Welcome to cissp CISSP training Certified Information Systems Security Professional
Search
Nickname Password Security Code Security Code Type Security Code  

Best training in the world
FITSI the certification program for the federal workforce

CCCure Quiz Engine

Rated #1 Training

Library of Documents

Forum Postings

CISSP's Blogs

Here is a list of Blogs maintained by CISSP's.

SECURITY JOBS

- Information Security Jobs

ISC2 BLOGS

- Official ISC2 Blog

CISSP's BLOGS

- Allen Baranov
- Andy Willingham
- Anton Aylward
- Benjamin Tomhave
- Bob Johnston
- Chad McDonald
- CSCI Blog
- Daniel Accioly Rosa
- Dave Lewis
- Donald Glass
- Gary Hinson
- Martin McKeay
- Michael Ehart
- Michael Santarcangelo Security Catalyst
- Peter Gregory
- Rebecca Herold
- Shaun Balkum
- Vijay Upadhyaya
- Vincent Arnold 

LEGAL INFO BLOGS

- Bow Tie Law's Blog
- Chilling Effects Clearinghouse
- Cyber Law Update
- Digestible Law
- Law.Com Daily Alerts
- Law.Com Technology News
- Law.Com
- International Legal News
- Lessig Blog
- Michael Overly
- NCSL info site
- The Gray Blog

ISO 27001 & BS 25999

- Dejan Kosutic

You know of a blog that is not listed, please Click Here to send us the link

Recommended Podcasts

MISC Menu

Security Books

Surveys

Where do you find the best price for books?

Amazon.Com
Bookpool.Com
The ISC2 webstore
CISSPS.COM
Cheapbooks.com
Ecampus.com
Other (Please leave a comment with name of site)



Results
Polls

Votes 1758

Top10 Links

Top10 Downloads

Who's Online

There are currently, 66 guest(s) and 6 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
cissp CISSP training Certified Information Systems Security Professional: CISSP Books

Search on This Topic:   
[ Go to Home | Select a New Topic ]

Official (ISC)2 Guide to the CISSP CBK, Second Edition
Posted by boss on Thursday, 04 February 2010 @ 21:23:44 EST (2717 reads)
Topic CISSP Books

cdupuis writes "

NOTE FROM CLEMENT:

The long awaited update to the Official ISC2 Study Guidewas finally released at the beginning of 2010.  The first edition was severely criticized due to the many errors, contradiction, and mistakes that were in the book.  It seems this version went through a lot more thorough Technical Editing process where CISSP's and the different authors have scrutinized each of the chapters to ensure accuracy.   The book has gained more pages as well.  The previous edition was filled with a lot of fluff such as appendixes, glossaries, etc...     This one seems to be content oriented.  I have not read through the whole book yet.  If you did read through the whole book I would be VERY interested in getting your feedback.  If you do find any errors, mistakes, or contradictions, I have created a new forum to post them and discuss them with others as well. 

Visit the link below to give us feedback about the new book:

https://www.cccure.org/forum-6.html

If you do find any mistakes, visit the link below to contribute them to the forum reserved for that purpose:

https://www.cccure.org/forum-74.html

Product Description

With each new advance in connectivity and convenience comes a new wave of threats to privacy and security capable of destroying a company’s reputation, violating a consumer’s privacy, compromising intellectual property, and in some cases endangering personal safety. This is why it is essential for information security professionals to stay up to date with the latest advances in technology and the new security threats they create.

Recognized as one of the best tools available for the information security professional and especially for candidates studying for the (ISC)2 CISSP examination, the Official (ISC)2® Guide to the CISSP® CBK®, Second Edition has been updated and revised to reflect the latest developments in this ever-changing field. Endorsed by the (ISC)2, this book provides unrivaled preparation for the certification exam that is both up to date and authoritative. Compiled and reviewed by CISSPs and (ISC)2 members, the text provides an exhaustive review of the 10 current domains of the CBK—and the high-level topics contained in each domain.

Unique and exceptionally thorough, this edition includes a CD with over 200 sample questions, sample exams, and a full test simulation that provides the same number and types of questions with the same allotment of time allowed in the actual exam. It will even grade the exam, provide the correct answers, and identify areas where more study is needed.

Earning your CISSP is a deserving achievement that makes you a member of an elite network of professionals. This book not only provides you with the tools to effectively study for the exam, but also supplies you with ready access to best practices for implementing new technologies, dealing with current threats, incorporating new security tools, and managing the human factor of security—that will serve you well into your career.

