Dana Epp wrote: > Not sure that would work either though. Dana,
My comment was meant tongue-in-cheek. Guess I used the wrong emoticon. Figured that ';-)' would work 'cuz I never can remember the one for "tongue-in-cheek". I've seen several variations of the latter... :-? :-Q :-J -) Take your pick. Good in depth analysis though. Seriously. And I agree with you completely. In my experience as an adjunct faculty member teaching a master's level Computer Security course (based in part on the McGraw/Viega book as well as Ross Anderson's _Security Engineering_) for 6 yrs, I came to the conclusion that multiple guess (as I call them) alone only proves how well someone memorizes something, at best, or how clueless people are (if they get incorrect answers) at worst. I would argue that most of academia it is unsuited for discerning cluefulness the the real world. Over the course of 30+ yrs in IT (yes, I am an old fart!), I've seen all too many people that exceled in academia but were miserable disappointments in industry. In fact, to that end, quality guru Demming is rumored to have said about (then) AT&T Bell Labs: "Bell Labs only hires the top 10% of graduatesc...and they deserve what they get!" There is no substitute for real experience. -kevin --- Kevin W. Wall Qwest Information Technology, Inc. kevin.w...@qwest.com Phone: 614.215.4788 "It is practically impossible to teach good programming to students that have had a prior exposure to BASIC: as potential programmers they are mentally mutilated beyond hope of regeneration" - Edsger Dijkstra, How do we tell truths that matter? http://www.cs.utexas.edu/~EWD/transcriptions/EWD04xx/EWD498.html This communication is the property of Qwest and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________