Gary McGraw wrote...

> Way back on May 9, 2007 I wrote my thoughts about
> certifications like these down.  The article, called
> "Certifiable" was published by darkreading:

I just reread your Dark Reading post and I must say I agree with it
almost 100%. The only part where I disagree with it is where you wrote:

        The multiple choice test itself is one of the problems. I
        have discussed the idea of using multiple choice to
        discriminate knowledgeable developers from clueless
        developers (like the SANS test does) with many professors
        of computer science. Not one of them thought it was possible.

I do think it is possible to separate the clueful from the clueless
using multiple choice if you "cheat". Here's how you do it. You write
up your question and then list 4 or 5 INCORRECT answers and NO CORRECT

The clueless ones are the ones who just answer the question with one of
the possible choices. The clueful ones are the ones who come up and argue
with you that there is no correct answer listed. ;-)

Kevin W. Wall           Qwest Information Technology, Inc.    Phone: 614.215.4788
"It is practically impossible to teach good programming to students
 that have had a prior exposure to BASIC: as potential programmers
 they are mentally mutilated beyond hope of regeneration"
    - Edsger Dijkstra, How do we tell truths that matter?

This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful.  If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.

Secure Coding mailing list (SC-L)
List information, subscriptions, etc -
List charter available at -
SC-L is hosted and moderated by KRvW Associates, LLC (
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at:

Reply via email to