yourself ample practical experience where possible. Volunteer for an
organization that needs someone with computer skills but cannot afford to pay them like
some NGOs. I am sure there will be many small organizations that need some kind of IT
person to help in some capacity or volunteer as an IT student in a cyber café where you
will help them with a lot of cleaning and running some errands just to get the experience.
You are going to find that experience and college education will get you the furthest in
your career, generally. The certifications displays you have a base knowledge, with say
CCNA, they will expect you to know how to configure and administer some basic Cisco
networks. Certifications can get your foot in the door these days, a friend of mine got his
A+, then was hired in a helpdesk type of position, promoted into network admin, got a
few more certifications and a university degree, and now has the experience and paper
that can get him a network admin job anywhere. Don’t forget to start building your
home lab gradually, you can buy well used Cisco switches and routers from EBay, and
then try anything you like. In addition, I am afraid to say this fact that it is not everyone
that is compatible IT skills; some people can only operate at the periphery while others
can graduate to being IT gurus. That feeling your conscience will tell you. As an IT
trainer, within the first few days of handling a batch, I could actually identify the IT guys.

Also, one existing reality stands out from the rest in IT. Making big money in IT depends
on you. I have two friends in IT, they first guy told me that he is moving from
programming to networking because he is not making money in programming, and the
second guy said he is moving from networking to programming because he is not
making money. I noticed a common denominator between these friends; you know what?
They were all not well positioned in their respective fields and as such, they failed to
perceive the opportunities around them. Just like in most professions in life, in IT you
have to think in a different way, you have to be creative , and you have to translate your
creativity into innovation to move into the cash line. Customer interaction is a very
crucial skill an IT tech can have. The ability to project confidence (not arrogance), and
know when to utilize the right resources to solve a given problem are two very important
qualities that don't seem to be taught in IT schools. You need to take your skills and
translate it into money, you need to tell business owners how they can minimize risk,
save money, increase employee efficiency with any technology you are recommending
because business owners need to keep the company profitable.

Conclusively, I will advise IT students to take it easy because the IT jobs will still be
there by the time they are through with their studies. Do not rush to be certified and then
start tampering with some company’s equipments like routers and switches, under-study
someone first, so that you do not get into trouble with expensive IT equipments. An
internet.com statistics state that on the average it takes 58 days to fill in a vacant
skilled IT job space, and that it’s most challenging to find IT professionals with

27
networking skills, such as cloud computing, Voice over Internet Protocol (VoIP), and
Software as a Service (SaaS).

Some of the hot-selling jobs in IT today are:

Network administration
IT security (Information System Security Managers)
Application Development and web development
System engineering
Database development
Helpdesk and desktop support.

The key sectors absorbing these specialists are:

Education
Healthcare
Financial services

Also, be careful when selecting IT training institute, some do not give you value for your
money. As with any field, there are good technical training schools, and bad ones. When
you sign up with one of these schools, you have made a significant investment in time
and money. Before you put down your hard-earned money, you deserve to know
everything about the school and your job prospects after leaving school. The problem is,
sometimes it is hard to know the right questions to ask, like:

How up-to-date are the courses they are offering?

Make sure the school you are going to attend has made efforts to keep their courses
relevant. Ask what changes have been made to their curriculum in the last three years. No
field changes faster than IT does. If the answer to that question is "none", look
somewhere else.

What are your job prospects and legitimate salary levels after you graduate from their
school?

What textbooks does the school use?

Some technical school chains use only books that someone in their organization wrote. If
you are looking into entering the IT field, you probably know someone who is already in
it. Use that resource for everything its worth. Ask that person what they think about the
books, or for that matter, what the local reputation of the school is. IT is a small world, if

28
the school has a good or bad reputation, most of the IT personnel in your city or town
probably know about it.

What is the state of their labs?

Most often when I travel for conferences, before lodging in a hotel I usually request to
see the rooms before paying. Therefore before enrolling with any IT institute make sure
you take a facility tour of their labs.

One of the most beneficial things for me has been talking with friends and co-workers
about the things you are learning. If you can find these two types of people, it will help
you; first, a friend who has the same interests as you that you can study with and bounce
ideas off, and second, a mentor who can validate your thoughts and teach you things you
cannot get from a textbook.

We are interested in how you feel about this eBook. Mail us at ahmedu2020@gmail.com

Buy other eBooks by same author

http://www.lulu.com/spotlight/onlysose

Internet Activities in Nigeria: ethics and best practice

http://www.easyebookz.org/page6.html

40 Questions Business Managers Should Ask Their IT Managers

http://www.easyebookz.org/page3.html

Google’s Most Magical tools Online

http://www.easyebookz.org/page5.html

Securing Your Online Transactions

http://easyebookz.org/page7.html

29
Copyright© 2010.

All rights reserved. No part of this eBook may be reproduced or transmitted in any form or by any means,
electronic or mechanical, including photocopying, recording, or by any information storage and retrieval
system, without written permission from the author, except for the inclusion of brief quotations in a review.

30