RE: [inbox] Re: [Full-Disclosure] Training & Certifications
From: Curt Purdy (purdy_at_tecman.com)
To: "'Robert Repp'" <email@example.com>, <firstname.lastname@example.org>, <email@example.com> Date: Sat, 3 Apr 2004 07:34:35 -0600
Robert Repp wrote:
> I'd like to be able to point out a credible
> authority whose
> training informs our work.
> I agree that the
> right people and
> skillset is much more important than simply having the right
> certs on the
> lobby wall. Side question: Is there a reliable test you favor when
> interviewing new techs about network administration?
I'm not an authority on training as the only training I've had is SANS, but
I can vouch for the quality it. My hat size was two sizes bigger when I got
out of there ;)
But I can talk about hiring qualified people for both sysadmin and security
work. Although a bunch of letters behind the name don't mean everything
(even if they are PHD), when I see certain letters, I do pay closer
attention. But when it comes to a decision, I usually make it from a 15
minute interview where I ask a series of 5-10 increasingly difficult
I'll break the ice by starting with something facetious like "What is the
first thing you do with a Windows box and the last thing you do with a *NIX
box when you have trouble?" Answer: reboot. Then I'll go with something like
"How do you see what ports are open and to whom on a Windows box?" Progress
to "What is a tcp/ip 3-way handshake?", and "How do you disable remote root
access on a *NIX box?", and culminate with something like "What is a regular
For sysadmins, I ask easier, more system specific questions, but for
security I ask broad, tough questions because of the requirements of the
field. I have only had one person so far, answer all correctly.
Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke
Full-Disclosure - We believe in it.