LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-29-2004, 10:04 AM   #1
leeach
Member
 
Registered: Sep 2003
Location: /dev/null
Distribution: FreeBSD 5.4, OpenBSD 3.7
Posts: 95

Rep: Reputation: 15
Certifications: CISSP


Looking for some advice from experienced people in the field.
(chort, where are you? )

I'm a Systems Admin here in the U.S. Army, and am attempting to get Uncle Sam to reimburse me for my Certifications. I'm very interested in the Infosec field, and am looking for some real world advice here from anyone who has obtained the CISSP or other security-oriented Certs.

I have been doing lots of studying on my own, I have CISSP study guides from ISC2, Ben Rothke, Derek Prueitt, Ryan Sebastian, and Steve Winterfield. I also have presentations/sample questions, whitepapers, exam crams, summaries, etc.
I've basically been stocking up on as much data as possible, burning it to CD's and studying as much as I can on my free time. What books would you recommend? Mailing lists?

I know that there are prerequisite Certs I must obtain before even attempting the CISSP,if I'm not mistaken, along with a proven track record requirement of 3+ years experience in an Infosec field. Would my military experience have any validity in this case?

What would be the best Certs to obtain to reach my goal in the most effiecent yet most fulfilling manner? Would the CompTIA and GIAC Certs be a good way to start?
I would appreciate if anyone could give me some input on these questions, as I wouldn't want to get started out on the wrong foot and waste my time and resources. Thanks and god bless.

Mods, forgive me if this thread is in the incorrect forum, it seems like the best place to post.


Last edited by leeach; 02-29-2004 at 10:06 AM.
 
Old 02-29-2004, 03:04 PM   #2
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Well I can't give you any guidance about other certs, because I don't have any (and it's fairly unlikely that I would get any besides the SANS stuff).

For the CISSP, I read (cover to cover, and reviewed twice) All-In-One CISSP Certification by Shon Harris. The book was very complete, but there was at least one area that she didn't cover that was actually on the test. For that reason I would highly recommend reading study material from multiple authors (like you're doing). Also, like I mentioned I reviewed the book twice after the initial reading.

I went back over all the end-of-chapter summaries once just to make sure I understood all the concepts, then I started taking a bunch of practice tests at www.cccure.org. After taking several practice tests, it was apparent that my understanding of a few areas wasn't as good as it should be, so I went back and read the highlights from those chapters in the book. Then I went back to www.cccure.org and setup a bunch of tests (about 20) that only tested my knowledge of the areas I had problems with before. That time I did well. Oh, I should point out that earlier I read Building Internet Firewalls by Zwicky, Cooper, & Chapman and that provided a lot of foundational knowledge that came in handy.

The night before the test I got a long night of sleep (essential). I got up earlier than necessary so I could again read all the end-of-chapter summaries. Then I went to the test and made sure that a) I went to the restroom and b) took a bottle of water. Normally I guess they don't allow drinks, but they made an exception for our test group. The reason I didn't want to have to interrupt the test was so I wouldn't lose my train of thought. A lot of the questions relate to each other.

For taking the actual test, I went over all the questions once and I marked in the question book (not on the answer sheet!) the answers that I knew for sure. After I was all the way to the end, I started over at the beginning and transfered all my answers from the question booklet onto the answer sheet. When I got to a question that I hadn't answered, I either guessed, or I knew the answer based on some of the other questions I had read.

I ended up finishing in slightly over 3 HRs. Don't rush yourself to finish quickly though, you get plenty of time. The reason I went so fast was so I wouldn't get frustrated with the amount of time it was taking. I start to guess when I get impatient, so I tried to move along quickly without guessing.

OK, so that's the preparation and taking the test. The prerequisites are something like 5 years in InfoSec or 4 years + a 4 year degree (I think that's right). The good news is that a lot of experience will qualify as InfoSec, if it was a primary part of your job. I can't remember whether military experience counts. If you don't qualify for the CISSP (which isn't that difficult to do if you've held computer jobs, or jobs where you need to make security decisions), then you can take the SSCP which doesn't require as much background and is half the amount of questions as the CISSP test.

As for other certs, the only ones I'm considering are those offered by the SANS institute. The SANS certs are very hands-on and practical. The questions are actual examples from the areas you're studying (like UNIX security, etc) and they also make you write research papers. They're fairly well respected, especially the Forensics cert.

I wouldn't bother with any of the "intro" certs, like the Security+.
 
