Need Everyone's Feedback!!

[divine]

I have to strongly agree with ChrisG's point. Why condone the use of these "braindumps" by allowing the Q&A's to be posted here. I mean asking about concepts and seeking knowledge is one thing, but just trying to memorize answers, What does that accomplish?

The braindumps allow unqualified people to pass an exam that they cannot do the job for. They dillute our market with Paper Certified "Experts" and give everyone a bad name in the end.

You want to get your cert? Get the books, study, ACTUALLY LEARN the concepts, not just the answers and get your cert. If you are otherwise incapable or too lazy to do that, find another industry because Information Security isn't for you anyways... one of the KEY things that makes a good Security Professional is a passion for learning and the ability to learn things on your own.

I am adament about this topic as I have recently hired 2 "Paper Certified" Security Professionals who had CEH, CPTS and CISSP certifiications but unbeknowst had used braindumps to achieve their certifications and had lied on their resumes about experience. They waisted by time, my companies money and forced me to carry their load where they were not able. Once you have experienced something like that your opinion on the topic may change...

[boney]

I strongly agree with divine's point ...
The no. of script kiddies is increasing and ugly, illeterate people are getting high end certifications.
Regarding discussing questions, its ok as far as guys dont just mugup the questions.
As discussed by somebody before that this is a place to educate everybody about the golden era called Internet Security.
And I would regret if EH-Net comes into any trouble due to legal issues regarding the questions or any content.
And if we get people in this field those are certified with little or no knowledge at all, it'll be embarassing.
The world around, has a great respect for ethical hackers, and if people like these start coming to this industry, its gonna be a heck !
When I passed my CEH cert in 2005, I thought that I'll be able to make it big in Info Security industry, however when I started working with some real geeks, I came to know that its practical knowledge is what counts. Not certifications.
Anyways its all about knowledge and understanding.

[Oyle]

We've already been through this a million times. it's an old topic, but I agree with both of you.

Makes me wonder a little bit about your screening process, though; you didn't discover they were only paper before you hired them? Did you give them any kind of testing?

[Thangvt]

I think this forum about E-H.So, the Administrator can create some contest about Ethical Hacker to assess member.May be a week or two week we can do a test.It also help for everyone to preparing for CEH. and open knowledge.

havefun!

[RichM]

Great thread...

It is important to have difficult questions discussed and dissected, it helps both the question answeree and the answerer.  However, there is no reason why the questions cannot be altered enough to where it would be considered a unique item.

The idea behind posting questions should be to learn more and strengthen an area that your are deficient in.  With this thought in mind altering the question would only be an issue if it was the specific question you wanted the answer to and not a similar question, which still holds the spirit of the original question.

Thangvt that is such a great idea, maybe the eh.net community could generate questions and (once we reached a descent amount) Don could create a database that would ask these questions in a randomly generated format. This is obviously just in the brainstorming phase, but something definitely worth talking more about.

[Asoka22]

I strongly agree to these pointz ...
1. The no. of script kiddies is increasing and ugly, illiterate people are getting high end certifications.
2. Regarding discussing questions, its OK as far as guys don't just mug-up the questions.
3. The practical knowledge is what really counts. Not certifications. Certification is only purpose of securing to high-level jobs.

As discussed by somebody before that this is a place to educate everybody about the golden era called Internet Security.
And I would regret if EH-Net comes into any trouble due to legal issues regarding the questions or any content.
And if we get people in this field those are certified with little or no knowledge at all, it'll be embarrassing.
The world around, has a great respect for ethical hackers, and if people like these start coming to this industry, its gonna be a heck !

[tylerver]

This site has been amazing so far with the amount of OPINIONS you can find. And if anyone comes to a forum to find answers for a test, obviously missed large parts of school where they said even WIKI is NOT a source for tests or papers. If you want an opinion, come here. If you want an answer to a test question, read the study guide.

[Jamie.R]

I think when it comes to asking exam question on this site I think its one of them question where your 50/50 on it.

We all sometimes need help but its getting help without giving the answer or revealing too much about the exam so I think it really depends on how the questioned is asked and how much research the person has done before asking the question.

[r2s]

I think when it comes to asking exam question on this site I think its one of them question where your 50/50 on it.

We all sometimes need help but its getting help without giving the answer or revealing too much about the exam so I think it really depends on how the questioned is asked and how much research the person has done before asking the question.

+1

I agree as long as the "answering" of the question doesn't violate the potential NDA served to the respondee post taking said exam (assuming the person answering actually took 'x' exam).

[Jamie.R]

I think brain dumps are a really bad idea. There is no point to them at all yes you may get a cert from it but whats the point if you cant apply what you have learned. Personally I don't like exams unless they are pratical.

[Andrew Waite]

Answering Don's question direct:

I don't like brain-dump, learning to the exam type activity, but at the same time:

• Those that purely study to pass the exam aren't doing themselves any favours and will quickly get passed by in the industry if they don't learn beyond passing the cert
• Certifications that can be passed purely by brain-dump are intrinsically of less value that those that require more indepth testing and/or practical portions
• Businesses that can't identify paper tigers through either the interview or procurement processes will have issues regardless of what we do as a site.
• Typically members getting involved in these sorts of posts disappear fairly quickly, but there are plenty of examples of those (probably myself included) that have started out that way, but with the help of the community have grown beyond.
  

EH-Net has always (mostly) been a friendly and helpful place to study so I'd be inclined to continue to allow such discussions. The community is good at self-censorship if a member starts asking questions beyond what is deemed 'acceptable'.

From a personal perspective, if I don't agree with a topic, discussion or tone of a post, I just don't reply.

my £0.02....

[prats84]

Everything would have good and bad to it.

The Actualtest or any such are there to facilitate studies and knowledge but yes people to abuse these things as making only source for their knowledge.

We all have been through certifications and have met different individuals. You know it yourself doing these sort of things could get you a certificate, a job but how successful do these guys get in their journey???

Having such links in this forum or any other forums could be fine accroding to me as its on people how they want to use it.
 How many people here would be using the Ethical Hacking knowledge shared here to do the Blackhat Stuff.
 Should we stop sharing the hacking, security knowledge?

[SephStorm]

Well, the first thing that a site admin would have to consider is what his visitors/members are going to think when they see those links. I can tell you that most ethical individuals would write off the site the second they saw sponsored links to dumps. Its ingrained in anyone who worked hard to attain our certs to look down on resources that make such things easier.

I'm not going to claim I havent been tempted to look at dumps. but ultimately it involves me in the exam process when i walk into the exam center, and I am trying to think, of the answer, of the process. And it makes that experience of seeing that pass screen at the end so much sweeter. I remembered walking out of the exam center thinking "I'm a CEH..." After all those posters on the EC-Council website: "Dont mess with SephStorm, hes a CEH". You dont get that after a dump I think.

As for the second question, i'll be honest, I would guess that most "whitehat"s are horrible "blackhat"s... we follow the rules, established policies and procedures, methodologies...

another more relevant point, this is not a resource that one would come to for knowledge that could be used for BH purposes, there are no zero days posted here, few tutorials that you couldnt find something similar on youtube. Look at this menu on the right hand of your screen:

"SANS Work study experience
recommended book for pentester"

this is not where I would go if I were a script kiddie or blackhat.