Penetration Testing mailing list archives
[PEN-TEST] Cissp
From: "Sassaman, Kim" <Kim.Sassaman () SCHWAB COM>
Date: Mon, 11 Sep 2000 16:20:19 -0700
This is off topic but what resources did you use to study for the CISSP certification. Im looking into taking the exam and was wondering if there were some better refrences than the study guide availiable?? Kim Sassaman Charles Schwab, Inc. Technology Innovation Information Security Services Senior Staff - Access Engineering 2343 East Lincoln Drive Phoenix, AZ 85016 Member: SIPC/New York Stock Exchange [Work] 602-355-3330 [Mobile] 602-421-4916 [MobileMail] 6024214916 () mobile att net <mailto:6024214916 () mobile att net> [Pager] 877-568-4936 [PageMail] 8775684936 () skytel com <mailto:8775684936 () skytel com> WARNING: All e-mail sent to or from this address will be received orotherwise recorded by the Charles Schwab corporate e-mail system and issubject to archival, monitoring or review by, and/or disclosure to,someone other than the recipient. -----Original Message----- From: Meritt, Jim [mailto:Jim.Meritt () WANG COM] Sent: Monday, September 11, 2000 12:40 PM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: [PEN-TEST] Testing a "rogue site" Concur. To have a system to secure, you need the system. Has anyone noticed that the original question was totally non-technical? There seems to be a belief that all that is involved is technical. There is more to it than that. How do you write up what you find? How do you "sell" it (to management). The business aspects appear to be totally overlooked. The "dot coms" thought that way. Notice the business failures? _______________________ The opinions expressed above are my own. The facts simply are and belong to none. James W. Meritt, CISSP, CISA Senior Information Systems Security and Audit Analyst, Information Assurance Center of Excellence Wang Government Services, Inc. -----Original Message----- From: Karyn Pichnarczyk [mailto:karyn () SANDSTORM NET] Sent: Monday, September 11, 2000 12:47 PM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: Testing a "rogue site" [snip] I totally disagree with the two rules stated above. yes, You need your company's written approval of your responsibilities. But unless you go by the One and Only rule, you will not last long in the security trade: 1. Business Must Continue. If this rule is not followed, then it doesn't matter how good or bad the security posture is: the company just won't exist! [snip]
Current thread:
- [PEN-TEST] Cissp Sassaman, Kim (Sep 12)
- Re: [PEN-TEST] Cissp Alfred Huger (Sep 12)
- Re: [PEN-TEST] Cissp Bradley M Alexander (Sep 12)
- Re: [PEN-TEST] Cissp Ben Rothke (Sep 12)
- <Possible follow-ups>
- Re: [PEN-TEST] Cissp Meritt, Jim (Sep 12)
- Re: [PEN-TEST] Cissp David Hopkins (Sep 12)
- Re: [PEN-TEST] Cissp LaViscount, Philip (Sep 12)
- Re: [PEN-TEST] CISSP McWhirter Family (Sep 12)
- Re: [PEN-TEST] Cissp Masse, Robert (Sep 12)
- Re: [PEN-TEST] Cissp Less, Linda (Sep 12)
- Re: [PEN-TEST] Cissp Bhanu Prasad (Sep 12)
(Thread continues...)