.

New Poll?

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Jan 30, 2007 12:15 pm

New Poll?

I try to put up a new poll on Right Hand Column every month, and the time is at hand. The responses in the forums to the last poll on advancing your careers was great. As always the members came through with awesome advice. So I thought maybe I would go to you for advice on the next poll. Anything you would like to ask our readers?

Remember, this is not a forum poll, so non-members can vote.

Thanks for your suggestions,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

oleDB

User avatar

Recruiters
Recruiters

Posts: 236

Joined: Thu Jul 20, 2006 8:58 am

Location: HOA

Post Tue Jan 30, 2007 12:43 pm

Re: New Poll?

Sample questions:
Which certifications to you respect the most?
CCIE
CISSP
RHCE
CEH
GIAC
Other

What area of IT security to you currently work in?
General IT(non-security)
Intrusion Detection/Incident Response
Pen Testing/Security Auditing
Compliance/Risk
Forensics
Etc
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Feb 02, 2007 12:52 am

Re: New Poll?

Thanks oleDB.

Anyone else have ideas or do you all think I should go with one of oleDB's suggestions?

Don
CISSP, MCSE, CSTA, Security+ SME
<<

slimjim100

User avatar

EH-Net Columnist
EH-Net Columnist

Posts: 385

Joined: Wed Nov 08, 2006 12:50 pm

Location: Atlanta

Post Fri Feb 02, 2007 7:38 am

Re: New Poll?

oleDB suggestions are very good maybe add a few other certs to his list for the first one.

Another one might be where is the best place to start your security career.

Atlanta
New York
San Jose
Boston
Dallas
London
Other

Thanks,

Brian (Slimjim100)
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
<<

oleDB

User avatar

Recruiters
Recruiters

Posts: 236

Joined: Thu Jul 20, 2006 8:58 am

Location: HOA

Post Fri Feb 02, 2007 10:05 am

Re: New Poll?

slimjim100 wrote:oleDB suggestions are very good maybe add a few other certs to his list for the first one.

Another one might be where is the best place to start your security career.

Atlanta
New York
San Jose
Boston
Dallas
London
Other

Thanks,

Brian (Slimjim100)




In the military of course  :)
<<

LegioX

Newbie
Newbie

Posts: 25

Joined: Sun Sep 24, 2006 5:27 am

Post Fri Feb 02, 2007 10:12 am

Re: New Poll?

So those of us fortunate enough to not be in the US get either 'London' or 'Other'?  ;D


What about rephrasing the question to something like:

"What certificate/qualification do you regard as the best door-opener in the IT Security Industry?"

And then list a bunch of various certs like Cisco (CCNA/CCSP), Security+, CISSP/SSCP, GIAC, CEH, etc...?

That way (as the poll would be open to non-members too) people in the industry can state their experiences and those perhaps wanting to get into the industry can add their view from an outsiders perspective.
Could be good to compare the two?
MCSE & MCSA : Security (2003), A+, Network+, Security+, CEH, CCNA, JNCIA-FMW
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Feb 02, 2007 2:04 pm

Re: New Poll?

Wow... seems like a lot of you are interested in certs. Here are my initial thoughts on cert polls:

1. If specific certs are to be part of a poll, we would like to keep them limited to certs that are relevant to EH-Net. To see certs related to pen testing, forensics and incident response click HERE. For other security certs, all of you can help build the community at our sister site, Certified Security Professional (CSP) Magazine. This site is more dedicated to certs than this one.

2. I know this site is named the Ethical Hacker Network, and there is a cert named Certified Ethical Hacker, but that does not mean that this site should be dedicated to certs. In fact, most of the articles and forum topics are non-cert related. Or is it that you agree and are just curious this month on how people feel about other security related certs?

Based on the results of the last poll, certs and practical experience are tops on the list by far. Hopefully all of you feel the same as I do that we have struck a pretty good balance of general knowledge, experience and certifications on the site.

But, this is a community driven site, and if it's cert polls you want, cert polls you shall have.

Let me read a few more responses, and we'll make a decision on a poll.

Thanks and as always, I know I can count on your feedback,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

Negrita

User avatar

Sr. Member
Sr. Member

Posts: 299

Joined: Sat Sep 10, 2005 5:45 pm

Location: /dev/null

Post Fri Feb 02, 2007 4:27 pm

Re: New Poll?

