Kevin Flanagan wrote:
I took the Security Essentials class last summer, how useful you find
it would depend greatly on your experience. I have had many years of
experience as a systems admin, engineer, etc. I found the class a
complete waste of time. However, if you don't have loads of
experience, and are trying to break ground with HR filters etc, then
it may do you well.
I agree: the GSEC course has been a problem child for a long time. It
frequently appeals to management-types who want to understand general
security problems and concepts a little better, although I have heard
from some that instructor quality on it can vary. It depends on how much
technical and security experience you've had: the more you've had, the
more redundant that class will be. I found the Unix and IDS curricula
more useful, although I have a higher tolerance for redundancy than some.
When test time came, a few weeks after class, I was even more
annoyed. I don't see the value in seeing if I can memorize, or look
up the parameters that you pass to NMAP. If the questions were more
oriented towards, "Under what circumstances would you use NMAP, and
what kind of output would you expect to get?", then I would see the
value. Hopefully we all know about man or /?, mailing lists, etc.
This has been a recurring point of discussion on the advisory boards for
the certifications. The problem boils down to how to grade exams: it's
expensive to pay people to grade exams, but machines have a *lot* of
trouble grading questions like the one you pose above. I still feel like
the exams are too heavily slanted towards questions of the "what flags
would produce this effect" type, but I've made my opinions known to them
on that point more than once.
--Jos
--
TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
