OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Kohlenberg, Toby (toby.kohlenberg@intel.com)
Date: Thu Nov 01 2001 - 01:24:29 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Try this perspective- The book is an excellent resource and an interesting
    read if you are serious about information security. There are cheetsheets-
    I mean "study guides" that will take you through sample question after
    sample question until even if you don't know the different between a
    stream cipher and a block cipher and can't imagine why someone would
    need any more protection than a firewall, you will have a decent chance at
    passing. In this case you don't need the ISMH and you don't need to
    understand
    why policy is essential or how to determine the ROI of a security solution,
    let alone have any technical competence at all.

    If on the other hand you are serious about infosec, then ISMH is a great
    read and an excellent way to get general high level knowledge of a number of
    different spaces.
    The reason people look for CISSPs is that there is a belief that the
    certification
    shows some level of knowledge and experience. Unfortunately, people once
    thought
    that about the MCSE and the CNE and look what happened to those.

    This is not a statement about your skills, this is a suggestion of how to
    view the materials you've purchased.

    All opinions are my own and in no way reflect the views of my employer.

    Toby

    Toby Kohlenberg, CISSP, GCIA
    Intel Corporate Information Security
    Security Technology and Testing Team
    Senior Information Security Specialist
    503-264-9783 Office & Voicemail
    877-497-1696 Pager
    "Just because you're paranoid, doesn't mean they're not after you."

    PGP Fingerprint:
    92E2 E2FC BB8B 98CD 88FA 01A1 6E09 B5BA 9E84 9E70

    > -----Original Message-----
    > From: jkellerman@na.cokecce.com [mailto:jkellerman@na.cokecce.com]
    > Sent: Wednesday, October 31, 2001 2:33 PM
    > To: cisspstudy@lists.securityfocus.com
    > Subject: Information Security Mgmnt Handbook
    >
    >
    > Well I just parted with $60 for this book because it was
    > recommended by the
    > study group I am in. However, everyone at Amazon and other internet
    > bookstores seemed to slam the book saying it was a waste of
    > money. I, just
    > like everyone else studying for the CISSP exam, dont have
    > time to waste on
    > reading resources which will not be beneficial to my studying
    > time. These
    > ratings were very low for all three volumes. The CISSP Prep
    > book though
    > seems to receive high marks as a resource for studying for
    > the CISSP, even
    > after just hitting the marketplace a couple of months ago.
    > Does anyone
    > else feel the same way about the Information Security Mgmnt
    > Handbook. Did
    > you find it to be useless in your study time for the CISSP?
    >
    > J. Kellerman
    >