Re: How to become a professional penetration tester?

["Meritt James" <meritt_james () bah com>]

Oh, the legal concerns, policies and procedures, cryptography, ethics,
physical security, operations security, business continuity, security
architecture, access control systems and methodology, and a bit of
forensics - to enumerate a few.

V/R

Jim

David Fuller wrote:
> What else is involved?
>
> -----Original Message-----
> From: Meritt James [mailto:meritt_james () bah com]
> Sent: Monday, June 18, 2001 5:31 AM
> To: Jim Utkin
> Cc: 'David Fuller'; 'Pen - Test List'
> Subject: Re: How to become a professional penetration tester?
>
> My opinion on every statement:  Very true, and if anything understated.
>
> There is a lot more involved...
>
> Jim Utkin wrote:
> > Keep in mind penetration testing is just a small component in the
> > process of Information Security, if you're interested in a career as a
> > security professional, learn policies, system administration, network
> > administration, architecture design, just to name a few. No one can
> > claim to be a good penetration tester without being good at least 3 or 4
> > other categories if not all of them.
> >
> > Being a security professional IMHO is the hardest specialty in
> > Information Technology, you have to be good in almost every aspect of
> > IT, but an expert at none.
>
> --
> James W. Meritt, CISSP, CISA
> Booz, Allen & Hamilton
> phone: (410) 684-6566
>
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com

-- 
James W. Meritt, CISSP, CISA
Booz, Allen & Hamilton
phone: (410) 684-6566