REVIEW: "The SSCP Prep Guide", Debra S. Isaac/Michael J. Isaac
- BKSSCPPG.RVW 2003107
"The SSCP Prep Guide", Debra S. Isaac/Michael J. Isaac, 2003,
%A Debra S. Isaac
%A Michael J. Isaac
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%I John Wiley & Sons, Inc.
%O U$60.00/C$92.95/UK#41.95 416-236-4433 fax: 416-236-4448
%P 508 p. + CD-ROM
%T "The SSCP Prep Guide"
Chapter one is a supposed overview of security, although it is rather
vague and iconoclastic. Access control, in chapter two, provides an
unstructured list of related terms. At the end of the chapter we get
the expected list of sample questions, but these are either
simplistic, idiosyncratic, or both. Chapter three, ostensibly about
administration, is a completely mixed bag of security management,
security architecture, operations security, and networking topics.
The information on auditing given in chapter four concentrates
primarily on networking, has way too many screenshots of Windows
tools, and far too little content on forensics. A surprisingly good
section on risk, advice on incident response that starts well but ends
abruptly, and a short but standard piece on business continuity
planning is in chapter five. Cryptography, in chapter six, has a list
of terms, poor explanations of the important concepts, and an
unimportant overview of the history of cryptography, padded out with
annoyingly fuzzy photographs. Most of chapter seven is a list of
communications terms. There is a disproportionate emphasis on
penetration testing, and a very odd reiteration of material on the
system development life cycle. (Possibly the authors got confused
with the *other* SDLC: Synchronous Data Link Control?) The material
on malware, in chapter eight, has been very carelessly put together.
There are two separate descriptions of macro viruses almost adjacent
to each other, and a level three header section on trojan horses
immediately followed by a level four header on trojan horses, which
starts out saying "Trojan horses are another threat ..." There is a
recommendation to use "false data directories" to trap polymorphic
viruses. (No mention is made of how this technobabble might work.)
The authors should take note that a multipartite virus is *not* the
same thing as a companion virus, and that worms *do* replicate.
There is very little useful material in this book.
copyright Robert M. Slade, 2003 BKSSCPPG.RVW 2003107
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
It is a humbling experience knowing that your fate depends on a
vehicle built by the lowest bidder!
- Alan B. Shepard, Mercury Astronaut, 1965
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade