Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "The SSCP Prep Guide", Debra S. Isaac/Michael J. Isaac

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKSSCPPG.RVW 2003107 The SSCP Prep Guide , Debra S. Isaac/Michael J. Isaac, 2003, 0-471-27351-1, U$60.00/C$92.95/UK#41.95 %A Debra S. Isaac %A Michael
    Message 1 of 1 , Dec 12, 2003
    • 0 Attachment
      BKSSCPPG.RVW 2003107

      "The SSCP Prep Guide", Debra S. Isaac/Michael J. Isaac, 2003,
      0-471-27351-1, U$60.00/C$92.95/UK#41.95
      %A Debra S. Isaac
      %A Michael J. Isaac
      %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
      %D 2003
      %G 0-471-27351-1
      %I John Wiley & Sons, Inc.
      %O U$60.00/C$92.95/UK#41.95 416-236-4433 fax: 416-236-4448
      %O http://www.amazon.com/exec/obidos/ASIN/0471273511/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/0471273511/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/0471273511/robsladesin03-20
      %P 508 p. + CD-ROM
      %T "The SSCP Prep Guide"

      Chapter one is a supposed overview of security, although it is rather
      vague and iconoclastic. Access control, in chapter two, provides an
      unstructured list of related terms. At the end of the chapter we get
      the expected list of sample questions, but these are either
      simplistic, idiosyncratic, or both. Chapter three, ostensibly about
      administration, is a completely mixed bag of security management,
      security architecture, operations security, and networking topics.
      The information on auditing given in chapter four concentrates
      primarily on networking, has way too many screenshots of Windows
      tools, and far too little content on forensics. A surprisingly good
      section on risk, advice on incident response that starts well but ends
      abruptly, and a short but standard piece on business continuity
      planning is in chapter five. Cryptography, in chapter six, has a list
      of terms, poor explanations of the important concepts, and an
      unimportant overview of the history of cryptography, padded out with
      annoyingly fuzzy photographs. Most of chapter seven is a list of
      communications terms. There is a disproportionate emphasis on
      penetration testing, and a very odd reiteration of material on the
      system development life cycle. (Possibly the authors got confused
      with the *other* SDLC: Synchronous Data Link Control?) The material
      on malware, in chapter eight, has been very carelessly put together.
      There are two separate descriptions of macro viruses almost adjacent
      to each other, and a level three header section on trojan horses
      immediately followed by a level four header on trojan horses, which
      starts out saying "Trojan horses are another threat ..." There is a
      recommendation to use "false data directories" to trap polymorphic
      viruses. (No mention is made of how this technobabble might work.)
      The authors should take note that a multipartite virus is *not* the
      same thing as a companion virus, and that worms *do* replicate.

      There is very little useful material in this book.

      copyright Robert M. Slade, 2003 BKSSCPPG.RVW 2003107


      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      It is a humbling experience knowing that your fate depends on a
      vehicle built by the lowest bidder!
      - Alan B. Shepard, Mercury Astronaut, 1965
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.