Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: certification of skill

From: Paul Robertson <proberts () patriot net>
Date: Wed, 13 Feb 2002 18:31:41 -0500 (EST)
On Wed, 13 Feb 2002, Chad Schieken wrote:


I recently tested for this. I must say that the thing that impressed me
most by the test was the "common sense" behind most of the questions was
excellent. For an "associate" or mid-level colleague it's exactly the set
of basics I'd want them to subscribe to.


[Note: This is not an official response, it's my own personal
response[1][2]]

Thanks, that's _exactly_ the goal we were aiming for.



The thing that impressed me least were some questions about what would or
would not be legally required in certain situations. Given the various
jurisdictions through-out the US and the world, I can't see how there is a
single "best" answers, besides 'go ask a lawyer'.


We aimed for do least harm, tell most people stuff to cover what issues we
could.  The answers seemed appropriate for most jurisdictions, but we
probably should review those questions specifically.  We cover privacy
issues, so that's where it was probably most apparent, and we didn't want
to ignore that issue or try to have jurisdictional centric tests.


Also with no obvious feedback mechanism, I'm not certain how they plan to
improve the test. To compare it the CISSP certification process, the CISSP
does allow you to "challenge" test items but my memory of the process is
lacking (maybe someone could chime in), and you can submit new or updated


The feedback mechanism is primarily based on analysis of answers by the
test administration company, but I'd be happy to bring up the possibility of
another mechansim.


test questions.  Also the test incorporates some number of "beta" questions
if I'm not mistaken.


The original test takers were offered the beta exam (no longer in beta),
which included a lot more questions than the final test incorporates.  The
beta was used to weed out questions that were too easy, too difficult,
wrong, or questionable.  We went through the beta feedback (which was
given by a significant number of beta testers) and the data and "fixed" the
exams.  That'll be a continuing process.  Folks who would have passed
after the bad questions were weeded out were awarded certification.

I'd be happy to discuss this more off-list, as this is vendor-centric (I
thought about flaming Fred about that ;) )

Paul
[1] TruSecure is my current employer
[2] I'm on the certification oversight board
[3] There is no [3]
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: