Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Cissp
From: David Hopkins <David () COMPUSA COM>
Date: Tue, 12 Sep 2000 13:50:26 -0500

Here is the correct one, however, it appears the editors have broken the
book into two volumes!

http://www.amazon.com/exec/obidos/ASIN/0849398290/o/qid=968785404/sr=2-1
/102-9601032-4880926
http://www.amazon.com/exec/obidos/ASIN/0849308003/qid=968785514/sr=1-3/1
02-9601032-4880926

David Hopkins, CISSP
CompUSA IT Security Manager
972-982-5414 (office)
972-333-5636 (cell)



-----Original Message-----
From: Bhanu Prasad [mailto:B_Prasad () REDSALSA COM]
Sent: Tuesday, September 12, 2000 1:34 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: Cissp


A look at Amazon shows that there are two books... Handbook on
Information
Security Management and the other one is Information Security Management
Handbook.  Both written by the same authors.

Which is the right one?

Thanks,
Bhanu

-----Original Message-----
From: Masse, Robert [mailto:rmasse () RICHTER CA]
Sent: Tuesday, September 12, 2000 2:10 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] Cissp


Hi

I think that if you have a good handle on general security principles
and a
load
of common sense, you will be OK by reading the Information Security
Management
handbook only.

I decided to write my CISSP 2 weeks before the test.  I studied
literally a
total
of 5 hours by just reading the book twice and just showed up for the
test.
My
level intelligence would be best considered as sub-par.

Experience wise, I have been involved in _security only_ for 3 years
(the
minimum
for the designation) with 7 years of previous unix/router/nt
administration.


Hope that helps a bit,

Robert

-----Original Message-----
From: Ben Rothke [mailto:brothke () EBNETWORKS COM]
Sent: Tuesday, September 12, 2000 1:38 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] Cissp


Hi,

When I was at Ernst & Young, we developed an internal CISSP preparation
class.

They decided not to offer the class again but I still have the tens sets
of
PowerPoint slides from the CBK Review.

Let me know if you want a copy.


Ben


Ben Rothke, CISSP <brothke () ebnetworks com>
Network Security Consultant
eB Networks, Inc. - Leading the way to eBusiness - at NetSpeed!


-----Original Message-----
From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf
Of Sassaman, Kim
Sent: Monday, September 11, 2000 7:20 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] Cissp
Importance: High


This is off topic but what resources did you use to study for the
CISSP
certification.  Im looking into taking the exam and was wondering if
there
were some better refrences than the study guide availiable??

Kim Sassaman
Charles Schwab, Inc.
Technology Innovation
Information Security Services
Senior Staff - Access Engineering
2343 East Lincoln Drive
Phoenix, AZ 85016
Member: SIPC/New York Stock Exchange
[Work] 602-355-3330
[Mobile] 602-421-4916
[MobileMail] 6024214916 () mobile att net
<mailto:6024214916 () mobile att net>
[Pager] 877-568-4936
[PageMail] 8775684936 () skytel com <mailto:8775684936 () skytel com>
WARNING: All e-mail sent to or from this address will be received
orotherwise recorded by the Charles Schwab corporate e-mail system and
issubject to archival, monitoring or review by, and/or disclosure
to,someone other than the recipient.



-----Original Message-----
From: Meritt, Jim [mailto:Jim.Meritt () WANG COM]
Sent: Monday, September 11, 2000 12:40 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] Testing a "rogue site"


Concur.  To have a system to secure, you need the system.

Has anyone noticed that the original question was totally
non-technical?

There seems to be a belief that all that is involved is
technical.  There is
more to it than that.  How do you write up what you find?  How do
you "sell"
it (to management). The business aspects appear to be totally
overlooked.

The "dot coms" thought that way.  Notice the business failures?

_______________________
The opinions expressed above are my own.  The facts simply are
and belong to
none.
James W. Meritt, CISSP, CISA
Senior Information Systems Security and Audit Analyst,
Information Assurance
Center of Excellence
Wang Government Services, Inc.


-----Original Message-----
From: Karyn Pichnarczyk [mailto:karyn () SANDSTORM NET]
Sent: Monday, September 11, 2000 12:47 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: Testing a "rogue site"



[snip]

I totally disagree with the two rules stated above.  yes, You need
your
company's written approval of your responsibilities.  But unless you
go by
the One and Only rule, you will not last long in the security trade:

1. Business Must Continue.

If this rule is not followed, then it doesn't matter how good or bad
the security posture is: the company just won't exist!


[snip]


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault