WebApp Sec mailing list archives
RE: Notes from CISSP class with Dr. Eric Cole
From: "Lyal Collins" <lyal.collins () key2it com au>
Date: Thu, 6 Oct 2005 08:22:45 +1000
Having recently reviewed some on-line CISSP materials I'd agree with this - that the CISSP answers are structured around knowing definitions, terminology and concepts particular to CISSP study materials, not those used in real life nor real life complexity in systems and security management. That doesn't mean CISSP is bad (nor that real life is wrong), just that this is the way CISSP works, and we as security professionals need to be aware of that whenever we need to make judgements that relate to the value of CISSP. Lyal -----Original Message----- From: Saqib Ali [mailto:docbook.xml () gmail com] Sent: Thursday, 6 October 2005 12:52 AM To: Garth Somerville Cc: webappsec () securityfocus com Subject: Re: Notes from CISSP class with Dr. Eric Cole Hello Garth, While I agree with most of what you said, what I published at < http://www.xml-dev.com/blog/?action=viewtopic&id=150 > is what is required for CISSP certification. CISSP is theoratical exam, and sometimes practical knowledge, can lead you to wrong answers on the test. On 10/4/05, Garth Somerville <therealgarth () yahoo com> wrote:
.... The notes are available at: http://www.xml-dev.com/blog/?action=viewtopic&id=150Hello Saqib: Under "IDS Events Defined," you make a great observation about IDS, but classifying all traffic as either "Attack Traffic" or "Normal Traffic" can be misleading as it relates to the next section, "IDS Methods of Operation." Not all abnormal traffic represents an attack, and not all normal traffic represents authorized activity. Also, positioning anomaly detection as being both default deny and more secure could be misleading.
-- In Peace, Saqib Ali http://www.xml-dev.com/blog/ Consensus is good, but informed dictatorship is better.
Current thread:
- Notes from CISSP class with Dr. Eric Cole Saqib Ali (Oct 02)
- Re: Notes from CISSP class with Dr. Eric Cole Garth Somerville (Oct 04)
- Re: Notes from CISSP class with Dr. Eric Cole Saqib Ali (Oct 05)
- RE: Notes from CISSP class with Dr. Eric Cole Lyal Collins (Oct 05)
- Re: Notes from CISSP class with Dr. Eric Cole Saqib Ali (Oct 05)
- <Possible follow-ups>
- RE: Notes from CISSP class with Dr. Eric Cole Harley David (Oct 10)
- RE: Notes from CISSP class with Dr. Eric Cole Lyal Collins (Oct 10)
- RE: Notes from CISSP class with Dr. Eric Cole Harley David (Oct 11)
- RE: Notes from CISSP class with Dr. Eric Cole Lyal Collins (Oct 11)
- RE: Notes from CISSP class with Dr. Eric Cole Michael Krzeszkowski (Oct 11)
- RE: Notes from CISSP class with Dr. Eric Cole Lyal Collins (Oct 11)
- Re: Notes from CISSP class with Dr. Eric Cole danew123 (Oct 11)
- Re: Notes from CISSP class with Dr. Eric Cole Eoin Keary (Oct 11)
- Re: Notes from CISSP class with Dr. Eric Cole dreamwvr (Oct 11)
- Re: Re: Notes from CISSP class with Dr. Eric Cole f_kenisky (Oct 11)
- Re: RE: Notes from CISSP class with Dr. Eric Cole f_kenisky (Oct 11)
(Thread continues...)
- Re: Notes from CISSP class with Dr. Eric Cole Garth Somerville (Oct 04)