I know what CISSP means I work right next to one. But thanks :) Someday I would like to take the exam
but I'm only 25 and I figure I can use more experience. Acutally I figure I need more experience, I'll put this
in the lessons learned column.
You know, the most important thing in IT security is to be able to detect when security is breached. And you got that part all right. IT security is no different than real security (for example, if you need to secure a bank): prevention, detection, and reaction.
There is no ultimately secure system. Such thing doesn't exist. There are flaws in every system, and how often the system you administer will be owned is a mater of statistical probability. Of course, the better you are in "prevention", the probability of somebody braking in will be lower. But it is impossible to get that probability to zero.
So to make long story short, the fact that you were able to detect something is going wrong is far more important than the fact that somebody broke into the system.
-- Aleksandar Milivojevic <amilivojevic@xxxxxx> Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
