Best Security + book

w^rl0rd

What is the best Security + book? Meyers' A+ All-In-One books were great for A+ and Network+, but he doesn't have one for Security+. I heard the Sybex book is very good, but I think those books lack personality. Any ideas?

RussS

For A+ and Net+ I could have passed using only Mikes AIO, however Sec+ is a totally different kettle of fish and I would advise as many different study resources as you can muster. Consensus seems to be that the Sybex book is good, TCats pdf (the full one) is good, the MS Press Sec+ is very helpful (only covers about 55% of the objectives, but seems to cover some of the big scoring ones very well). Hacking Exposed is a good read and the CBT Nuggets are very good.
Compared to the cost of re-sitting this exam I suggest the expense of the above resources is not that bad at all.

w^rl0rd

Thanks RussS. I'll probably suck it up and get the Sybex book. I'm going to miss Mike's spin on things, but I'll get over it.

pandimus

Yeah, Dont skimp.. Dont Rush.. And Dont be surprised when you sit down to test... I promise you will be distressed.... Unless you study your butt off..

2lazybutsmart

pandimus wrote:

Yeah, Dont skimp.. Dont Rush.. And Dont be surprised when you sit down to test... I promise you will be distressed.... Unless you study your butt off..

Idem! But pandimus... are u trying to cranck out some poetry lines here. LOL. If you've said something like "unless you study your best", your lines wouldn've been some real lyrics.

oh... where have I drifted off again.

JOblessELement

A great supplement to the Sybex guide is Que's Exam Cram 2.
I've found Que's Exam Cram 2 series really good review books in addition to a main book like Syngress or Sybex.

wylie24

I have noticed that there is a book put out by the Microsoft Press for the Security+ exam that I was looking at getting. I had figured that this was a good book because the head of the Security department at Microsoft is also associated with the Security+ testing. Have any of you read or seen this book and is it any good??? So far I have been using the Microsoft Press books to study for my MCSA exams and since I am working at getting my Security Specialization with it, I figured that this one would be right on track. If anybody has advice, it would be great.

ajs1976

I have heard that the MS Sec+ guide, focus to much on MS OSes and leaves out other material.

wylie24

Thank you for the info....I will have to look around to see if I can find another book..Hopefully I will be able to find a Sybex Press book....

Disley

Surely if you want to become certified in Security the LAST place you would go to is Microsoft?? lol

If you mean this book:
http://www.amazon.co.uk/exec/obidos/ASIN/0735618224/qid=1091794683/sr=2-2/ref=sr_2_11_2/202-0356665-0517445

Then iv actually just bought that off ebay for a tenner; and il be quite interested to see how good it is. I think it probably is going to be biased towards Windows, but then from experience most CompTIA certs seem to be much more focused on windows anyway. (Such as the A+ "OS Technologies" which is entirely Windows......hardly OS Technologies)

Anyway il let you know how good it is when it arrives. Although iv no immediate plans to actually take the test :]

RussS

As funny as it may seem to many, the MS Press book actually is a helpful addition to ones library when studying for Sec+. Even though the MS book only covers about 60% of the objectives when one looks at the actual exam you can see that either it was the official book for the guys who wrote the exam or the book was written around the xxam ... lol.

Disley's comment about MS being the last place to look for security is amusing, but is however not quite factually correct. Those *nix affectionados are always putting MS down for the holes in Windows, however that is like the pot calling the kettle black. There are just as many holes in *nix as there are in windows, but it has 2 things going for it ... Firstly it is a lot easier to tighten up security on your own and secondly it really is not used that much that it is not an attractive proposition for crackers.


Oh - one last thing ...... most of the guys I know that can destroy a *nix build keep their info totally to themselves - they don't want their knowledge to get out. As they said during the war - Loose lips sink ships

Disley

well this isnt really the best place to argue about M$ Security, so its probably best i dont :P

Although your last comment does work both ways. Im sure there are plenty of people who have written their own Windows exploits too; but havent released them to others; thats hardly just a *nix thing.

Security has never been a too high priority for MS, you only have to look at their past history for that (especially anything in the 9x line).

(bah, i cant resist, sorry)

Firstly it is a lot easier to tighten up security on your own

Only because the user often misconfigures things to allow intruders to break in. Thats not the fault of the OS. With windows many of its flaws lie in the OS itself, which the user can do little about.

secondly it really is not used that much that it is not an attractive proposition for crackers.

Unix essentially runs the internet, in the server market the NT line just doesnt have the market share. If somebody could write unix virii/worms; the damage would be far more than any windows worm. That and its reputation proceedes it, so its a far more attractive proposition than hacking an NT system.

Anyway, not really the right place to debate about this :P

RussS

Well we are talking about security so it isn't really a bad place to debate things related

The fact that you appear to be a dyed in the wool *nix user should discount you from any debate - just like all those that live and breathe MS should be discounted - only those of us who use *nix, netware & ms should be listened too :P

Seriously, there are major flaws in most *nix variants, however those smart enough to write virus or worms for *nix are also intelligent enough not to. There are enough script kiddies out there causing havoc in the MS world - just imagine if they could obtain point and click progs that wrote *nix virus .... the internet would crash way fast .... lol

Oh, and a little MS levity ....
Balmer to Gates - Why are there no linux virus out there?

Gates to Balmer - Why write virus for linux - nobody uses it anyways.

New User

So how does the "All-In-One Security+ Certification" book rank? I didn't see it mentioned.

I was going to prepare for the certification myself using this book along with:
* Exam Cram2 Security+
* Exam Cram2 Security+ Practice Questions

Disley

RussS wrote:

Well we are talking about security so it isn't really a bad place to debate things related

But in someone elses thread about textbooks :P It doesnt matter anyway ^^

The fact that you appear to be a dyed in the wool *nix user should discount you from any debate

lol at trying to discount me already. Of interest i dont see where in my 6 or 7 posts(??) iv proven myself a dyed in the wool *nix user - i just made that comment about MS and Security (Even as the Foundstone team said - the internet would be a lot more secure without all those windows machines)

Seriously, there are major flaws in most *nix variants, however those smart enough to write virus or worms for *nix are also intelligent enough not to.

Could the same not be said about Windows? Writing a windows worm takes a high skill level; why arent they intelligent enough not to release it?

There are enough script kiddies out there causing havoc in the MS world - just imagine if they could obtain point and click progs that wrote *nix virus .... the internet would crash way fast .... lol

Yup Yup. Script Kiddies are more dangerous with windows since it gives the average user far more control over system files than *nix does (the 9x line doing everything as superuser for example) wheras an average non-root *nix user would find it near impossible to do any damage without cracking root first. Thats why *nix virii never propogate through the internet like a windows based one do

Oh, and a little MS levity ....
Balmer to Gates - Why are there no linux virus out there?

Gates to Balmer - Why write virus for linux - nobody uses it anyways.

Is that right?? Well the Linux userbase has risen something like 200% a year since its release (cant remember any figures unfortunately). But, check out the infamous Halloween documents - and remember they were written in 98' - 6 years ago

wylie24

Well I passed the Security+ exam and found that the Exam Insite book was excellent for study, along with Sybex press book.

Here is a comment, about the linux bit, Symantec said that Microsoft is more secure than Linux.

But both Billy and Steve Jobs have publically said the following comment "NO OS IS SECURE". It does not matter what programs you are running, the second you hook it up to the net or network for that matter, you are not going to be 100% secure, and if you think you are, I have a bridge I can sell you....