RE: CISSP Question

["Craig Wright" <Craig.Wright () bdo com au>]

Here is the operative word, "play".

Tell me how you simulate an OSPF backbone at home? How do you do random
load? ACL testing across multiple zones? Authentication from disparate
sources? Multiple VPN's? Switching interactions and VLANs?

Maybe it is that I am again not looking at the generalised mean of small
business - 20 people, 1 location and a poorly configured Internet
router, but than this is not what I would be looking to hire for either.


But you have hit the proverbial nail on the head. This is one of the
segregations in this discourse. Playing to learn and learning through
playing. I personally do not know if it is actually worth the time in
reskilling somebody who has played to learn at home to be effective in
managing by the rules.

I am sure not every one is this way and I apologise in advance to any
reader on the list if you feel that I have impugned you throughout this
statement. I will state that those staff members I have had in the past
(without a single exception) who have solely learnt through playing have
been the worst hires I have made.

There is a decided distinction between learning and becoming educated
and than applying knowledge at home or away from work and buying a
router to play with.

Not a one has ever decided that the documented method was acceptable.
This is not always the book, but rather the organisational method. I
have no issues in change, in fact I promote change at all possible
occasion. It just has to be managed. This is what I have through
personal analogy found to be lacking and the effort to remove the bad
habits and instil those that follow a plan are costly. Both in time and
effect in the interim.

Regards,
Craig



Craig Wright
Manager of Information Systems

Direct +61 2 9286 5497
Craig.Wright () bdo com au
+61 417 683 914

BDO Kendalls (NSW)
Level 19, 2 Market Street Sydney NSW 2000
GPO BOX 2551 Sydney NSW 2001
Fax +61 2 9993 9497
www.bdo.com.au

Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within 
those States and Territories of Australia where such legislation exists.

The information in this email and any attachments is confidential.  If you are not the named addressee you must not 
read, print, copy, distribute, or use in any way this transmission or any information it contains.  If you have 
received this message in error, please notify the sender by return email, destroy all copies and delete it from your 
system. 

Any views expressed in this message are those of the individual sender and not necessarily endorsed by BDO Kendalls.  
You may not rely on this message as advice unless subsequently confirmed by fax or letter signed by a Partner or 
Director of BDO Kendalls.  It is your responsibility to scan this communication and any files attached for computer 
viruses and other defects.  BDO Kendalls does not accept liability for any loss or damage however caused which may 
result from this communication or any files attached.  A full version of the BDO Kendalls disclaimer, and our Privacy 
statement, can be found on the BDO Kendalls website at http://www.bdo.com.au or by emailing administrator () bdo com au.

BDO Kendalls is a national association of separate partnerships and entities.

-----Original Message-----

From: April Carson [mailto:ACarson () HNTB com] 
Sent: Friday, 11 May 2007 6:55 AM
To: Craig Wright; david.a.harley () gmail com; Simmons, James; Yousef Syed
Cc: security-basics () securityfocus com
Subject: RE: CISSP Question

Ugghhh I tired packet Tracer 3.2 and 4.0 and found it annoying. I just
went out and got my own Cisco router and am much happier. Of course I
also get to play in works data center now and again.

-----Original Message-----
From: Craig Wright [mailto:Craig.Wright () bdo com au] 
Sent: Thursday, May 10, 2007 2:23 PM
To: April Carson; david.a.harley () gmail com; Simmons, James; Yousef Syed
Cc: security-basics () securityfocus com
Subject: RE: CISSP Question

Buying a router for home practice would lower your chances if I am in
the Interview.
 
First, we have the economics. A router simulator (such as Boson) is less
expensive and offers just as much and also maps to Cisco (and other)
exams and tutorials. Thus there is a manner of testing the skills. Thus
you have not demonstrated a good financial knowledge and thus are less
likely to make well informed project decisions.
 
Next a home router is limited to the extreme. It is a single router,
OSPF, VRRP etc are not generally feasible. There is no way to learn and
understand on a simple home router. You are unlikely to wipe and start
again as often. I could go on.
 
A simulator does far more. So this would be the proverbial next the
minute you decide to mention it.
 
Regards,
Craig