[Owasp-cert] Deadlines for August

Matthew Chalmers matthew.chalmers at owasp.org
Fri Jul 25 22:18:58 EDT 2008

I like the idea of understanding in multiple distinct areas, kind of like
domains in a 'CBOK'. I also like the idea of being able to redo pieces
(after a certain amount wait time maybe) if we do go with some formula that
gets you a higher level. For example if there are five domains...five exams
maybe...we say you have to get at least x% in each to be a 'master' but if
you do great on four of them but only average on the 5th, you're not a
master until you retake that 5th part and get the minimum qualifying score.
It's an idea anyway.

I'm not so sure about the essay. I like essays and fill-in-the-blank in
general, however, we're talking about a very wide audience, much wider than
that of the CBEST. People who will want (and may deserve) an OWASP cert will
not necessarily speak English, not necessarily have good written
communication skills, etc. We're not testing those things, we're just
testing...whatever we're testing relating to web application security. ;-)
Also, if we grade tests rather than a third party like VUE, we may not get
competent volunteers who speak every language in which we may offer the
test. Plus even if we had the luxury of being able to require English, even
good English, of our test-takers, that would mean we'd have to ensure our
test-graders were that much more competent since they're reading essays
rather than just checking to make sure the correct box was ticked. I wonder
if an essay just for the highest level would be do-able even.


On Fri, Jul 25, 2008 at 8:50 PM, Gary Palmer <owasp at getmymail.org> wrote:

>  Interestingly enough, I am preparing for the CBEST which is the first
> step in obtaining a teaching credential.  The CBEST is a 3 part exam, the
> first deals with reading and comprehension, the second is math and the third
> is an essay.  The R&C is split between knowing what you read, understanding
> what you read, and then critical analysis/research analysis/authors
> perspective/main point/feelings/etc.  The math seems to be fairly straight
> forward.  The essay is 2 compositions, the first is analyze a given
> situation and the other is to write about a personal experience.
> The grading is scaled and the combined score must be passing.  There is a
> minimum for each section to pass, but just missing in one and exceeding in
> another to have a combined passing score will work too.
> More at: http://www.cbest.nesinc.com/CA14_overview.asp
> Maybe we should consider this type of approach, the essay would certainly
> challenge the person and provide a record versus a personal meeting that may
> be biased by personalities.  The different sections could measure depth and
> understanding of knowledge for multiple degrees of certification.  Also the
> CBEST allows repeats where you can focus on one section or repeat all, in
> order to improve your scores.  An interesting approach and unique when I
> compare to the assorted other certification exams I have taken.
> Cheers,
> Gary Palmer
>  ------------------------------
> *From:* owasp-cert-bounces at lists.owasp.org [mailto:
> owasp-cert-bounces at lists.owasp.org] *On Behalf Of *Matthew Chalmers
> *Sent:* Friday, July 25, 2008 5:53 PM
> *To:* dmalloc at users.sourceforge.net
> *Cc:* owasp-cert at lists.owasp.org
> *Subject:* Re: [Owasp-cert] Deadlines for August
>    No offense to James but again I agree with David. I think pure
> multiple-guess should be avoided--not to mention a pure multiple-guess
> product that's been rushed because of concerns with time to market or
> delivering 'something ok' sooner rather than 'something good' later.
> Matt
> On Fri, Jul 25, 2008 at 7:40 PM, David H. <dmalloc at users.sourceforge.net>
> wrote:
>> > If we stick to simple multiple choice for the first exam, it means that
>> we
>> > have delivered something of value and can in the meantime buy us more
>> time
>> > to work on more complex scenarios.
>> >
>> That is exactly what I try to dispute. I do not see any value in
>> Multiple Choice Questionaires not even when you are purely testing for
>> relearned value. That stems from a long history with Multiple Choice
>> Tests and the desire to create meaningful exams for a new paradigm of
>> learning.
>>  --
>> Sent from gmail so do not trust this communication.
>> Do not send me sensitive information here, ask for my none-gmail accounts.
>> "Therefore the considerations of the intelligent always include both
>> benefit and harm." - Sun Tzu
> _______________________________________________
> Owasp-cert mailing list
> Owasp-cert at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-cert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-cert/attachments/20080725/703df52c/attachment.html 

More information about the Owasp-cert mailing list