I would have to say the answer is 4.

The TCP connection process isn't cumbersome SYN/SYNACK/ACK, thats it. Yeah its not a simple as UDP, but really its not "cumbersome" for an enduser in anyway.

Question 4 states bandwidth, however doesn't specifically say network bandwidth. While not completely generic you could interpret that in several ways. In the broadest sense, a given computer only has enough bandwidth to support so many half open connections before it can't take anymore. I would also tend to believe that network bandwidth is directly relevant, as an attacking computer with huge pipe, will overwhelm a target machine with smaller pipe very easily, even though it doesn't take that many packets to create a SYN flood condition.

For anybody who is a long time forensics examiner, what certs are the most valued in forensics. I currently have the GCFA and may attempt the ENCE after I take the training, however I've never heard of the CCE that they are doing the giveaway for. Could some please give a ranking of which ones they feel are the best or most valuable.

Thx

CERT has a very good set of training info freely available online

https://www.vte.cert.org/vtelibrary.html

I'm a big fan of Languard as well, the scan for missing patches functionality is great, however I hate one thing, how it always pops up the yypasswd thing for everyhost.

As far as Nessus, one thing I never liked about Nessus is that you had to set up the server and then run a seperate client. I've only used it on linux, does this newer version on windows still require that?

Listing every cert you have or have had is right up there with listing your home computer specs in your signature ...

Has anybody every taken this course and/or gotting the GREM certificate?
Just wondering if it is worthwhile or whether its just better to learn on your own? SANS is quite expensive and I would like to be able to justify it to management.

Just wondering if anybody knows if they audit people for experience? I know someone brand new to forensics who just got his EnCE without having ever done a real forensics investigation and with only a background in cutting and pasting firewall rules.

one thing I noticed about this search is that after the first few days of it being up or me seeing it, most the the links are now dead. I don't know if google is filtering these out or if what I happened to search for is no longer linked.

From what I've seen over the last 6mos, none of the root kit detectors like blacklight, rkr, icesword, etc are able to detect the latest rootkits because they are building specific anti-rootkit detection into the rootkits. Like it will recognize rkr's process and specifically hide it from that. So what rkr will do is randomize its process name to prevent this, but I think both sides will be one uping each other for quite some time.

I have a bunch of certs(CISSP,GCFA,CCNA,MCSE,HPCSA) and a college degree and haven't really been rewarded financially for any of them. The standard mgmt response after getting a cert is thats great, but were not giving you raise for that. I also have 8 years experience in IT and can only say that it helps dress up your resume.
For the most part, the predominant factor in landing a new job or getting a raise, would be a traditional two pronged method of ass kissing and networking. IMO giving management the perception that your doing a good job provides superior financial rewards versus actually working hard and producing results. Its really blows my mind how easily swayed most managers are by brown nosers. It makes me sick.
That being said, if your company happens to offer education reimbursement for getting a diploma, then you absolutely should take them up on this. Most people graduate college with 20K+ in debt, so this is a good opportunity to at least get "free" schooling part time. Most companies do make you pay them back, if you leave soon after. That is the only reason I'm pursuing a Masters degree in CompSci, because I know I won't really be rewarded for it, at least not at my current company. I guess the bottom line, is that you do gain knowledge out of getting a degree or pursuing certs, you just typicaly don't see any short term rewards out of them.