|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: [CISSPSTUDY] CBK, resources, and good readin' for any InfoSec professional
From: Wil Hamilton Jr. (hamiltonwj@EARTHLINK.NET)
Date: Thu Dec 07 2000 - 15:22:08 CST
- Next message: keewan Hong: "[CISSPSTUDY] Granularity"
- Previous message: Dan Houser: "[CISSPSTUDY] CBK, resources, and good readin' for any InfoSec professional"
- In reply to: Dan Houser: "[CISSPSTUDY] CBK, resources, and good readin' for any InfoSec professional"
- Reply: Wil Hamilton Jr.: "Re: [CISSPSTUDY] CBK, resources, and good readin' for any InfoSec professional"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Another place where there are good study guides for various certs(CISSP,
CISA, SSCP, CIA, etc..) is:
www.srvbooks.com.
I used the study guides for the CISSP cert it was very good (in fact I still
use the theory volume as a reference).
WJH
----- Original Message -----
From: "Dan Houser" <houserd1@NATIONWIDE.COM>
To: <CISSPSTUDY@SECURITYFOCUS.COM>
Sent: Thursday, December 07, 2000 3:47 PM
Subject: [CISSPSTUDY] CBK, resources, and good readin' for any InfoSec
professional
> FYI:
>
> Here are some online studying resources I found useful in studying for the
> CISSP:
> ====================================================================
> !!!!!!!
> ***** CISSP Prep Course materials: http://www.consec.org
> !!!!!!!!
>
> CISSP Practice Exam:
> http://www.cissps.com/Cissp_Exam/Practice/practice.html
> CISSP Forums: http://forum.cissps.com/ubbcgi/Ultimate.cgi?action=intro
>
> The InfoSec Management 2000 Handbook:
> http://www.itknowledge.com/reference/standard/0849399742/ewtoc.html
> (you only get 1-2 clicks before you have to pay, so choose your
> chapter carefully!)
>
> The InfoSec Management 1999 Handbook:
> http://secinf.net/info/misc/handbook/ewtoc.html
> (This is THE BOOK. Rumor has it that a good many CISSP test
questions
> could have been pulled from this book.
> Don't know if it's true, but this book deserves serious reading.)
>
> For Crypto Newbies: http://15seconds.com/issue/991216.htm
> Crypto Made Easy: http://www.cissps.com/Cissp_Exam/Practice/crypto.html
> Intro to PKI: http://docs.iplanet.com/docs/manuals/security/pkin/index.htm
> Intro to SSL:
http://docs.iplanet.com/docs/manuals/security/sslin/index.htm
> RSA Labs Crypto FAQ: http://www.rsasecurity.com/rsalabs/faq/index.html
> Bruce Schneier's Crypto Hotlinks: http://www.counterpane.com/hotlist.html
> W3.org's Internet Security Resource Page: http://www.w3.org/Security/
> TCSec Coverage WITH TESTS!!:
> http://www.radium.ncsc.mil/tpep/library/ramp-modules/
> (see especially 5,6,7,8,9,11 which have coverage beyond just TCSec)
> DoD Rainbow Series: http://www.radium.ncsc.mil/tpep/library/rainbow/
> (in theory no longer on the exam, but I've heard rumors in listservs
> that TSEC stuff still appears on the test)
> Role-Based Access Control: http://hissa.ncsl.nist.gov/rbac/
> RSA's Crypto Glossary:
> http://www.rsasecurity.com/developers/total-solution/glossary.html
> RSA's VPN Tutorial:
> http://www.rsasecurity.com/products/securid/whitepapers/vpns/index.html
> Computer Forensics Overview:
> http://www.ddj.com/articles/2000/0009/0009f/0009f.htm
> Firewalls Complete, online book: http://secinf.net/info/fw/complete/
> Trust in Cyberspace, online book (Internet Security Overview):
> http://www.nap.edu/readingroom/books/trust/
> TEMPEST: http://www.eskimo.com/~joelm/tempest.html
>
> Large Archive of Security Articles:
> http://www.nwfusion.com/newsletters/sec/
> (Mostly Physical Security, Network Security, and Security and Policy
> Management )
>
> HUGE compendium of InfoSec sources: http://www.infosyssec.net/index.html
> (note the left-hand side, which are all the topics covered)
>
> Computer Security Institute's Archive of InfoSec Articles:
> http://www.gocsi.com/excerpt.htm
> ACSA InfoSec Bookshelf:
http://www.acsac.org/secshelf/book001/book001.html
> Discussion of Optical Lenses:
> http://www.photo.net/photo/optics/lensTutorial.html
> US Navy Physical Security Manual:
> http://neds.nebt.daps.mil/Directives/5530_14c.pdf
> Good source of quizzes: http://www.sans.org/infosecFAQ/index.htm
> (remember - GIAC and CISSP have a different focus)
>
> Many books/papers about firewalls: http://secinf.net/ifwe.html
> GASSP: http://www.all.net/books/GASSP2.html
> Big ol' List o' Crypto on Bruce Schneier's Site:
> http://www.counterpane.com/biblio/all-by-author.html
> Many miscellaneous papers, some definitely by hackers:
> http://www.insecure.org/reading.html
> ( set grain of salt = on)
>
> Now, once you've read all that, your brain should be tired.
> ______________________________
> Dan Houser, CISSP, SSCP
> Sr. Security Engineer
> Information Security & Privacy
> Nationwide Financial
> houserd1@nationwide.com
>
> +--------------------------------------------+
> | You have received this email because you |
> | subscribed to the CISSPSTUDY mailing list. |
> | -- To unsubscribe, send an email to -- |
> | listserv@securityfocus.com |
> | with a message body of: |
> | UNSUBSCRIBE CISSPSTUDY |
> +--------------------------------------------+
>
+--------------------------------------------+
| You have received this email because you |
| subscribed to the CISSPSTUDY mailing list. |
| -- To unsubscribe, send an email to -- |
| listserv@securityfocus.com |
| with a message body of: |
| UNSUBSCRIBE CISSPSTUDY |
+--------------------------------------------+
- Next message: keewan Hong: "[CISSPSTUDY] Granularity"
- Previous message: Dan Houser: "[CISSPSTUDY] CBK, resources, and good readin' for any InfoSec professional"
- In reply to: Dan Houser: "[CISSPSTUDY] CBK, resources, and good readin' for any InfoSec professional"
- Reply: Wil Hamilton Jr.: "Re: [CISSPSTUDY] CBK, resources, and good readin' for any InfoSec professional"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]