As Ed Tittel wrote in his tip,
Let's start with what employers are looking for. Bay Area hiring manager/engineer Jeffrey Pulliam says, "I like to see courses from preferred providers of the key certification sources, like Microsoft, SAIR, and GIAC. If I have a problem with someone with these certifications, I can give feedback to the organization that awarded it, as well as the institution that provided the training."
Basically, hiring managers want to see candidates take their training from institutions with proven track records. To find such institutions, it is important to remember that reliable training providers often establish relationships with the developers and vendors of the technologies they teach. Because of these relationships, students can usually find a dependable provider through the technology developer's Web site. A few examples are:
Microsoft's e-learning site provides a set of courses, several of which are on the MCSE and MCSA certification tracks.
This provider offers several distance-learning classes, only one online, which can be used to prepare for Linux certification.
ISC-squared is the provider for CISSP, the best known security certification on the market. They have two classes online.
SmartCertify is an accredited training provider and offers a number of self-study course, including a selection of free courses.
Brainbench has a fairly in depth selection of operating systems and security training, including significant online offerings.
If one of these providers does not fit a student's needs, there are other options out there. Exercising them, however, is akin to swimming in murky water. It can be hard to tell a quality, but less well known, training provider from one of the many scam schools available online. To effectively make this distinction, students must know some of the aspects involved in effective e-learning.
Robert McIntosh, founder of Covenant Solutions and consultant Microsoft trainer, lists the following as factors in an effective Web training process, in his article "The online alternative":
- Students should complete reading assignments and homework.
- Classes involve chat sessions where instructors review key concepts and allow student interaction.
- Students should have the ability to e-mail instructors with questions about course materials.
- Ideally, the training provider should have monitored chat rooms during specific hours for real time interactivity.
As the above bullet points suggest, McIntosh holds with the expert consensus that interactivity is a necessary aspect of good Web training. If a student can put his hands on something, or be allowed to make mistakes, he will retain his lesson more effectively. So, whether the course offers access to an instructor or not, a good online training course will allow students to work hands-on with either a simulation of the technology being taught or the technology itself. It is a good idea to avoid training that consists entirely of reading.
Mitch Crampton, technical training developer for Applied Materials, offers some additional criteria for telling the scams from the quality providers. He advises that students look for a test and for a guide to assist in note taking. The absences of these things are signals that the course is poorly designed. Further, Crampton advises that attention be paid to the presentation of the course. If the site is covered with bad grammar, spelling errors, HTML bugs, and sub par graphics, it is another sign that the course is poorly designed. After all, if the providers can't present them professionally, how beneficial will their courses be?
Once a provider has been chosen, prospective students must choose their courses well. Ultimately, the decision should depend on what kind of work students want to do, and therefore what certifications they need. As an example, security professionals should seek the following certifications:
- SANS GIAC GSCE
- SANS GIAC Security Specialist Certifications (GIAC tracks one through nine are offered online at www.sans.org.)
- (ISC)2 SSCP
- CISSP (classes covering the two most in-demand domains are offered online at www.isc2.org)
Pulliam suggests that system administrators stick with training necessary to obtain the better known certifications, such as:
- SAIR Tracks One and Two for Linux
- CompTIA Security+
The skills taught in these certification programs will cover almost everything a system administrator needs to do his job, and they will position the student well to advance in his field. While some skills within each program do overlap, most certification programs -- online or otherwise -- are focused on specific tasks.
It is easy to tell from even the most passing glance that there are a number of Web training options out there, and a great number of them are not worth the money. But with a little attention to detail, and a little forethought, a savvy student can avoid the scams, and make his Web training experience as easy as possible.
This was first published in July 2004