Re: Government of Mauritius, confidentiality compromised

From: Ajay R Ramjatan <ajay.ramjatan_at_gmail.com>
Date: Thu, 10 Dec 2015 16:52:48 +0400

Hi SM,

Our opinions here and ideas of what should be in a security course still
does not tell anyone reading MIU in what way a training and certification
programme like EC-Council's CEH is "undependable". None of the different
messages in this thread provide any appreciable information as to whether
it is dependable or not.

On Thu, Dec 10, 2015 at 1:57 PM, S Moonesamy <sm+mu_at_elandsys.com> wrote:

> Hi Ajay,
> At 22:26 09-12-2015, Ajay R Ramjatan wrote:
>
>> I don't think its 100% subjective. In a security course, if the training
>> material goes against established security practices, it is an indication
>> that the course is of questionable quality.
>>
>
> The training material could cover vulnerabilities which have been used or
> which are currently in use. The best way to learn about that is from the
> person writing the software. However, that is usually not recommended as
> it raises questions about ethics. If the person is going to be responsible
> for some aspects of information security, the person would have to be able
> to analyze a vulnerability and assess its impact. Some of the work of the
> person would have to go through open peer review if there isn't any
> evidence that it adheres to established security practices.
>
> There is a message from Dr Naicken at
> http://lists.elandnews.com/archive/mauritius/internet-users/2015/11/3978.html
> One of the interesting points in that message is about the depth of
> knowledge which is required. There is also breath of knowledge which is
> sometimes confused with depth of knowledge.
>
> Regards,
> S. Moonesamy
>
Received on Thu Dec 10 2015 - 12:53:24 PST

This archive was generated by hypermail 2.3.0 : Thu Dec 10 2015 - 13:00:02 PST