[Dshield] SANS going to proctored exams?

Joel Esler eslerj at gmail.com
Fri Dec 7 15:04:38 GMT 2007 

I see the point that everyone is making.  I understand the need for 
standards and I understand the need for the proctored exam. 

But I thought the test was hard enough, and tough enough to compensate 
to make up for the proctor factor.

I see the reason for it, but I still don't agree. :)


--
Joel Esler
http://www.joelesler.net



Johannes Ullrich wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: RIPEMD160
>
>
> I second the points made by Clement in this matter. Overall, I would
> prefer a non-proctored / webcam option, but ANSI did not allow for it. I
> have been involved in some aspects of GIAC's ANSI certification process
> and from the little pieces I have seen, the effort has been painful but
> worth it.
>
> Right now, we have no way to tell if you actually took the exam, or paid
> a friend to take it for you. This is not acceptable if we try to
> establish a respected certification.
>
> But the entire ANSI effort goes way beyond that. You may wonder why GIAC
> has to become ANSI certified. The short answer: Important parts of the
> community start to ask for it, because ANSI certification requires rigor
> and consistency in designing the exams.
>
> One of the parts I like most about ANSI is the overall approach to what
> a certification is supposed to test: A certification is not supposed to
> test if you paid attention in a particular course. Instead, a
> certification should test if you are ready to do a particular job. This
> starts with what ANSI calls a "job task analysis". GIAC has to enumerate
> important job task a person has to master in order to do the job. This
> in itself is a labor intensive and important process. Experts in the
> field need to be polled and the community is asked to form a consensus
> on what the particular job entails. Then exam questions are created to
> test these particular skills. The exam questions themselves are tested
> and reviewed. Finally, all exam results are carefully analyzed and
> question quality is monitored carefully after the exam is finished.
>
> So what do you get out of it: Better exams. Some of our past exam
> questions have been lousy. The new system will provide for much more QA
> before a question is ever used in an exam.
>
> It was the first time I have been close to a certification process like
> this. To some extend, it sounds redundant to have a "certified
> certification". The part of the process that impressed me most was that
> ANSI took a very hands-on look at our processes. Auditors performed
> multi day site visits, and the GIAC team had to provide ongoing status
> updates and detailed answers to requests from the auditors. This is not
> a hand-waving paper exercise. The auditors went into a lot of details
> and did much more then checking of check-boxes. They actually questioned
> ever detail and verified how each procedure and policy affects real exams.
>
> Yes, its inconvinient to have to travel to a test site. But read the
> full announcement. There are a number of other options: Local colleges,
> your HR department, SANS conferences and so on.
>
>
>
>
>
> - --
> Johannes Ullrich, SANS Institute, (www.sans.org)
>
> Cyber Defense Initiative - Washington DC; 17 courses, Dec 11- 18
> http://www.sans.org/info/15821
> SANS Security 2008 - New Orleans, LA; 21 courses, Jan 11-19
> http://www.sans.org/info/15826
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFHWMMgPNuXYcm/v/0RA0blAJ9593DqUBEGMWG2+ZwDsY7axW9tfQCfcWhx
> Naou1SQwxpysXGFMJGP28Ug=
> =gkWG
> -----END PGP SIGNATURE-----
> _________________________________________
> SANS Network Security 2007 in Las Vegas September 22-30. 39 courses,
> SANS top instructors.  http://www.sans.org/info/9346
>

More information about the list mailing list