tech

Which I.T. Certifications Should You Get First?

A+, Network+, and Security+ are some of the best entry-level certifications for a career in IT! (Photo credit: Yu Hai)

A+, Network+, and Security+ are some of the best entry-level certifications for a career in IT! (Photo credit: Yu Hai)

One of the most exciting things about a career in IT is the sheer amount of opportunities for advancement. Depending on your interests, you can find a job doing just about anything with computers. To prove your level of knowledge to potential employers, certifications can be very useful. With so many certifications out there, it can be difficult to know where to start. Here is some information that might help:

CompTIA A+

The A+ certification shows that you understand the fundamentals of IT.

The A+ certification shows that you understand the fundamentals of IT.

Establishing a career in IT often starts by studying for and obtaining the CompTIA A+ certification. “CompTIA A+ certified professionals are proven problem solvers. They support today’s core technologies from security to cloud to data management and more” (CompTIA website). CompTIA lists the objectives for A+ qualified individuals as having the ability to:

  • Demonstrate baseline security skills for IT support professionals

  • Configure device operating systems, including Windows, Mac, Linux, Chrome OS, Android and iOS and administer client-based as well as cloud-based (SaaS) software

  • Troubleshoot and problem solve core service and support challenges while applying best practices for documentation, change management, and scripting

  • Support basic IT infrastructure and networking

  • Configure and support PC, mobile and IoT device hardware

  • Implement basic data backup and recovery methods and apply data storage and management best practices

CompTIA Network+

Network+ is a good foundational certification for any career in IT.

Network+ is a good foundational certification for any career in IT.

“CompTIA Network+ helps develop a career in IT infrastructure covering troubleshooting, configuring, and managing networks” (CompTIA website). Network+ qualified individuals should be able to:

  • Design and implement functional networks

  • Configure, manage, and maintain essential network devices

  • Use devices such as switches and routers to segment network traffic and create resilient networks

  • Identify benefits and drawbacks of existing network configurations

  • Implement network security, standards, and protocols

  • Troubleshoot network problems

  • Support the creation of virtualized networks

CompTIA Security+

Security+ is a great entry-level certification for those who want a career in cybersecurity!

Security+ is a great entry-level certification for those who want a career in cybersecurity!

“CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career” (CompTIA website) CompTIA describes the following objectives for Security+ individuals:

  • Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions

  • Monitor and secure hybrid environments, including cloud, mobile, and IoT

  • Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance

  • Identify, analyze, and respond to security events and incidents

“The CompTIA Triad”

Obtaining all three of the above certifications can make you very marketable to prospective employers.

Obtaining all three of the above certifications can make you very marketable to prospective employers.

As far as certifications go, starting with A+, Network+, and Security+ can be a good idea for many individuals. These foundational certifications are known as “The CompTIA Triad,” and along with other things, can help you land that first job in IT. While it is not required to get all three (or even one for some jobs), many employers screen applicants based on whether or not they have one or all of these certifications. The best thing you can do is look for IT jobs in your area that you are interested in, and see for yourself which certifications are the most requested near you.

Once you have chosen the certification(s) you want to earn, it is time to start studying. Good luck!

What is Buffer Overflow?

A buffer overflow can allow hackers to access your system in unexpected ways. (Photo credit: Lars Kienle)

A buffer overflow can allow hackers to access your system in unexpected ways. (Photo credit: Lars Kienle)

A buffer overflow is an exploit used by a hacker to force a system to perform actions not intended by the programmers. To understand this concept, we first need to understand what a buffer is.

A buffer is a place where data is stored. A common example of this would be a login/password text box on a website. For our purposes, let’s assume that the text box is expecting a password of 12 characters or less. If a malicious hacker can input a formula that the programmer didn’t account for that could result in many more than 12 characters being entered into that text box, those extra characters would spill over into the surrounding memory, causing unintended side effects. This type of exploit can be used by the bad guys to gain access to hidden information on the system which could compromise and even change the operations of that computer/server. Without the proper controls in place, the extra information (overflow) is inserted into the computer memory, causing the computer to blindly run new instructions.

The simplest method for preventing buffer overflows is to use a programming language that does not allow for them. While C allows for buffer overflows, other languages such as Java, Python, and .NET do not require special changes.

Buffer overflows can represent a serious vulnerability to your systems. It is important to check your code for these vulnerabilities and ensure that you are mitigating risk from these types of attacks!