Oh, the legal concerns, policies and procedures, cryptography, ethics, physical security, operations security, business continuity, security architecture, access control systems and methodology, and a bit of forensics - to enumerate a few. V/R Jim David Fuller wrote: > > What else is involved? > > -----Original Message----- > From: Meritt James [mailto:meritt_jamesat_private] > Sent: Monday, June 18, 2001 5:31 AM > To: Jim Utkin > Cc: 'David Fuller'; 'Pen - Test List' > Subject: Re: How to become a professional penetration tester? > > My opinion on every statement: Very true, and if anything understated. > > There is a lot more involved... > > Jim Utkin wrote: > > > > Keep in mind penetration testing is just a small component in the > > process of Information Security, if you're interested in a career as a > > security professional, learn policies, system administration, network > > administration, architecture design, just to name a few. No one can > > claim to be a good penetration tester without being good at least 3 or 4 > > other categories if not all of them. > > > > Being a security professional IMHO is the hardest specialty in > > Information Technology, you have to be good in almost every aspect of > > IT, but an expert at none. > > -- > James W. Meritt, CISSP, CISA > Booz, Allen & Hamilton > phone: (410) 684-6566 > > _________________________________________________________ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com -- James W. Meritt, CISSP, CISA Booz, Allen & Hamilton phone: (410) 684-6566
This archive was generated by hypermail 2b30 : Mon Jun 18 2001 - 13:20:22 PDT