Certification Corner

Today I began what I hope will be the beginning of a very successful IT certification discussion group with where I am employed, expressing this.

This is a discussion group for anyone who has/is/or will be achieving a professional technical certification. Topics as to which certifications are viewed as popular, beneficial, good to learn, and which ones really matter. Maybe even, with permission, an area to pass along old books to new students. In an always evolving arena of new products and changes, having a good arsenal of skills is rarely a negative thing.

Namecheap.com - Cheap domain name registration, renewal and transfers - Free SSL Certificates - Web Hosting

Malware

Definitions of commonly used Malware terms (adapted from Wikipedia articles):

 
Adware: software with advertising functions integrated into or bundled with a program.

  
Antivirus: software that attempts to identify, neutralize or eliminate malicious software.

 
Backdoor: a hidden method for bypassing normal computer authentication systems.

  
Downloader: software that downloads and runs another software, usually a Malware.

 
Dropper: software that installs a Malware without being infectious itself.

  
Malware: any malicious software, eg: viruses, trojan horses, worms, etc.

  
Rootkit: a program (or combination of several programs) designed to take fundamental control (in Unix terms “root” access, in Windows terms “Administrator” access) of a computer system, without authorization by the system’s owners and legitimate managers.

  
SPAM: unsolicited junk e-mail.

 
Spamtrap: an e-mail address that is created not for communication, but rather to lure spam. In order to prevent legitimate email from being invited, the e-mail address will typically only be published in a location hidden from view such that an automated e-mail address harvester (used by spammers) can find the email address, but no sender would be encouraged to send messages to the email address for any legitimate purpose.

  
Spyware: software that is installed surreptitiously on a computer to intercept or take partial control over the user’s interaction with the computer, without the user’s informed consent.

Trojan: software which appears to perform a certain action but in fact performs another. Contrary to popular belief, this action, usually encoded in a hidden payload, may or may not be acutely malicious, but Trojan horses are notorious today for their use in the installation of backdoor programs.

Virus: computer program that can copy itself and infect a computer without permission or knowledge of the user. However, the term “virus” is commonly used, albeit erroneously, to refer to many different types of malware programs. The original virus may modify the copies, or the copies may modify themselves, as occurs in a metamorphic virus.

Worm: malicious programs that copy themselves from system to system, rather than infiltrating legitimate files.

Update 4-28-11: I plan to include a list of familiar names to go with the definition type in the near future as some malware names are not easily distinguishable

Certifications and Skills

Microsoft Certifications

Comptia A+ Certification

Comptia Security+ Certification

Certified Ethical Hacker v8.0 Attendance

Certified Ethical Hacker v8.0 Completion

Project Management Certification 1

Project Management Certification 2 – Beyond the Basics

Project Management Essentials Certificate, University of Nevada, Reno

Memberships, affiliations and training:

InfraGard – A partnership between the FBI and the private sector.
Cisco Networking Academy and Alumni Member
Comptia IT Pro community – No Longer Around
Computer Security Institute – No Longer Around

  • Performing Network Vulnerability Assessments
  • Hand-On Wireless Security
  • Disaster Planning and Recovery
  • IT Professional’s Desktop Control
  • Social Engineering prevention
  • IT Security training with NSA, CIA and FBI involvement
  • Ethical Hacking
  • Reverse Engineering
  • ITILv3 Foundation
  • HIPAA Security Officer
  • More to be listed

 

Social Engineering prevention

Social engineering is the act of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques.[1] While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim. This information was used from http://en.wikipedia.org