8/25/2011 -- Earlier this month (Aug. 15, to be precise), the four open-ended "Core Knowledge" questions have been removed from the CCIE Storage Networking Lab exam and the CCI Security Lab Exam. This allows the candidate to spend all eight hours on configuration and troubleshooting tasks.

Information on the CCIE exam topics and Cisco certification in general can be found here.

Certification Book Review: 'CompTIA Strata IT Fundamentals'
CompTIA created the Strata series of certifications as an interim step toward the "plus" series (A+, Network+, Security+ and so on). One of the most interesting is the Strata IT Fundamentals exam (FC0-U41).  While it is meant to serve as a certification that is not as in-depth as A+, it is anything but light on content. The following list of domains illustrates the gamut of material a candidate is expected to know:

• Technology and computer hardware basics
• Compatibility issues and common errors
• Software installation and functions
• Security
• Green IT and preventative maintenance

The CompTIA Strata IT Fundamentals All-in-One Exam Guide by Scott Jernigan and Mike Meyers (ISBN: 978-0-07-176022-5) covers all the material is about 500 pages and 18 chapters. The chapters are divided into five parts, and they don't align perfectly with the domains, but a quick glance at the titles gives you an idea of where they are going:

• The Simple PC
• Maintaining and Upgrading the Simple PC
• The Complex PC
• Networks of PCs
• Securing PCs

Not only is the content just right, but there are a plethora of figures and diagrams that speak to an audience preparing for this level of certification. Each chapter ends with a review and some well-written questions that mirror what a candidate will find on the actual exam. My hat is off to the authors on this one, who did a truly exceptional job.

IT Book Review: 'Social Engineering'
In Social Engineering: The Art of Human Hacking (ISBN: 978-0-470-63953-5), Christopher Hadnagy goes into great detail on ways in which the weakest link of any security system can be exploited. That weakness, of course, is the individual who holds the key to the data you are trying to obtain -- whether through their computer, phone or any of a multitude of other entities.

The nine chapters cover the full range of topics:

• A Look into the World of Social Engineering
• Information Gathering
• Elicitation
• Pretexting: How to Become Anyone
• Mind Tricks: Psychological Principles Used in Social Engineering
• Influence: The Power of Persuasion
• The Tools of the Social Engineer
• Case Studies: Dissecting the Social Engineer
• Prevention and Mitigation

Where the book shines is in not just discussing the topics, but in Chapter 7's inclusion of examples of the tools used and readily available. The weakest element, I thought, was the case studies. Much of the information there was interesting but too dependent on that circumstance to be applicable elsewhere. Overall, though, it is a great read and one that will keep you up at night worrying about just what might be going on that you are totally unaware of.