The ISC2 Guide to the CISSP CBK Second Edition

The Official ISC2 Guide to the CISSP CBK Second Edition
Click Here to get your copy or more details

"

(Read More... | Score: 0)


CISSP for Dummies 3rd Edition by Peter Gregory
Posted by boss on Tuesday, 02 February 2010 @ 14:31:47 EST (3817 reads)
Topic CISSP Books

cdupuis writes "

NOTE FROM CLEMENT:

This book has no fluff and is to the point.  This is a great book if you have dozen of years of experience and you do not want to read through the thousand of pages offered within some of the other books.   It is also a great resource for a last minute review of the ten domains.  It can help you identify key points rapidly and it has a bit of humour which makes this easier to read.  Peter Gregory has done a fantastic job in this book and I HIGHLY recommend it for your studies.   Do not be deceived by the title, it is all the opposite,  you would be dum not to get it.

The bestselling guide to CISSP certification – now fully updated for the latest exam!

The CISSP for DUMMIES third editon by Peter Gregory

There are currently over 75,000 CISSP certified people out there and thousands take this exam each year. The topics covered in the exam include: network security, security management, systems development, cryptography, disaster recovery, law, and physical security. CISSP For Dummies, 3rd Edition is the bestselling guide that covers the CISSP exam and helps prepare those wanting to take this security exam.

The 3rd Edition features 200 additional pages of new content to provide thorough coverage and reflect changes to the exam. Written by security experts and well-known Dummies authors, Peter Gregory and Larry Miller, this book is the perfect, no-nonsense guide to the CISSP certification, offering test-taking tips, resources, and self-assessment tools.

  • Fully updated with 200 pages of new content for more thorough coverage and to reflect all exam changes
  • Security experts Peter Gregory and Larry Miller bring practical real-world security expertise
  • CD-ROM includes hundreds of randomly generated test questions for readers to practice taking the test with both timed and untimed versions

 

Visit the link below to give us feedback about the new book:

https://www.cccure.org/forum-6.html

If you do find any mistakes, visit the link below to contribute them to the forum reserved for that purpose:

https://www.cccure.org/forum-74.html

CISSP For Dummies, 3rd Edition can lead you down the rough road to certification success!

Get all the details at:

https://www.amazon.com/CISSP for Dummies 3rd edition by Peter Gregory

"

(Read More... | Score: 5)


Where can I get the best price for the CISSP All In One 5th Edition?
Posted by boss on Tuesday, 02 February 2010 @ 13:55:22 EST (1403 reads)
Topic CISSP Books

cdupuis writes "

Lately I have received many emails from site visitors and members asking me WHY I am no longer selling the CISSP All In One 5th Edition book within my webstore at http://www.cccure.com.   The reason is very simple:  I cannot compete with large retailers and I will not sell you a book for $20 more just for the sake of taking away your money.   I prefer to refer you directly to Amazon or other source where the price is a lot lower, below you will find some of the prices advertised on leading book retailers sites and CISSP related sites as of the publication of this article.

The list price on McGraw Hill is: $79.99.  

As you can see below you MUST shop when you buy your book.  There is significant differences in the pricing being used by different vendors.  Let's face it, it is the exact same book for all of the vendors listed below, you may as well save significant amount of money by buying it directly from Amazon as they are offering service, fair price, quick shipping, and they are reputable as well.

CISSP.COM          $74.99

Logical Security    $65.00

Buy.com              $47.99

WallMart              $47.00

Amazon.com        $46.79

The WINNER is:  AMAZON.COM -- CLICK HERE TO GET YOUR COPY FROM AMAZON.COM

"

(Read More... | Score: 0)


CISSP All In One FIFTH EDITION book has been released
Posted by boss on Thursday, 21 January 2010 @ 22:49:04 EST (3447 reads)
Topic CISSP Books

cdupuis writes "

Get all the details at:

https://www.cccure.com/cart/products/CISSP-ALL-IN-ONE-FIFTH-EDITION-from-Shon-Harris.html

Just Released January 15, 2010 

A comprehensive, up-to-date revision of the market-leading CISSP training resource 

cissp_large.jpg



Written by the bestselling author and a respected IT security trainer Shon Harris, this exam guide offers complete coverage of all the material on the Certified Information Systems Security Professional (CISSP) exam. With full treatment of all the 10 exam domains, as developed by the International Information Systems Security Certification Consortium (ISC2), this definitive tool contains learning objectives at the beginning of each chapter, sidebars with in-depth technical explanations, practice questions, and real-world scenarios.

