Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "The GSEC Prep Guide", Mike Chapple

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKGSECPG.RVW 20030918 The GSEC Prep Guide , Mike Chapple, 2003, 0-7645-3932-9, U$60.00/C$90.99/UK#41.95 %A Mike Chapple %C 5353 Dundas Street West, 4th
    Message 1 of 1 , Nov 10, 2003
      BKGSECPG.RVW 20030918

      "The GSEC Prep Guide", Mike Chapple, 2003, 0-7645-3932-9,
      %A Mike Chapple
      %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
      %D 2003
      %G 0-7645-3932-9
      %I John Wiley & Sons, Inc.
      %O U$60.00/C$90.99/UK#41.95 416-236-4433 fax: 416-236-4448
      %O http://www.amazon.com/exec/obidos/ASIN/0764539329/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/0764539329/robsladesin03-20
      %P 448 p. + CD-ROM
      %T "The GSEC Prep Guide: Mastering SANS GIAC Security Essentials"

      The SANS (System administrators, Audit, Network, Security) Institute
      GIAC (Global Information Assurance Certification) Security Essentials
      Certification (GSEC) is supposed to be the "core" program for the
      various GIAC courses and exams.

      Chapter one covers some basic, but random, security concepts and
      topics. A list of sample questions, intended to help the
      student/candidate prepare for the GSEC exam, is given at the end of
      every chapter. If these truly represent the level and type of
      questions on the exam then getting the GSEC is a snap: quick, which
      type of situation is worse, one that has low threat and low
      vulnerability or high threat and high vulnerability? (On the other
      hand, you may have to know the party line: one question insists that
      you credit SANS with the concept of defence in depth, and there is a
      concept of "separation of privilege" that seems to be what everyone
      else refers to as separation of duties.) Security policies are
      discussed in a verbose but almost "content-free" manner in chapter
      two. Virtually nothing is said about the policy process and different
      functional types of policies. Again, there is a demand for
      idiosyncratic jargon: high level policies are "program" policies,
      whereas detailed policies (mostly procedural, given the list
      discussed) are "issue-specific." One term that might be worth
      adopting is "system-specific policy": those who deal with policies
      know that it is difficult to have exceptions documented. Using this
      term for deviations, as SANS does, may reduce the resistance to noting
      the irregularities. There are some basic ideas about risk assessment
      and management in chapter three, but most of the text reviews network
      scanning tools. Chapter four contains network nomenclature, Cisco
      equipment filtering command arguments, and miscellaneous IP (Internet
      Protocol) protocols in varying depth. There are a brief list of the
      titular "Incident Handling" factors contained in chapter five, as well
      as random legal terms. The discussion of cryptography in chapter six
      is reasonable up to the point of symmetric block ciphers, but
      subsequent material has errors (keystream data should *not* repeat
      during the course of a message), confusing diagrams, and unhelpful
      mathematics. There is no deliberation about the usage of public key
      cryptography, hashes, and digests until chapter seven, which, despite
      the title, has absolutely nothing to say about "Applications
      Security." Chapter eight provides a simple overview of firewalls and
      intrusion detection systems (IDSs) but is not overly detailed: no
      distinction is made between application and circuit-level proxies, and
      some of the statements made are clearly incorrect for circuit devices.
      There is a grab bag of malware, cryptanalysis, attack methods and more
      in chapter nine. The content on operations security is limited to
      assorted aspects and tools of Windows and UNIX that might be related
      to secure processing, in chapters ten and eleven respectively.
      Chapter twelve is a practice exam. It's pretty easy.

      The GSEC is sometimes said to be adequate preparation for the CISSP
      (Certified Information Systems Security Professional) exam, but there
      are significant gaps in GSEC's coverage of the security topic.
      Although risk assessment and policy are discussed, management issues
      and access controls get limited substance in GSEC. Security
      architecture, applications security, physical security, and business
      continuity are all missing, while operations are restricted to Windows
      and UNIX.

      This book does provide some useful direction in regard to information
      systems security, but readers should be warned that the missing pieces
      will probably be very important at some point.

      copyright Robert M. Slade, 2003 BKGSECPG.RVW 20030918

      rslade@... slade@... rslade@...
      Computer Security Day, November 30 http://www.computersecurityday.com/
      victoria.tc.ca/techrev/mnbksc.htm sun.soci.niu.edu/~rslade/secgloss.htm
    Your message has been successfully submitted and would be delivered to recipients shortly.