Dear XXXXXXXX,

After speaking with Mile2, about the government trying to add more certifications to 8570, I though this was an outstanding idea since it was sort of limited at this time and not job specific. At this time the 8570 can get my personnel up to the standards needed to basically do the job, but not to the skill level needed for their task. By adding some of the specialized certifications into the 8570 at different level this would make people work harder to become more focused in their task, such as Blue team members or Red team members for the Marine Corps Information Assurance Assessment Team.

In XXXXXX 2006 the CPTS course was taught to the Marine Corps Information Assurance Assessment Team and it was found to be a value-added skill set needed to accomplish our mission. The Marine Corps' current schools for Information Assurance Technician MOS 0689 does not offer any training like the CPTS course, so this would reinforce the need for this certification to be added to the DoDD 8570.1- M as Technical Level II and the CPTE as Technical Level III. We are already seeing the effects of commands using the 8570 as a tool to ensure properly trained personnel are assessing their networks. But we are also seeing contracting agencies and government agencies only training to what is written in the 8570.1-M and nothing else. This is going to hurt the IT sections that have specialized traits such as Information Assurances that do penetration testing and threat analysts work.

The Mile2 CPTS and CPTE surpasses the level of training provided by other certifications similar to it such as Foundstone and CEH (CNDA which they call it now), due to extensive hands on training that you receive. The CPTS / CPTE also teaches the methodology of how to perform an assessment from a penetration tester's standpoint. The CEH is out to training only to teach how to pass a test and how to use dangerous tools. I have taken both courses and have found this (CPTS) to be one of the most professional certification courses I have been to, comparable only to CISSP.

Being a former Marine Corps Data Chief and now a part of the Marine Corps Information Assurance Assessment Team I think that these two certifications would take vital role in training of our IA workforce. As Sun Tzu stated "Know your enemy".

Thank you for your time on this matter and I hope this information helps you in your studies of the 8570.

XXXXXXXX
Technical Lead
Marine Corps Information Assurance Assessment Team (MCIAAT)