Old 02-29-2004, 04:52 PM   #3
leeach
Member
 
Registered: Sep 2003
Location: /dev/null
Distribution: FreeBSD 5.4, OpenBSD 3.7
Posts: 95

Original Poster
Rep: Reputation: 15
Quote:
Originally posted by chort
[B]Well I can't give you any guidance about other certs, because I don't have any (and it's fairly unlikely that I would get any besides the SANS stuff).
Well let's theoretically say in the course of the next 4 years, which is more or less how long it will take me to obtain my Bachelors in CS, that my occupation hasn't given me the opportunity to make many security-oriented decisions. This is highly unlikely but bear with me. In your professional opinion, do you think it would be enough to qualify for, let's say 6 years of service in the military as Infosec experience. Or would it be more reasonable to say no? I am sorry about these questions, but it is something I really want to do. If the experience wasn't enough, would you recommend to start off with the SSCP over SANS, or vice versa?


Oh and also, www.cccure.org is where I found most of the study guides, it's a great site.
Here are a few other links I've come across that you may or may not be aware of:
https://www.isc2.org/cgi-bin/index.cgi
http://www.rothke.com/
http://www.sbin.com/erik/security/cissp_reference.html
http://cissp.christophstrizik.net/
http://www.securestandard.com/index.php?c=6
http://victoria.tc.ca/int-grps/books...v/mnbksccd.htm
http://comsec.theclerk.com/

These may or may not be of any use to you, but just thought I would list them.


Quote:
I ended up finishing in slightly over 3 HRs.
Wow.


Quote:
As for other certs, the only ones I'm considering are those offered by the SANS institute. The SANS certs are very hands-on and practical. The questions are actual examples from the areas you're studying (like UNIX security, etc) and they also make you write research papers. They're fairly well respected, especially the Forensics cert.
Interesting, would you have any opinion on GIAC certs, aren't they on par with SANS?


Quote:
I wouldn't bother with any of the "intro" certs, like the Security+.
Ok, you have no idea how much relief that is for me.

Well, thank you chort, its refreshing to know there is someone on these forums I can count on for indepth professional advice. I truly appreciate you answering this thread and thank you again!

I'm going to jot down these suggestions for books and test tips, and hope you can find the time to answer my second set of questions. Thanks again!

Last edited by leeach; 02-29-2004 at 04:54 PM.
 
Old 02-29-2004, 06:08 PM   #4
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
FYI the GIAC certs are from SANS. I believe they do have some more intro-oriented certs, but in general they're very specific and pretty tough (from what I hear). On the bright side, having a GIAC cert at least shows that you know something practical.

Six years in the military may very well qualify for security experience. I forgot to mention that there are some non-computer areas of security covered, especially physical security. If you, for instance, do perimeter security for a military base (were on patrol, manned a guard post, etc) that would qualify (in my opinion, but do not take my word for it). The trick is that you need experience in several of the 10 domains of the CBK. Review the 10 domains on (ISC)^2's website to see which you might have experience in.

The 10 domains are:[list=1][*]Security Management Practices[*]Acess Control[*]Security Models and Architecture[*]Physical Security[*]Telecommunications and Networking Security[*]Cryptography[*]Disaster Recovery and Business Continuity[*]Law, Investigation, and Ethics[*]Application and System Development[*]Operations Security[/list=1]

I would think that military experience should give you some experience in Access Control, Security Models & Arch, Pysical Security, Telcomm & Net Sec, and quite possibly Cryptography.

If you can't come up with the 60 HRs required, then I would say go for the SSCP. I'd go ahead and do that before you finish school, that way you already have it under your belt and you'll be able to move up to the CISSP. Oh, I forgot to mention that the CISSP (and SSCP) is largely a "best practices" cert, i.e. it tests your knowledge on what correct policies and procedures are, not on specific technical areas (i.e. what's the difference between a packet filter and proxy firewall, rather than what's the difference between CheckPoint FW-1 and Sidewinder).

Last edited by chort; 02-29-2004 at 06:09 PM.
 
Old 02-29-2004, 08:06 PM   #5
leeach
Member
 
Registered: Sep 2003
Location: /dev/null
Distribution: FreeBSD 5.4, OpenBSD 3.7
Posts: 95

Original Poster
Rep: Reputation: 15
If I happen to come up with any more questions, I'll just add on to this thread.

Great info chort, once again thank you.
 
Old 03-01-2004, 03:28 PM   #6
OlRoy
Member
 
Registered: Dec 2002
Posts: 304

Rep: Reputation: 86
If i'm not mistaken the SSCP is like a slimed down CISSP exam covering not as many "domains" and doesn't go into the amount of detail in each one. Heres the domains listed in the SSCP Study Guide by Syngress.

