However, when my SANs instructor showed a demo of an exploit on an XP, I felt a little disappointed. Yes, I know it (XP) was just a vehicle to demonstrate the exploit but in the back of my mind I thought, "XP pssfth, ANYTHING can crack an XP machine." IMHO, using XP implies a) you haven't updated your slides in a while or b) you're demonstrating something that is only vulnerable on XP. More to the point, XP makes any slide or demo appear dated and in my mind, for any non-101 course to make the claim "current", they need to eliminate XP from their material. Even for a 101 course - show how vulnerable XP is and move on (Win 7, 8, etc). The rest of the world is moving off XP, it's time security courses do too.