Hurricane Labs
  • Home
  • Services
    • Network Security
    • Penetration Testing
    • Open Source Tools
    • Web Application Security
    • Linux Services
    • Check Point
    • WiKID
    • OSSEC
  • News & Events
    • Newsletters
    • The Beacon
    • In the News
    • Events
  • Contact Us
  • Blog

 888-276-4106  |  Login


Certified in Multiple Choice

Posted on May 21, 2010 by billford

Written by: Bill Mathews
From Eye of the Storm – May/June 2010

The same malady that affects standard IT training has wormed its way into IT Security Training. “Point, click, certify” is killing IT training and it makes certifications less than useless. How many times have you hired someone because they have a Cxxx only to find out later that the ‘C’ stood for clueless and not certified? It’s happened to me on many occasions. Certification cannot be your only requirement for hiring but it often is.

When we hire someone we give them a written exam, no Internet access, no computer. This is to measure how well they respond to pressure and gives us an idea of what they actually know instead of what they could cram for the night before. I’m thinking about adding a lab portion to this exam to fully test that they can do what they say they can do. I’ve had a lot of people come through here with a lot of letters after their name who could not boot up a computer. This brings me back around to certifications and why most of them are useless in their current state.

If you have only a little bit of knowledge on a certain topic and you’re given a multiple choice question, chances are you can reason out the answer fairly easily. This is especially true of exams where the deliberately try to fool you by rephras- ing the same question 10 times. I have, quite literally, taken certification exams without an ounce of studying and aced them on subjects I only have a little familiarity with. You should NOT be able to do this with a useful exam.

Useful exams should always include a lab section that applies the knowledge you need with a real world simulation. Labs are not hard to set up but the certifying parties would have to charge more to run these labs. That’s okay! Certification should be expensive and should not be for everyone. You should not have more certified “professionals” running around than you have users. Education and certification should be hard, that makes it all the more worth doing. Stop asking for useless certifications and start demanding people actually know something.

Bookmark the permalink.

Quick Links

  • View the Most Recent Newsletters

Related Terms

  • General Security
  • News

Related Articles

title

Mailing Lists

title

Shameless Promotion

title

Ohio LinuxFest Review

title

What’s New?

title

2008 Open Web Application Security Project (OWASP) USA Confe...

Services

  • Network Security
  • Penetration Testing
  • Open Source Tools
  • Web Application Security
  • Linux
  • Check Point
  • WiKID
  • OSSEC

Home

News & Events

  • Newsletters
  • The Beacon
  • In The News
  • Events

Blog

Contact Us

RSS Feeds

  • Blog
  • Newsletter
  • Beacon
  • Podcast

Live Twitter Feed

[HL BEACON] Oracle Google Truce, Secure Processors http://t.co/gle0xmFL
12 hours ago

Upcoming Classes

Check Point Essentials - 06/05-06/07 2012
Check Point IPS Essentials - 06/25 2012

Upcoming Events

No events

4401 Rockside Road, Suite 310, Independence, Ohio 44131 P: 216-923-1330 / 888-276-4106 F: 216-447-9618 E: sales@hurricanelabs.com

Hurricane Labs Engineering Public Keys

Copyright ©2012 Hurricane Labs, LLC. All Rights reserved.