'RE: GCIA v 3.3 Question'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       intrusions
Subject:    RE: GCIA v 3.3 Question
From:       "Bill Royds" <broyds () rogers ! com>
Date:       2002-11-23 22:01:55
[Download RAW message or body]





Here is the complete wording from the assignment (Version 3.3):
“identify within one of these logs an "interesting" set of detects and fully apply \
the analysis process to them. This detect must also be posted to the incidents.org \
site for public review by your peers. After your analysis has been posted, the \
community at large will have an opportunity to post questions and opinions regarding \
the trace and analysis. You must select the top (or best) three questions and answer \
them as well as defend your position regarding the analysis that you have performed. \
The COMPLETED detect plus the top three questions with a summary of your defence of \
the analysis must be included in your practical with the detect.”



So only one of the three detects for part 2 need be submitted to the \
intrusions@incidents.org mailing list. That one should have 3 questions and defences.


-----Original Message-----
From: Szczepankiewicz, Peter [mailto:pjszczep@fiwc.navy.mil]
Sent: Sat November 23 2002 11:49
To: intrusions@incidents.org
Subject: FW: GCIA v 3.3 Question


Just wanted some advice if anybody on the mailing list knows the answer to this.
Peter
 
 
-----Original Message-----
From: Szczepankiewicz, Peter 
Sent: Friday, November 22, 2002 11:45 PM
To: 'info@giac.org'
Subject: GCIA v 3.3 Question


Dear SANS,
 Question on the GCIA version 3.3 assignment.  Do we have to have three defenses on \
each of the three detects in part 2?  The verbiage in the assignment can mean two \
different things.  The assignment says...  
" You must select the top (or best) three questions and answer them as well as defend \
your position regarding the analysis that you have performed. The COMPLETED detect \
plus the top three questions with a summary of your defense of the analysis must be \
included in your practical with the detect."  
 So does that mean that we only need to show three defenses on one of the detects, or \
three defenses on each of the detects for a total of nine defenses?  Just trying to \
be clear as I head for the finish line.  Thanks!  This is fun. Peter Szczepankiewicz


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic