This information is also available as a PDF download.
There are hundreds of tech certification programs and exams out there, some sponsored by software vendors, some by vendor-neutral organizations, and some by educational institutions. A number of them are easy to obtain — as evidenced by the many IT pros who list a three-line string of acronyms after their names. You pay your money and you take a multiple-choice test; if you pass, you're in.
Others are excruciatingly difficult: Cost is high; eligibility to even take the exam is dependent on having years of experience, formal education, and/or sponsorship from others who already hold the title; and the exams are grueling, multi-day affairs that require hands-on performance of relevant tasks. Most are somewhere in between.
But which certifications really provide a measure of your knowledge and skills in a particular area? And which will really help you get a job or promotion? Here's a look at 10 of the technical certifications that actually mean something in today's IT job market.
The Microsoft Certified Systems Engineer (MCSE) certification suffered a bad reputation several years back when numerous people were memorizing the answers to exam questions from "brain dumps" posted by test-takers on the Internet and obtaining the certification without any real understanding of the technology.
Microsoft responded by replacing the knowledge-based multiple-choice questions with a variety of performance-related scenario questions that make it much more difficult to cheat. The difficulty level of the questions was escalated, and the number of exams required to obtain the certification was increased to seven.
The MCSE has consequently regained respect in many corners of the IT community and is a useful certification for demonstrating your expertise in Microsoft server products.
In addition to making the MCSE exams more difficult, Microsoft has created many new certifications. The Microsoft Certified Architect (MCA) is the premiere Microsoft certification, designed to identify top experts in the industry. To obtain the MCA, you must have at least three years of advanced IT architecture experience, and you have to pass a rigorous review board conducted by a panel of experts.
There are a number of MCA programs. The infrastructure and solutions MCA certifications cover broad architecture skills, but there are also more technology-specific programs for messaging and database skills. There are currently fewer than 100 MCAs in the world, making this an elite certification.
The Cisco Certified Internetwork Expert (CCIE) is widely recognized as one of the most difficult to obtain (and expensive) IT certifications. Like the MCSE/MCA, it's a vendor-sponsored certification, focusing on Cisco's products.
The CCIE requires that you pass both a written exam and a hands-on lab. To sit for the written exam, you must pay $300 and choose from one of several tracks: Routing and Switching, Security, Storage Networking, Voice, and Service Provider.
You must pass the written exam before you're eligible to take the lab exam. This is an eight-hour hands-on test of your ability to configure and troubleshoot Cisco networking equipment and software. The lab exams cost $1,250 each. This does not, of course, include travel expenses that may be necessary since the labs are conducted only in certain locations.
As if all that weren't enough, you don't get to rest on your laurels after obtaining the certification. CCIEs must recertify every two years or the certification is suspended.
Another Cisco exam that's popular with employers in today's security-conscious business world is the Cisco Certified Security Professional (CCSP). It focuses on skills related to securing networks that run Cisco routers and other equipment.
You're required to pass five written exams and must recertify every three years by passing one current exam. Before you can take the CCSP exams, you must meet the prerequisites by obtaining one of Cisco's lower-level certifications, either the Cisco Certified Network Associate (CCNA) or the Cisco Certified Internetwork Specialist (CCIP).
Security certifications confer some of the highest-paying jobs in IT today, and one of the most well-respected non-vendor specific security certifications is the Certified Information Systems Security Professional (CISSP). The organization that grants the CISSP is the (ISC)2, which was founded in 1989 and has issued certifications to more than 50,000 IT professionals.
Exam candidates must have at least four years of direct full-time work experience as a security professional. One year of experience can be waived if you have a four-year or graduate degree in information security from an approved institution. Another unique feature of the CISSP is that you must subscribe to the (ISC)2 code of ethics to take the exam.
Exam fees vary based on geographic region. In the United States, standard registration is $599 ($499 for early registration). You must recertify every three years by obtaining at least 120 hours of continuing professional education, and you must pay a yearly fee of $85 to maintain the certification. The exam is a six-hour test consisting of 250 multiple-choice questions.
For those who can't meet the rigorous experience requirements to sit for the CISSP, the (ISC)2 also offers the Systems Security Certified Practitioner (SSCP) certification. SSCP candidates need have only one year of direct full-time security work experience. The exam consists of 125 multiple-choice questions, and you have three hours to complete it.
Those who pass the written exam must be endorsed by someone who holds a current (ISC)2 certification and will attest to the candidate's professional experience or by an officer of the corporation or organization that employs you (owner, CEO, managing partner, CIO, etc.). As with the CISSP, you must recertify every three years by submitting proof of continuing education credits and paying an annual maintenance fee.
Another popular and well-regarded security certification is the GIAC Security Expert (GSE), offered by the SANS Software Security Institute. Before you can attempt the GSE, you must complete three lower-level certifications: GIAC Security Essentials Certification (GSEC), GIAC Certified Intrusion Analyst (GCIA), and GIAC Certified Incident Handler (GCIH).
The lower-level certifications require passing multiple-choice exams, and at least two of the three certifications must be at the "Gold" level, which requires that in addition to the written exam, you submit a technical report that's approved to be published in the SANS Reading Room. A personal interview is also part of the GSE qualification process.
Pricing depends on whether you take the exam as part of SANS self-study or conference training programs or challenge the exam. Without the training, each lower-level exam costs $899.
Many companies are looking to save money by switching to Linux-based servers, but they need personnel who are trained to design, deploy, and administer Linux networks. There are a number of Linux certifications out there, but the Red Hat Certified Engineer (RHCE) certification has been around since 1999 and is well respected in the industry.
The exam is performance-based. You're required to perform actual network installation, configuration, troubleshooting, and administration tasks on a live system. You have a full day (9:00 a.m. to 5:00 p.m.) to complete it. The cost is $749.
The Red Hat Certified Architect (RHCA) is an advanced certification that requires completion of five endorsement exams, each of which costs $749 and range from two to eight hours. Like the RHCE exam, they are hands-on skills tests. You must have the RHCE certification to take the RHCA exams.
For those who aspire to management positions in IT services, the Information Technology Infrastructure Library (ITIL) certifications provide demonstration of knowledge and skills involved in that discipline. There are three certification levels: Foundation, Practitioner, and Manager.
The Manager level certification requires completion of a rigorous two-week training program, and you must have the Foundation certification and five years of IT management experience. Then, you must pass two three-hour exams consisting of essay questions.
#10: Certifications for special situations
Many specialist exams are available in IT subcategories that can be helpful to those who want to specialize in those areas. Some of these include:
- Health Insurance Portability and Accountability Act (HIPAA) compliance certification
- Sarbanes-Oxley (SOX) compliance certification
- Database administration certification
- Wireless networking certifications
- Voice over IP certifications
In addition, for those who have little or no experience in IT, entry-level certifications such as those offered by CompTIA may help you get a foot in the door as you start your IT career.
Debra Littlejohn Shinder, MCSE, MVP is a technology consultant, trainer, and writer who has authored a number of books on computer operating systems, networking, and security. Deb is a tech editor, developmental editor, and contributor to over 20 additional books on subjects such as the Windows 2000 and Windows 2003 MCSE exams, CompTIA Security+ exam, and TruSecure's ICSA certification.