I wonder why the "To ccieToBe" thread was closed. I assume it was a mistake since there wasn't any flaming.

CISSP is almost the CCIE of security. From what I've heard it's somewhere between RHCE and CCIE in difficulty.

Report this post to a moderator

Not sure. Maybe because the link was to another forum? Weird. Anyway, it's odd, that thread was the first I have heard of the CISSP, but with security being an increasingly important area, it will probably become better known in the future. That's the area you're looking to specialise in, right? I still haven't done much study in that area yet, apart from a theoretical cryptography course I had back at LSU.

Report this post to a moderator

Security's one of three areas I'd like to specialize in. The other two are internetworking and Unix. More specifically I'd like to do design in these three areas. Right now I have a very general job, so I get to work with some aspects of all three of these, but I also have to deal with end users.

Report this post to a moderator

I am into internetworking and UNIX as well, but so far have learned relatively little about security. I know lots of the math behind it, but have almost no experience of how serious security measures are implemented in practice. I have done basic security on my box at home, but that amounted to little more than setting permissions and editing access lists. What resources would you recommend for those looking to learn more about security?

Report this post to a moderator

For someone who's new to security I'd recommend reading "Hacking Exposed". It's not very technical. The main point is to scare you into taking security seriously and to show how some of the more common attacks work. It also gives you a general idea of what's going on. I think the second edition either just came out, or will soon.

I've heard good things about "Building Linux and OpenBSD Firewalls." Haven't read it yet though.

Also take a look at the documentation for the various security apps and operating systems that are out there. Cisco has some good white papers too.

You probably already know the two most important security rules when dealing with *nix -- disable any unused services and install the latest stable versions of what is being used.

You'd probably get a lot of responses if you posted this question on the Checkpoint forum.

Report this post to a moderator

I already have the "Hacking Exposed" book, most of that material I know already, I'll check out the Firewall book when I have time. I think I will finish my HP-UX, MCP (I consider the 70-210 as an "updated" A+ OS exam) and CCNP before going on to checkpoint, though. Thanks.

Report this post to a moderator