본문 바로가기

[☩ Security ☩]

CISSP 참고 사이트

1)  The CISSP Open Study Guide :  http://www.cccure.org/ 
        (It's first on the list for a reason!)
NOTE:  See the left side, "Hal Tipton, Intro I" and  "Hal Tipton Intro 2" - as in "editor of HISM, that Hal Tipton". He provided two CISSP review courses, and then posted the slides here.  Same stuff you'd pay for in a CISSP Review class, but for free.

2)  Sample Exam :  http://www.infosecuritymag.com/oct99/sampleexam.htm 
This is only published sample exam blessed & approved by ISC^2 Use it to gauge your weaknesses, and to understand the format of the exam.  When taking the sample exam, if you don't KNOW the answer and guess correctly, this would be an area of marginal weakness, and may indicate further study is needed.


3)  Tipton & KRause 3rd Edition : http://secinf.net/info/misc/handbook/ewtoc.html
A major source of test questions in the past, still very useful stuff, and it's FREE.

4)  HIGHLY Recommended:
Signup for the CISSPStudy_1 list, run by Ginger Doetsch :
http://groups.yahoo.com/group/CISSPStudy_1
Signup for the CISSPStudy e-mail list : http://infosec.gungadin.com/index2.shtml

5)  Why be a CISSP? : http://www.infosecuritymag.com/oct99/profcert.htm

Additional CISSP resources, loosely grouped

CISSP Prep Course materials :  http://www.consec.org
CISSP Practice Exam : http://www.cissps.com/Cissp_Exam/Practice/practice.html
CISSP Forums :  http://forum.cissps.com/ubbcgi/Ultimate.cgi?action=intro

The InfoSec Management 2000Handbook:
http://www.itknowledge.com/reference/standard/0849399742/ewtoc.html
 (you only get 1-2 clicks before you have to pay, so choose your chapter carefully!)

For Crypto Newbies :  http://15seconds.com/issue/991216.htm
Crypto Made Easy :  http://www.cissps.com/Cissp_Exam/Practice/crypto.html
Intro to PKI : http://docs.iplanet.com/docs/manuals/security/pkin/index.htm
Intro to SSL : http://docs.iplanet.com/docs/manuals/security/sslin/index.htm
RSA Labs Crypto FAQ :  http://www.rsasecurity.com/rsalabs/faq/index.html
Bruce Schneier's Crypto Hotlinks :  http://www.counterpane.com/hotlist.html
W3.org's Internet Security Resource Page : http://www.w3.org/Security/
TCSec Coverage WITH TESTS! ! : http://www.radium.ncsc.mil/tpep/library/ramp-modules/
  (see especially 5,6,7,8,9,11 which have coverage beyond just TCSec)
 
DoD Rainbow Series :
http://www.radium.ncsc.mil/tpep/library/rainbow/
(in theory no longer on the exam, but I've heard rumors in listservs
that TSEC stuff still appears on the test)
Role-Based Access Contro l : 
http://hissa.ncsl.nist.gov/rbac/
RSA's Crypto Glossary : http://www.rsasecurity.com/developers/total-solution/glossary.html
RSA's VPN Tutorial :  http://www.rsasecurity.com/products/securid/whitepapers/vpns/index.html
Computer Forensics Overview : http://www.ddj.com/articles/2000/0009/0009f/0009f.htm
Firewalls Complete, online book : http://secinf.net/info/fw/complete/
Trust in Cyberspace, online book : http://www.nap.edu/readingroom/books/trust/
TEMPEST : http://www.eskimo.com/~joelm/tempest.html

Large Archive of Security Articles :  http://www.nwfusion.com/newsletters/sec/
  (Mostly Physical Security, Network Security, and Security and Policy Management  )

HUGE compendium of InfoSec sources : http://www.infosyssec.net/index.html
  (note the left-hand side, which are all the topics covered)

Computer Security Institute's Archive of InfoSec Articles : http://www.gocsi.com/excerpt.htm
ACSA InfoSec Bookshelf :  http://www.acsac.org/secshelf/book001/book001.html
Discussion of Optical Lenses :  http://www.photo.net/photo/optics/lensTutorial.html
US Navy Physical Security Manual :  http://neds.nebt.daps.mil/Directives/5530_14c.pdf
Good source of quizzes :
http://www.sans.org/infosecFAQ/index.htm
(remember - GIAC and CISSP have a different focus)

Many books/papers about firewalls : http://secinf.net/ifwe.html
GASSP :  http://www.all.net/books/GASSP2.html
Big ol' List o' Crypto on Bruce Schneier's Site : http://www.counterpane.com/biblio/all-by-author.html
Many miscellaneous papers, some definitely by hackers : http://www.insecure.org/reading.html
( set grain of salt = on)


Source :  http://www.sis.pe.kr/2086

'[☩ Security ☩]' 카테고리의 다른 글

범죄 수사팀 CATCH  (0) 2008.07.25
Linux 계열 배포판 사이트  (6) 2008.07.25
UCC 범죄 및 각업체의 검색기법  (4) 2008.07.04
네이트온 바이러스 조심하세요  (8) 2008.07.01
Live CD 모음  (0) 2008.07.01