I have to strongly agree with ChrisG's point. Why condone the use of these "braindumps" by allowing the Q&A's to be posted here. I mean asking about concepts and seeking knowledge is one thing, but just trying to memorize answers, What does that accomplish?

The braindumps allow unqualified people to pass an exam that they cannot do the job for. They dillute our market with Paper Certified "Experts" and give everyone a bad name in the end.

You want to get your cert? Get the books, study, ACTUALLY LEARN the concepts, not just the answers and get your cert. If you are otherwise incapable or too lazy to do that, find another industry because Information Security isn't for you anyways... one of the KEY things that makes a good Security Professional is a passion for learning and the ability to learn things on your own.

I am adament about this topic as I have recently hired 2 "Paper Certified" Security Professionals who had CEH, CPTS and CISSP certifiications but unbeknowst had used braindumps to achieve their certifications and had lied on their resumes about experience. They waisted by time, my companies money and forced me to carry their load where they were not able. Once you have experienced something like that your opinion on the topic may change...

We've already been through this a million times. it's an old topic, but I agree with both of you.

Makes me wonder a little bit about your screening process, though; you didn't discover they were only paper before you hired them? Did you give them any kind of testing?

Great thread...

It is important to have difficult questions discussed and dissected, it helps both the question answeree and the answerer.  However, there is no reason why the questions cannot be altered enough to where it would be considered a unique item.

The idea behind posting questions should be to learn more and strengthen an area that your are deficient in.  With this thought in mind altering the question would only be an issue if it was the specific question you wanted the answer to and not a similar question, which still holds the spirit of the original question.

Thangvt that is such a great idea, maybe the eh.net community could generate questions and (once we reached a descent amount) Don could create a database that would ask these questions in a randomly generated format. This is obviously just in the brainstorming phase, but something definitely worth talking more about.