1. Well if you've given in to doing a cert poll, then one thing that would interest me is: Which non-security related cert do you think would bolster your security career? You could put down certs such as; CCNA, CWNA, LPI, MCSE, CompTIA A+, VMware, SCSA, etc.

2. Another thing that interests me is: Which is the most important programming/scripting language that a security proffesional needs to know? Possible answers; C, C++, Java, Javascript, Perl, Python, PHP, SQL, Visual Basic, etc.

3. A third thing that interests me is: Which of the following fields is the most important in the security proffesional's everyday job? Possible answers; Networking, Programming, Server/Client OS operation (Windows, Linux, UNIX), Voice/Data convergence, Wireless, Virtualization, etc.
Last edited by Negrita on Fri Feb 02, 2007 5:02 pm, edited 1 time in total.
CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.
<<

LegioX

Newbie
Newbie

Posts: 25

Joined: Sun Sep 24, 2006 5:27 am

Post Mon Feb 05, 2007 10:15 am

Re: New Poll?

I agree that ideally the poll should not be cert-related if possible.

I really like Negrita's number two idea about the programming/scripting requirements for a security professional.
I would very much like to see the results of such a poll!

If we are doing that, it would be great to see more articles or tutorials on this topic as well.
MCSE & MCSA : Security (2003), A+, Network+, Security+, CEH, CCNA, JNCIA-FMW
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Feb 06, 2007 1:55 pm

Re: New Poll?

Clearly I agree with LegioX as evidenced by the new poll.

Negrita,

I liked that question the second I saw it. For brevity, I combined some of them. Hope it meets with your approval.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

Negrita

User avatar

Sr. Member
Sr. Member

Posts: 299

Joined: Sat Sep 10, 2005 5:45 pm

Location: /dev/null

Post Tue Feb 06, 2007 3:48 pm

Re: New Poll?

don wrote:Negrita,

I liked that question the second I saw it. For brevity, I combined some of them. Hope it meets with your approval.

Don

No problems Don. :D Could you please add Assembly language too, or is it too late? I see people have started to vote already. I have a good reason for adding it - I'll tell you why in a PM, so as not to bias the voting.
CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Feb 06, 2007 4:45 pm

Re: New Poll?

Assembly added to the poll.

For those of you who voted already, first of all, WOW you're quick. Second of all, we had to reset the poll with the new addition. Please vote again.

Thanks,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

oleDB

User avatar

Recruiters
Recruiters

Posts: 236

Joined: Thu Jul 20, 2006 8:58 am

Location: HOA

Post Wed Feb 07, 2007 1:11 pm

Re: New Poll?

Wow judging by the early results, I think people misunderstand what the role of a pen tester is. I will wait till the final results are in though to post why I believe web based languages like Java/Javascript/PHP/ActiveX are most important. Jezz I almost even think SQL, used in SQL injection attacks would be more important then C/C++
<<

LSOChris

Post Wed Feb 07, 2007 7:41 pm

Re: New Poll?

i only put C/C++ because 90+ % of exploit code is written in C/C++.

unless you are a web app only pen tester or a straight core impact monkey you need to know what you are executing, so you need to know C/C++.

web apps are rapidly becoming the point of entry for networks so in a year or two web languages will probably be one of the top ones, but most exploits i see for web apps are written in perl...so it guess it depends on how you look at things.
<<

oleDB

User avatar

Recruiters
Recruiters

Posts: 236

Joined: Thu Jul 20, 2006 8:58 am

Location: HOA

Post Thu Feb 08, 2007 2:37 pm

Re: New Poll?

Hardly any pen testers write their own exploits. I would say only 20% actually code exploits. Not to be confused with writing scripts that automate pen testing functions. IMO, its more important to know the code that is being exploited. Not the code your using to exploit. For malware analysis and code review C/C++ would be important, but that is not a pen testing function. There may be some overlap, but in order of importance, as a pentester your are looking for ways to get into their network. Knowing how to find bugs in web based code is way more critical then knowing how to write an exploit in C++. Really, with out being able to analyze the Java/PHP code, knowing how to write in C++ is useless with out the bug to begin with. I would also venture to say that more and more, I'm see less exploits in C++, and more in Perl and PHP. Eitherway I think I've made my point. Knowing C++ while valuable, is not necessarily the way your going to get into someones network. In almost all cases its not. Most pentesters, are infact a form of script kiddy. And thats not in a derogatory way. They aren't writing the exploits they are using them on vulnerabilities they have found.
Next

Return to News Items and General Discussion About EH-Net

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software