Options

Anybody can be a security auditor apparently

tierstentiersten Member Posts: 4,505
in Off-Topic
This thread is just facepalm. Did the auditor do security for Sony previously or something??
· Share on FacebookShare on Twitter

Comments

  • Options
    RobertKaucherRobertKaucher Member Posts: 4,299 ■■■■■■■■■■
    That's not an auditor, that's an attacker.
    · Share on FacebookShare on Twitter
  • Options
    some guysome guy Member Posts: 28 ■□□□□□□□□□
    RobertKaucher wrote: »
    That's not an auditor, that's an attacker.
    +1 to that.icon_exclaim.gificon_exclaim.gificon_exclaim.gif
    A+ ~ Feb 2010
    Network+ ~ Jun 2010
    Security+ ~ April 2011

    Up next: ???
    · Share on FacebookShare on Twitter
  • Options
    cyberguyprcyberguypr Mod Posts: 6,928 Mod
    That is an excellent read.

    Love the OP's big WINs:

    "I got fed up being diplomatic and directed him to this thread ... I'd actually forgotten I'd called him an idiot in the title" HAHAHAHA!!!

    "PCI SSC have responded and are investigating him and the company"
    · Share on FacebookShare on Twitter
  • Options
    colemiccolemic Member Posts: 1,569 ■■■■■■■□□□
    wow. Speaking as an auditor, we would NEVER ask for that, and if it is social engineering, he is really toeing the line from an ethical perspective.

    One of the comments summed it up pretty good - auditors evaluate system states, business processes, and policies and procedures, and if they are being followed. While we ask for a certain amount of 'sensitive' information is is always done - and provided - securely.
    Working on: staying alive and staying employed
    · Share on FacebookShare on Twitter
  • Options
    ZartanasaurusZartanasaurus Member Posts: 2,008 ■■■■■■■■■□
    lol@ a database of plain-text passwords. Guy is probably making over 6 figures too. I'm in the wrong line of work.
    Currently reading:
    IPSec VPN Design 44%
    Mastering VMWare vSphere 5​ 42.8%
    · Share on FacebookShare on Twitter
  • Options
    tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    I am tempted to call b.s. because I am not sure what standard he is using to be asking for those things. I have a cross reference chart for ISO to NIST to Diacap,etc and I am kind of confused as to how somebody would even come close to thinking they need those things???

    I think a problem is i think people who have the organizational skills to be an auditor are usually not technical and the people who have the technical skills to perform a proper audit lack the organizational skills to do one properly.
    · Share on FacebookShare on Twitter
  • Options
    shaqazoolushaqazoolu Member Posts: 259 ■■■■□□□□□□
    Wow. What a tool. I'm surprised the admin guy kept his cool so well. After the second email where peckerhead insults my competence, I'm blowing a gasket. Dude needs to crack a book.
    :study:
    · Share on FacebookShare on Twitter
  • Options
    powerfoolpowerfool Member Posts: 1,666 ■■■■■■■■□□
    Geez, I would feel bad for insulting everyone here's intelligence if I even began to point out all of the BS there. Fan-effing-tastical!

    Can someone drop him a line to hashing algorithms on Wikipedia?

    Nevermind...
    2024 Renew: [ ] AZ-204 [ ] AZ-305 [ ] AZ-400 [ ] AZ-500 [ ] Vault Assoc.
    2024 New: [X] AWS SAP [ ] CKA [ ] Terraform Auth/Ops Pro
    · Share on FacebookShare on Twitter
Sign In or Register to comment.