I would start with the SANS training and then look towards the CISSP stuff as you get more focused in the discipline...
*ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> *Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market...* On Thu, Oct 16, 2014 at 11:03 AM, Erik Goldoff <[email protected]> wrote: > Her book (1200 pages ?) is considered the 'bible' and will provide a > wealth of information on the 10 domains of security. You'll likely find > some that you know like the back of your hand due to work experience, and > some that will hold concepts and details new to you. > > On Thu, Oct 16, 2014 at 10:56 AM, Heaton, Joseph@Wildlife < > [email protected]> wrote: > >> That's a good question, Erik. Certification aside, would Shon Harris' >> book be a good starting point to get the information that is tested >> overall? I'm reading and hearing that her book(s) are the standard. >> >> >> >> *From:* [email protected] [mailto: >> [email protected]] *On Behalf Of *Erik Goldoff >> *Sent:* Thursday, October 16, 2014 7:37 AM >> *To:* [email protected] >> *Subject:* Re: [NTSysADM] Security training >> >> >> >> Bear in mind the CISSP is a more vendor neutral, less technical >> certification that covers a broad scope of security issues (10 domains when >> I tested in 2012) to include physical security, business continuity, etc. >> >> >> >> Do you want a security certification from the consultant/management >> perspective (CISSP) or more from a technical/engineer perspective (SANS) ? >> >> The certification track you choose should depend very much on your career >> goals and job requirements. >> >> >> >> On Thu, Oct 16, 2014 at 9:53 AM, Heaton, Joseph@Wildlife < >> [email protected]> wrote: >> >> There's a new position being created in my organization that is >> "supposed" to be an infosec type of position. My manager had told me to >> look into CISSP training/certification. I know that's the pinnacle, and >> beyond the normal day-to-day stuff of being a systems administrator, >> working with a Windows domain, etc, I don't have a lot of hands-on in the >> trenches type of experience with security like I think they look for at >> that level. But, I was thinking that the SSCP may be a good way to get my >> feet wet, and start working towards CISSP. Any thoughts/advice/tips on >> that idea? I've been working with networks since 1999, was CNE for >> Intranetware 4.11, and upgraded that to 5, but haven't touched Novell >> since. I was MCSE for NT4, and never upgraded certs after that. I've >> worked with Microsoft products from NT4 and up, we're currently upgrading >> our servers to 2012R2 now. I've been the one-man shop, doing networking, >> and servers, and I've been part of a team doing just servers. Anyway, I'm >> going to keep digging into requirements, etc, and looking for training >> materials, so if anyone has thoughts on that stuff as well, I'd be very >> appreciative. >> >> >> >> Thanks, >> >> >> >> Joe Heaton >> >> Enterprise Server Support >> >> Information Technology Operations Branch >> >> Data and Technology Division >> >> CA Department of Fish and Wildlife >> >> 1807 13th Street, Suite 201 >> >> Sacramento, CA 95811 >> >> Desk: (916) 323-1284 >> >> >> >> >> > >
