Each month the editors of SearchSecurity.com gather the top five Ask the Expert questions and responses from across the different infosec categories. If you missed these the first time around, here's your chance to read the questions and responses your infosec peers found the most helpful.
5. What can I use to monitor suspicious network activity and locate vulnerabilities?
Expert Ed Yakabovicz responds: Run a tool such as LanGuard to do what is called a vulnerability assessment. LanGuard will provide a free 30-day license, which will allow you to scan your network for weaknesses. Read the complete response.
4. We are looking for a template or guideline to help us create an IM acceptable-use policy. Do you have any suggestions on where to get such info?
Expert Kevin Beaver responds: Developing a policy for instant messaging (IM) is a smart thing to do. There are a large number of security implications that come with IM that your users should be educated on and should be enforced within your organization. Read the complete response.
3. My opinion on certifications is that they represent "the beginning" of a field of study and experience that establishes a fundamental baseline -- no more, no less.
In many cases, companies demand this or that cert without really looking behind the knowledge base or the experiential value that the applicant brings to the table. That is a management issue -- not a cert issue. What am I missing that makes this discussion represent real value?
Expert Ed Tittel responds:Certifications often have currency, because they require hiring managers and human resources (HR) types to do less thinking and perhaps even spend less time evaluating candidates on their other merits. Sometimes -- and I suspect you're dealing with one or more of those -- certs function much like "checkbox items." Read the complete response.
2. Can you tell me what online computer security certification courses are available for professionals?
Expert Ed Tittel responds: There are numerous options available for online security certification training. In fact, several large universities and institutions offer online courses.Read the complete response.
1. How is Snort (open source) "better" than proprietary software? Is Snort difficult to manage or to find support for?
Expert JP Vossen responds: I would argue that Snort is better than a proprietary solution because it is open source. Search the Internet for the general arguments, but I'll address some specifics here.
First, open source has the potential for more peer review, which translates into quality assurance. No software is bug free, but no company can afford to hire the number of people worldwide who take an interest in reviewing and securing open source code. Read the complete response.
This was first published in February 2004