Re: [PLUG] I need a book recommendation

JP Vossen on 21 May 2012 20:06:37 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] I need a book recommendation

From: JP Vossen <jp@jpsdomain.org>
To: plug@lists.phillylinux.org
Subject: Re: [PLUG] I need a book recommendation
Date: Mon, 21 May 2012 23:06:30 -0400
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: plug-bounces@lists.phillylinux.org
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120329 Thunderbird/11.0.1

Date: Fri, 18 May 2012 22:21:41 -0400 (EDT)
From:jazzman@exdomain.org

I wanted to start learning about computer and network security and things
related to that and I'm looking for a few good books to start reading.
Unfortunately the only books I've found readily available in book stores
are certification study guides and I'm not sure that's the best place to
start. I was looking for something more like a textbook or something like
that.

Does anyone have any good recommendations?


I'm late to the party, but...

+1 _The Cuckoo's Egg_

+1 for Schneier but not _Cryptography Engineering_. I'd favor_Practical Cryptography_ and _Secrets & Lies_ for this use case.


Also, this *sounds* perfect, but there is a catch:

http://it.slashdot.org/story/12/05/18/1321256/book-review-elementary-information-security
Book Review: Elementary Information Security
Section it Department read-all-about-it
Filed under security
Creator samzenpus

benrothke writes "Elementary Information Security, based on its title,weight and page length, I assumed was filled with mindless screen shotsof elementary information security topics, written with a large font, inorder to jack up the page count. Such an approach is typical of far toomany security books. With that, if there ever was a misnomer of title,Elementary Information Security is it."

For anyone looking for a comprehensive information security referenceguide - Elementary Information Security is it. While the title may sayelementary, for the reader who spends the time and effort to completethe book, they will come out with a complete overview of everysignificant information security topic.

The book is in fact a textbook meant to introduce the reader to thetopic of information security. But it has enough content to be of valueto everyone; security notices or experienced professional.

Author Richard Smith notes that if you want to get a solid understandingof information security technology, you have to look closely at theunderlying strengths and weakness of information technology itself,which requires a background in computer architecture, operating systemsand computing networking.

With that, Elementary Information Security is a tour de force thatcovers every information security topic, large and small. The book alsoprovides a relevant overview of the peripheral topics that are embeddedinto information security.

In 17 chapters covering over 800 pages, the book is well organized andprogressively gets more complex.


[... lots more, go read the post on /. ]

The book is not meant as a For Dummies guide to the topic, and itassumes a college-level comprehension of relevant mathematical concepts.Note though that the requisite math is detailed in the sections onencryption and cryptography.

The book is also the first textbook certified by the NSA to comply withthe NSTISSI 4011 standard, which is the federal training standard forinformation security professionals. The author notes on his blog that inorder to gain that certification, he had to map each topic required bythe standard to the information as it appears in the textbook.

Given the value of the book, (ISC) should consider using this title as areference for their CISSP certification. With all of the CISSPpreparation guides available, even the Official (ISC)2 Guide to theCISSP CBK, one is hard pressed to find a comprehensive all-embracingsecurity reference such as this. Some may even want to simply use thisbook as their definitive CISSP study guide.

For those looking for a single encyclopedic reference on informationsecurity, they should look no further than Elementary InformationSecurity. Richard Smith has written a magnum opus on the topic, whichwill be of value for years to come.


--- End of excerpted book review ---

Sounds perfect right? I want one too. The problem is, it's $130 new...Maybe you can find a library that has it?


Later,
JP
----------------------------|:::======|-------------------------------
JP Vossen, CISSP            |:::======|      http://bashcookbook.com/
My Account, My Opinions     |=========|      http://www.jpsdomain.org/
----------------------------|=========|-------------------------------
"Microsoft Tax" = the additional hardware & yearly fees for the add-on
software required to protect Windows from its own poorly designed and
implemented self, while the overhead incidentally flattens Moore's Law.
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] I need a book recommendation
  - From: jazzman@exdomain.org

Prev by Date: [PLUG] PLUG W Follow-up
Next by Date: Re: [PLUG] I need a book recommendation
Previous by thread: Re: [PLUG] PLUG W Follow-up
Next by thread: Re: [PLUG] I need a book recommendation
Index(es):
- Date
- Thread