| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: keydet89 at yahoo.com (Harlan Carvey) Subject: Training & Certifications > I'm not an authority on training as the only > training I've had is SANS, but > I can vouch for the quality it. Any particular instructors? I find it hard to believe that someone who is an instructor at SANS would endorse tools like inzider. But I do know other instructors that are pretty darned good...Jennifer Kolde, for example. > ...when I see certain letters, I do pay closer > attention. Which ones? > I'll break the ice by starting with something > facetious like "What is the > first thing you do with a Windows box and the last > thing you do with a *NIX > box when you have trouble?" Answer: reboot. I agree that would be a good way to break the ice, but from a professional standpoint, I don't think it's a great idea. In the real world, rebooting a Windows box isn't the first thing you should be doing. I might be concerned that with such a question, that might give the candidate an improper impression of how the company conducts itself. The rest of your questions are good ones to ask, but again, for Robert, I really think it depends on what sorts of services the company plans to offer. > For sysadmins, I ask easier, more system specific > questions, but for > security I ask broad, tough questions because of the > requirements of the > field. I have only had one person so far, answer all > correctly. Keep in mind, though, that depending upon the questions, what's 'right' may be subjective.
Powered by blists - more mailing lists