Access Controls
Administration
Audit and Monitoring
Risk, Response and Recovery
Cryptography
Data Communications
Malicious Code or Malware


I know where you can get e-books, training videos, and practice tests on a just about any certification or topic there is in IT from programing to forensics, including security certs. Theres a couple places where CISSP training videos have been posted... Its a nice online community dedicated to learing for free. Where to find it would probably have to be taken up via PM though.
 
Old 03-01-2004, 03:39 PM   #7
leeach
Member
 
Registered: Sep 2003
Location: /dev/null
Distribution: FreeBSD 5.4, OpenBSD 3.7
Posts: 95

Original Poster
Rep: Reputation: 15
so PM me, thanks for the help

why not just post it? is this a secret organization? lol
 
Old 03-01-2004, 04:15 PM   #8
OlRoy
Member
 
Registered: Dec 2002
Posts: 304

Rep: Reputation: 86
hehe nah its not a secret organization. I'm just not sure if it would be violating the AUP of this site. I tried PM'ing you but apparently you have to be a "contributing member" to use PM. Do you have a junk email address i could email it to?
 
Old 03-01-2004, 04:42 PM   #9
leeach
Member
 
Registered: Sep 2003
Location: /dev/null
Distribution: FreeBSD 5.4, OpenBSD 3.7
Posts: 95

Original Poster
Rep: Reputation: 15
sure I got a junker,

pokerfreek187@yahoo.com


Thanks man I'm looking forward to find out about this, and I'm pretty sure everyone posts links here, I don't think it's against policy...
 
Old 03-01-2004, 04:53 PM   #10
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
No, but it's against policy if they're offering copyrighted works for free without the author's consent.

Which, incidentally would be covered by the Ethics portion of the CISSP... It's pretty despicable that someone would be offering pirated training material for the CISSP, since the (ISC)^2 code of ethics (that you MUST agree to in order to take the test) is clearly against that type of thing.

Last edited by chort; 03-01-2004 at 04:54 PM.
 
Old 03-01-2004, 05:35 PM   #11
OlRoy
Member
 
Registered: Dec 2002
Posts: 304

Rep: Reputation: 86
^^ Are you saying that with a hard drive full of MP3's?

I didn't email him any pirated material... But now that you brought it up i don't think downloading pirated software is wrong unless the company loses a sale. I'm sure atleast 80% of the pirates fall in that category. They only download something because they can get it for free. The other 20% is people who download it to get out of paying for the software which costs the company money.

Sinning is against religion but it doesn't stop people from being religious.

Last edited by OlRoy; 03-01-2004 at 10:17 PM.
 
Old 03-01-2004, 07:06 PM   #12
leeach
Member
 
Registered: Sep 2003
Location: /dev/null
Distribution: FreeBSD 5.4, OpenBSD 3.7
Posts: 95

Original Poster
Rep: Reputation: 15
aaah I see now, there are some illegal wares on the site, but I won't be partaking in any of it, I'm gonna post the e-books I have and download others that I don't.
 
Old 03-01-2004, 07:11 PM   #13
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Erm, hello? e-books that were posted by the author and/or publisher freely, or e-books that someone paid for and is now distributing? Just because something is on the net doesn't make it OK to take.

And if you must know, I do have several Gigs of MP3s... all ripped from CDs I own. Don't hijack the thread into a moral debate over piracy. I clearly said that as part of the CISSP certification, you agree to abide by the (ISC)^2 code of ethics, and that prohibits this sort of thing.
 
Old 03-01-2004, 08:39 PM   #14
leeach
Member
 
Registered: Sep 2003
Location: /dev/null
Distribution: FreeBSD 5.4, OpenBSD 3.7
Posts: 95

Original Poster
Rep: Reputation: 15
Well, I'm not trying to hijack the thread...

Many e-books are freely distributed on the net and on this site given to me... mostly study notes, and cheat sheets if you must know.. pretty good resource besides the legality issues...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Certifications.. Madmanator General 15 06-30-2004 08:46 AM
Certifications Help? Waalern Linux - Certification 3 06-11-2004 05:50 AM
Certifications scheidel21 Linux - General 30 02-26-2004 10:07 PM
CISSP info needed !!! hitesh_linux Linux - General 3 07-28-2003 01:11 PM
Certifications luger Linux - General 8 05-03-2002 03:35 AM


All times are GMT -5. The time now is 06:35 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration