Re: Training & Certifications

[Harlan Carvey <keydet89 () yahoo com>]

> I'm not an authority on training as the only
> training I've had is SANS, but
> I can vouch for the quality it.  

Any particular instructors?  I find it hard to believe
that someone who is an instructor at SANS would
endorse tools like inzider.  But I do know other
instructors that are pretty darned good...Jennifer
Kolde, for example.

> ...when I see certain letters, I do pay closer
> attention.  

Which ones?

> I'll break the ice by starting with something
> facetious like "What is the
> first thing you do with a Windows box and the last
> thing you do with a *NIX
> box when you have trouble?" Answer: reboot. 

I agree that would be a good way to break the ice, but
from a professional standpoint, I don't think it's a
great idea.  In the real world, rebooting a Windows
box isn't the first thing you should be doing.  I
might be concerned that with such a question, that
might give the candidate an improper impression of how
the company conducts itself.

The rest of your questions are good ones to ask, but
again, for Robert, I really think it depends on what
sorts of services the company plans to offer.  

> For sysadmins, I ask easier, more system specific
> questions, but for
> security I ask broad, tough questions because of the
> requirements of the
> field. I have only had one person so far, answer all
> correctly.

Keep in mind, though, that depending upon the
questions, what's 'right' may be subjective.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html