Detailed and authoritative, Shon Harris' CISSP All-in-One Exam Guide, Fifth Edition serves as both a comprehensive certification study guide and student work book, and a fundamental on-the-job reference. The CD-ROM includes more than 800 simulated practice questions in a Windows-based test engine, an electronic book, and video training from the author.

Book Details
Harcover:
 1008 pages
Dimensions (in inches):
 2.25 x 9.25 x 7.50
Publisher:
 McGraw-Hill Osborne Media; 5th edition (February 8, 2010)
Language:
 English
ISBN:

 0071602178 (OR) 978-0071602174

 


Shon Harris, CISSP, MCSE, is a security consultant, a former engineer in the Air Force Information Warfare Unit, an instructor, an author, and President of Logical Security.  

She has written two best selling CISSP books, and co-authored Hacker's Challenge and Gray Hat Hacking. Shon has developed a new security book series, being published by McGraw-Hill, which will be sold to corporations, universities, colleges, and professionals throughout the world. This series will set the new standards in security training, education, and industry practices.

She is an active contributor for Information Security Magazine and Windows 2000 Magazine. Shon has taught computer and information security to a wide range of clients including RSA, Department of Defense, Department of Energy, National Security Agency (NSA), Bank of America, Defense Information Systems Agency (DISA), BMC, and more.

Shon was recently recognized by Information Security Magazine as one of the top 25 women technologists, researchers and executives reshaping information security today.

 

 

Chapter 1: Reasons to Becoming a CISSP Chapter 2: Security Trends Chapter 3: Security Management Practices Chapter 4: Access Control Chapter 5: Security Architecture and Models Chapter 6: Physical Security Chapter 7: Telecommunications and Network Security Chapter 8: Cryptography Chapter 9: Business Continuity Planning and Disaster Recovery Chapter 10: Laws, Investigations, and Ethics Chapter 11: Applications and Systems Development Security Chapter 12: Operations Security Appendix: About the CD-ROM Index

Visit the link below to give us feedback about the new book:

https://www.cccure.org/forum-6.html

If you do find any mistakes, visit the link below to contribute them to the forum reserved for that purpose:

https://www.cccure.org/forum-74.html

Get all the details at:

https://www.cccure.com/cart/products/CISSP-ALL-IN-ONE-FIFTH-EDITION-from-Shon-Harris.html

"

(Read More... | Score: 0)


Download your FREE copy of Chapter 5 of the CISSP All In One Book
Posted by boss on Wednesday, 22 July 2009 @ 11:33:29 EDT (2443 reads)
Topic CISSP Books

cdupuis writes "

CISSP All In One 4th Edition 

 To show appreciation to their customers, Logical Security is giving away   free
 access to Chapter 5 of Shon Harris's All-In-One  CISSP Exam Guide, 4th edition

 This chapter, on Security  Architecture and Design, has not been available
 online  for free viewing before.


 All you need to do is click on the link below or paste it into your browser:

 http://www.logicalsecurity.com/book/ch05.pdf

 

 

 

 

"

(Read More... | Score: 0)


Review of the Shon Harris 4th Edition by Stephen Northcutt
Posted by boss on Thursday, 24 January 2008 @ 22:51:59 EST (4190 reads)
Topic CISSP Books

cdupuis writes "NOTE FROM CLEMENT:
Stephen is one of the smartest brain when it comes to Information Security. Read his review of the 4th edition book below. He is the king when it comes to study resources and is definitively the most competent person out there to judge the book and it's content. Here it is:

Stephen Northcutt’s CISSP Book Review

King of the hill for Security Tome, December 24, 2007

By Stephen Northcutt (Kauai, HI USA)

I have exchanged email with the author and we have had a few phone calls, but I cannot say that I know Shon Harris well. However, after reading the 4th edition of her very successful book, I feel I know her better. I love the humor in the italics at the beginning of sections and - warning - sometimes in line with the technical material. I appreciate the plain, clear, as simple as possible, way the information is presented. It would be easy to make these concepts sound hard, Shon does not do that, not ever; thank you! The charts and graphics on the main do a fantastic job of making the information clear. She does an extraordinary job of moving between well written prose and bullet points in a style reminiscent of Dorothy Denning. At three inches thick and running over 1100 pages, one certainly cannot fault her for leaving critical information out. This is on par with the Matt Bishop book of being the Information Security Tome. I can’t say that I learned that much reading the book since I do security all day, every day and have done so for years, but I never got bored and I went cover to cover ( not counting the detailed index in the back and the “so you want to be a CISSP in the front) and I was astounded by the author’s craft, she tells the story of security as well as anyone ever has.

You do not need me to vouchsafe the value of this book ( and the CD) to prepare for the CISSP exam. If Shon is not the best known author, she is certainly in the top two or three in this category. But, I believe this book has another equally important role. It is perfect for the CxO that wants to understand what security is, what they need to know about it. I understand the knee jerk response to that is, “you cannot ask a CEO to read 1100 pages”. Actually, the successful senior executives in the world are generally quite good at reading a LOT of information in a SHORT period of time. Shon is accurate, the writing is excellent, the diagrams help with “knowledge compression”, a CFO interested in security can zip through this like a zero turn mower on a two acre MacMansion.

Nitpicks, sigh, I wish ISC2 had settled on the standard approach to incident handling instead of creating their own broken one. The Quantum Cryptography section is actually Quantum Key Exchange, but hey! That is a nitpick, no reader of this book actually needs to know the difference. And critics will be overjoyed because Shon seems to have threat, risk, and vulnerability in the right pidgeon holes. The most serious flaw in the book is in chapter 12, Hack and Attack Methods, some of that stuff I know cold and I got a bit confused reading that section, but it is the end of the book and my guess is that folks were getting tired. A few network traces would go a long way towards bringing that section to life. And you know what? The book remains 5 stars. Even if that section was spot on, even if the thirty weak pages out of the 1070 strong pages were perfect, the book is not designed to prepare the reader to be an IPS analyst. The overall message is clear and compelling, the bad guys do evil things with packets; I get the message so will the reader, let’s move on.

The bottom line, if you think you know security and want to test your knowledge, buy the book, fire up the CD, install the test software and give yourself a run. Shon is a great author, but she has also compiled an awesome set of questions. Yes, they will prepare you for the CISSP exam, but they will also help you test your knowledge of security and your ability to think critically. If you have further questions about the book, or you disagree with my review, drop me a line and let’s talk about it

stephen@sans.edu."

(Read More... | Score: 4.57)


Errata Shon Harris CISSP All In One Book 4th Edition
Posted by boss on Thursday, 24 January 2008 @ 22:46:32 EST (7605 reads)
Topic CISSP Books

cdupuis writes "

THE LIST BELOW IS A PARTIAL LIST.  FOR A FULL LIST SEE:  https://www.cccure.org/ftopicp-33114.html#33114

 

CISSP All-In-One 4th Edition Errata

Chapter 3

Pg 97

In the table 3-4 Annual Loss Expectancy (ALE)

Should be changed to…

Annualized Loss Expectancy (ALE)

Chapter 4

Pg 188

SecureID needs to be changed to SecurID in two places within the box.

 

Chapter 5

Pg 294

If this does not happen properly, a deadlock situation may occur or a computer may not have enough resources to process other requests (resulting in a denial of service). A deadlock situation may occur when each process in a set of processes is waiting for an event to take place and that event can only be caused by another process in the set. Because each process is waiting for its required event, none of the processes will carry out their events—so the processes just sit there staring at each other.

Should be changed to…

If this does not happen properly, the system may run out of critical recourses (i.e. memory).

Pg 294

One example of a deadlock situation is when process A commits resource 1 and

needs to use resource 2 to properly coplete its task,

Should be changed to…

“Another situation to be concern about is a software deadlock. One example of a deadlock situation is when process A commits resource 1 and needs to use resource 2 to properly complete its task,


Chapter 6

Pg 436

Use three-prong connections or adapters if using two-prong cables.

Should be changed to “Use three-prong connections or adapters if using two-prong connections.”

 

Chapter 8

Pg 710

6. The private key = d.

Should be changed to…

“6. The private key = (n,d)

 

Pg 711

When a user encrypts a message with a public key, this message is encoded with a one-way function (breaking a glass). This function supplies a trapdoor (knowledge of how to put the glass back together), but the only way the trapdoor can be taken advantage of is if it is known about and the correct code is applied. The private key provides this service. The private key knows about the trapdoor, knows how to derive the original prime numbers, and has the necessary programming code to take advantage of this secret trapdoor to unlock the encoded message (reassembling the broken glass). Knowing about the trapdoor and having the correct functionality to take advantage of it are

what make the private key private.

Should be changed to…

When a user encrypts a message, the encryption process uses a one-way function (breaking a glass). This function supplies a trapdoor (knowledge of

how to put the glass back together), but the only way the trapdoor can be taken advantage of is if it is known about and the correct code is applied. The private or public key can provide this service. The keys know about the trapdoor, know how to derive the original prime numbers, and has the necessary programming code to take advantage of this secret trapdoor to unlock the encoded message (reassembling the broken glass). Knowing about the trapdoor and having the correct functionality to take advantage of it is what asymmetric algorithms are based on.

Chapter 9

Question 14 – Answer A. Project initiation, strategy development, business impact analysis, plan development, implementation, testing, and maintenance

Should be changed to …

Question 14 – Answer A. Project initiation, business impact analysis, recovery strategies plan development, implementation, testing, and maintenance

 

Chapter 12

Pg 1034

“Examples of life-cycle assurance standards are design specifications, clipping-level configurations…”

Needs to be changed to…

“Examples of life-cycle assurance standards are design specifications, …”

Pg 1061

“The write performance is not affected, but the read performance is increased dramatically because more than one head is retrieving data at the same time.”

Needs to be changed to…

 

“The write and read operations’ performance are increased dramatically because more than one head is either retrieving data or writing data at the same time.”

 

Pg 1081

“…65,535 TCP and 65,535 UDP ports. The first 1024 are said to be well-known ports. This means that a specific port number under 1025 is usually mapped to a well-known and used protocol.”

Needs to be changed to “…65,536 TCP and 65,536 UDP ports. The first 1024 (0-1023) are said to be well-known ports. This means that a specific port number under 1024 is usually mapped to a well-known and used protocol.”

Pg 1085

“John the Ripper is an example of a sniffer and password cracker…” needs to be changed to “John the Ripper is an example of a password cracker…”

"

(Read More... | Score: 0)

Recommended Training

Login here

Nickname

Password

Security Code:
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Recommended

CCCure Partners

BRAZIL

Logical IT

Best Security Training in Brazil

São Paulo
Rio de Janeiro
Belo Horizonte
Fortaleza
Brasilia

USA

SecureNinja.Com

SecureNinja Dojo

CANADA

360 Security Experts

CISSP Montreal
CISSP Ottawa
CISSP Toronto
CISSP Quebec City
CISSP Vancouver
CISSP Winnipeg

MIDDLE EAST

CISSP Dubai
CISSP Abu Dhabi
CISSP Qatar
CISSP Kuwait
CISSP Oman

THE OISSG GROUP
The OISSG serving the Middle East security needs

EUROPEAN UNION

CISSP Dublin, Ireland
CISSP London, UK
ESPION

Best security training you can get in Ireland

AFRICA

Lagos, Nigeria
CISSP and Security Training
Digital Encode

The best security training in Lagos and Nigeria

----------------------------
Cameroon
Security Training
CISSP, CEH, Security+
GETSEC

Best Security Training in Cameroon

Most Active Members

· 1: side_winder
Total points: 15336
· 2: webplu9
Total points: 15228
· 3: Lopezco
Total points: 8514
· 4: cissp_newbie
Total points: 7593
· 5: cdupuis
Total points: 7381
· 6: mikeyoung_fla
Total points: 5526
· 7: Vladimir
Total points: 4611
· 8: damoose
Total points: 3374
· 9: MMM
Total points: 2969
· 10: educk
Total points: 2553

Today's Big Story

There isn't a Biggest Story for Today, yet.

Random Headlines

Past Articles

There isn't content right now for this block.

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2007 by CCCure.Org, and the site maintainers Clement Dupuis and Nathalie Lambert. Reuse is strictly prohibited without written permission of CCCure.Org or it's maintainers.

This web site is not associated directly or indirectly with ISC2, the SANS Institute, ISACA, or other certification authority. The GCFW, CISSP, SSCP, ISSEP, ISSMP, CISA, and CISM are all the property of their respecful owners. The content of this site is provided to you freely due to the generosity of our sponsors.


  • Career
  • Magazines
  • Conferences
  • Study Books
  • Certifications
  • Training
  • Tutorials
  • Quizzes
  • Forums

    • Page Generation: 0.36 Seconds