[prev in list] [next in list] [prev in thread] [next in thread]
List: intrusions
Subject: RE: GCIA v 3.3 Question
From: "Bill Royds" <broyds () rogers ! com>
Date: 2002-11-23 22:01:55
[Download RAW message or body]
Here is the complete wording from the assignment (Version 3.3):
“identify within one of these logs an "interesting" set of detects and fully apply \
the analysis process to them. This detect must also be posted to the incidents.org \
site for public review by your peers. After your analysis has been posted, the \
community at large will have an opportunity to post questions and opinions regarding \
the trace and analysis. You must select the top (or best) three questions and answer \
them as well as defend your position regarding the analysis that you have performed. \
The COMPLETED detect plus the top three questions with a summary of your defence of \
the analysis must be included in your practical with the detect.”
So only one of the three detects for part 2 need be submitted to the \
intrusions@incidents.org mailing list. That one should have 3 questions and defences.
-----Original Message-----
From: Szczepankiewicz, Peter [mailto:pjszczep@fiwc.navy.mil]
Sent: Sat November 23 2002 11:49
To: intrusions@incidents.org
Subject: FW: GCIA v 3.3 Question
Just wanted some advice if anybody on the mailing list knows the answer to this.
Peter
-----Original Message-----
From: Szczepankiewicz, Peter
Sent: Friday, November 22, 2002 11:45 PM
To: 'info@giac.org'
Subject: GCIA v 3.3 Question
Dear SANS,
Question on the GCIA version 3.3 assignment. Do we have to have three defenses on \
each of the three detects in part 2? The verbiage in the assignment can mean two \
different things. The assignment says...
" You must select the top (or best) three questions and answer them as well as defend \
your position regarding the analysis that you have performed. The COMPLETED detect \
plus the top three questions with a summary of your defense of the analysis must be \
included in your practical with the detect."
So does that mean that we only need to show three defenses on one of the detects, or \
three defenses on each of the detects for a total of nine defenses? Just trying to \
be clear as I head for the finish line. Thanks! This is fun. Peter Szczepankiewicz
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic