Jay Dobies on 8 Jun 2012 06:36:16 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] I need a book recommendation


On 06/08/2012 09:27 AM, Paul Walker wrote:
Found a copy of Cuckoo's Egg at the thrift store last week for a dollar.
A great read - reminds me of the old days.

You guys sold me on it too, I'm about half way through it. :)

Paul

On Mon, May 21, 2012 at 11:24 PM, <jazzman@exdomain.org
<mailto:jazzman@exdomain.org>> wrote:

    Well the upside for me is that beyond my own curiousity on the
    topic, my company is willing to fund me upping my knowledge in this
    area (and they've gone so far as to discuss sending me back to
    school for a degree with a focus on security of some sort). So I'm
    fairly certain my manager will approve expensing the book. I'll talk
    to him tomorrow and give him a list of a few of the books you guys
    have mentioned to me and I'm 99% sure he'll be ok with just having
    the company cover it.

    Thanks to all of you guys for the info and leads. It is greatly
    appreciated and hopefully I'll learn to enough to be able to
    contribute back to the group at some point.

    Thanks again
    Marc


    On Mon, 21 May 2012, JP Vossen wrote:

        I'm late to the party, but...

        +1 _The Cuckoo's Egg_

        +1 for Schneier but not _Cryptography Engineering_.  I'd favor
        _Practical Cryptography_ and _Secrets & Lies_ for this use case.

        Also, this *sounds* perfect, but there is a catch:

        http://it.slashdot.org/story/ 12/05/18/1321256/book-review-
        elementary-information- security
        <http://it.slashdot.org/story/12/05/18/1321256/book-review-elementary-information-security>
        Book Review: Elementary Information Security
        Section it Department read-all-about-it
        Filed under security
        Creator samzenpus

        benrothke writes "Elementary Information Security, based on its
        title, weight and page length, I assumed was filled with
        mindless screen shots of elementary information security topics,
        written with a large font, in order to jack up the page count.
        Such an approach is typical of far too many security books. With
        that, if there ever was a misnomer of title, Elementary
        Information Security is it."

        For anyone looking for a comprehensive information security
        reference guide - Elementary Information Security is it. While
        the title may say elementary, for the reader who spends the time
        and effort to complete the book, they will come out with a
        complete overview of every significant information security topic.

        The book is in fact a textbook meant to introduce the reader to
        the topic of information security. But it has enough content to
        be of value to everyone; security notices or experienced
        professional.

        Author Richard Smith notes that if you want to get a solid
        understanding of information security technology, you have to
        look closely at the underlying strengths and weakness of
        information technology itself, which requires a background in
        computer architecture, operating systems and computing networking.

        With that, Elementary Information Security is a tour de force
        that covers every information security topic, large and small.
        The book also provides a relevant overview of the peripheral
        topics that are embedded into information security.

        In 17 chapters covering over 800 pages, the book is well
        organized and progressively gets more complex.

        [... lots more, go read the post on /. ]

        The book is not meant as a For Dummies guide to the topic, and
        it assumes a college-level comprehension of relevant
        mathematical concepts. Note though that the requisite math is
        detailed in the sections on encryption and cryptography.

        The book is also the first textbook certified by the NSA to
        comply with the NSTISSI 4011 standard, which is the federal
        training standard for information security professionals. The
        author notes on his blog that in order to gain that
        certification, he had to map each topic required by the standard
        to the information as it appears in the textbook.

        Given the value of the book, (ISC) should consider using this
        title as a reference for their CISSP certification. With all of
        the CISSP preparation guides available, even the Official (ISC)2
        Guide to the CISSP CBK, one is hard pressed to find a
        comprehensive all-embracing security reference such as this.
        Some may even want to simply use this book as their definitive
        CISSP study guide.

        For those looking for a single encyclopedic reference on
        information security, they should look no further than
        Elementary Information Security. Richard Smith has written a
        magnum opus on the topic, which will be of value for years to come.

        --- End of excerpted book review ---

        Sounds perfect right?  I want one too.  The problem is, it's
        $130 new... Maybe you can find a library that has it?

        Later,
        JP
        ----------------------------|: ::======|---------------------
        ----------
        JP Vossen, CISSP            |:::======| http://bashcookbook.com/
        My Account, My Opinions     |=========| http://www.jpsdomain.org/
        ----------------------------|= ========|---------------------
        ----------
        "Microsoft Tax" = the additional hardware & yearly fees for the
        add-on
        software required to protect Windows from its own poorly
        designed and
        implemented self, while the overhead incidentally flattens
        Moore's Law.
        ______________________________ ______________________________
        _______________
        Philadelphia Linux Users Group         -- http://www.phillylinux.org
        Announcements - http://lists.phillylinux.org/
        mailman/listinfo/plug-announce
        <http://lists.phillylinux.org/mailman/listinfo/plug-announce>
        General Discussion  -- http://lists.phillylinux.org/
        mailman/listinfo/plug
        <http://lists.phillylinux.org/mailman/listinfo/plug>

    ______________________________ ______________________________
    _______________
    Philadelphia Linux Users Group         -- http://www.phillylinux.org
    Announcements - http://lists.phillylinux.org/
    mailman/listinfo/plug-announce
    <http://lists.phillylinux.org/mailman/listinfo/plug-announce>
    General Discussion  -- http://lists.phillylinux.org/
    mailman/listinfo/plug
    <http://lists.phillylinux.org/mailman/listinfo/plug>




___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug


--
Jay Dobies
Freenode: jdob @ #pulp
http://pulpproject.org | http://blog.pulpproject.org
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug