WGU MSCIA Recommended Reading.

PocketLumberjack

Hey all I am planning on enrolling the the WGU MSCIA program next November. This leaves me with 10 months of thumb twiddling. Does anyone who is enrolled in this program have any suggestions for what I could study ahead of time to be a bit more prepared for the program? I am looking for books or even certs that will help me better tackle this program. I have started studying for the CEH but I would like to study for the other classes to. Thanks!

I should also mention that I am working on my CCNA R&S over the next 2 months, and I will be doing the CCNA CyberOps scholarship some time after July. I have a pretty good knowlegede base of network security but not things like cyberlaw and cyberwarfare or risk management.

PC509

I'm in the MS: Information Security and Assurance, so may be a bit different.

CEH/CHFI are two good ones.

For me, I bought a CISSP book towards the end of my studies (finishing capstone and I'm done!). It maps pretty much perfectly with the courses. After getting this far, reading the CISSP book is a lot of familiar material. So, it could go either way (classes help with CISSP exam; CISSP study materials help out with MS degree classes).

PocketLumberjack

PC509 wrote: »

I'm in the MS: Information Security and Assurance, so may be a bit different.

CEH/CHFI are two good ones.

For me, I bought a CISSP book towards the end of my studies (finishing capstone and I'm done!). It maps pretty much perfectly with the courses. After getting this far, reading the CISSP book is a lot of familiar material. So, it could go either way (classes help with CISSP exam; CISSP study materials help out with MS degree classes).

That's good to know, what book did you use?

PC509

I used the (ISC)2 Official Study Guide. I'm sure I'll be getting other sources when I'm ready to take the CISSP (2017 goal!). But, it's a pretty thorough book that definitely goes over things I've learned during the MS degree. Most of it (95%) is very familiar material that I got from studying for the degree.

PJ_Sneakers

Yeah, what PC509 said. You might want to familiarize yourself with the NIST special publications as well, because you will draw on them heavily for a great deal of your references in multiple classes. Also read up on HIPAA, PCI, and federal criminal statues as they pertain to computer crimes.

For fun you can research everything you can about Stuxnet, PLC's/SCADA/ICS, and Super Advanced APT Threats. That will probably be helpful too.

PC509

NIST and ISO 27001 & 27002 are good for sure. I reference them in several classes as well as on the job now.

PocketLumberjack

Awesome! Thanks guys! What books do you guys recommend for CEH/CHFI?

PJ_Sneakers

I read the Sybex CEH book, but I didn't like it much. I felt like there were a few (small) gaps in how it was put together in certain parts of the book. I have seen more people recommend the McGraw Hill All-In-One book by Matt Walker on TechExams.

I did not read a CHFI book to prep for the exam. I did read the McGraw Hill CCFP book by Chuck Easttom, and found it to be adequate for the CHFI test when paired with the CEH material.

Also, if you do not already have knowledge equivalent to CompTIA Security+ (I didn't see it listed on your profile), I would skip the CEH/CHFI study for now and hit up Darril Gibson's Security+ book.

PC509

Also, there are "**** sheets" available for the CEH/CHFI. WGU has some within the course, but Google has several. They aren't braindumps, but more of a quick and dirty overview of terms, encryption techniques, etc.. The CHFI is odd. Read the WGU study guides and then remember what you learned from the CEH exam. It's got a few things different than the CEH, but 50% or so is learned during the CEH studies. I bought a book - Syngress CHFI Study Guide. WAY WAY WAY WAY overkill. Definitely not recommended unless that's where you want to go as part of your career. It's way more information than you'll ever need for the exam.

PocketLumberjack

Thanks guys! I now have enough to get a great jump start!

PJ_Sneakers

Oh and to be clear on my previous post, the CCFP is a much, much more rigorous exam than the CHFI. When I said it was adequate, I meant that the CHFI goes into more of the red team hacking side of things than CCFP materials cover, so the CEH fills gaps in the CCFP book strictly for the purposes of the CHFI test.

CCFP does cover hacking scenarios, but more from a blue team perspective. Which is more appropriate, I think.

The CCFP is by far a much better exam, in my opinion.

PocketLumberjack

I got my CCFP book in the mail today and I am surprised at how thin it is, and how much I am familiar with already. I am trying to decide if I should study and get Security+ or study longer and just get the SSCP. Any input?