Found this great little deal calculator http://www.zdnetasia.com/downloa...
5 hours 41 minutes ago by winstoncranford on topsy
We have relaunched: What's new at ZDNet Asia?
ZDNet / Insight / Hardware / Story
Prep for CISSP and explore GIAC alternatives
Summary
Members share links to their favorite CISSP prep resources and suggest another vendor-neutral option: the GIAC series. Check out their recommendations and get the details on the GIAC certs.
Events
Microsoft MSDN/Developer Event
25 Mar 2010
One Marina Boulevard, Microsoft Singapore
IT Architect Regional Conference Singapore 2010
20 - 21 Apr 2010
Singapore Management University, Singapore
The Internet Show 2010
21-22 Apr 2010
Suntec Singapore
In a recent edition of "IT Certification Corner," guest columnist Molly Joss
said that certifications
are essential for all IT security staffers. Joss offered links to
information about several security certification options, including the programs
offered by the International Information Systems Security Certification
Consortium, Inc. (ISC)2. The nonprofit organization offers two
certification programs: the Certified Information Systems Security Professional
(CISSP) and the Systems Security Certified Practitioner (SSCP).
TechRepublic members responded with recommended resources for preparing for the CISSP exam. Here's a rundown of their CISSP suggestions, as well as details about another vendor-neutral certification option.
More about the CISSP
In “CISSP tests more than systems security expertise,” TechRepublic columnist Erik Eckel presented an overview of the CISSP exam’s 10 IT security subjects, which (ISC)˛ refers to as test domains. He also shared a list of test domains encompassed by the 125 multiple-choice questions on the SSCP exam. TechRepublic’s subscription site, TechProGuild, offers a more in-depth look at the 10 test domains on the CISSP exam.
Resources from TechRepublic members
TechRepublic member vraptorz suggested that pros working toward their CISSP should sign up for the CISSP and SSCP Open Study Guides Announce List. Messages posted to the group advise cert seekers of new study guides, links, and other developments.
Certified CISSP MadMark prepared for his exam by using the list, along with “two years reading, proposing policy changes, configuring tech, security project management, a self-paced exam simulator, and a 3-day course from (ISC)2.” In a discussion on TechRepublic, he shared links to the simulator he used and recommended a book, Information Security Management Handbook, Vol. 4.
“Please avoid the ‘CISSP in 24 hours’ stuff,” MadMark advised. “It is crap, and there are enough 'paper-certs' out there already.”
Additional study materials
Members will find further tips and materials for study at CISSP.com, which was created by Andrew A. Afifi to promote the certification. For example, the site lists the following free books that may help cert seekers prepare for the exam:
The GIAC alternative
Joss’ article didn’t mention the vendor-neutral Global Information Assurance Certification (GIAC) series offered by The SANS (SysAdmin, Audit, Network, Security) Institute. However, TechRepublic members chimed in to remind others of its offerings. Hellbee said she believes GIAC is a more relevant option because she’s heard that the CISSP is dated. “The infosec guys I know feel more confident in the GIAC series, which are more technical, focused certs,” she said.
GIAC currently offers the following individual certificate programs:
Candidates for GIAC certification must complete a research paper and pass either one or two exams, depending on the certification track. Although candidates don't have to earn GIAC certifications in any particular order, the organization recommends that you master security fundamentals before moving on to more advanced topics.
GIAC certs: How do they compare?
Are you a GIAC-certified security professional or considering becoming one? How do you think GIAC compares to (ISC)2 and CompTIA?
TechRepublic members responded with recommended resources for preparing for the CISSP exam. Here's a rundown of their CISSP suggestions, as well as details about another vendor-neutral certification option.
More about the CISSP
In “CISSP tests more than systems security expertise,” TechRepublic columnist Erik Eckel presented an overview of the CISSP exam’s 10 IT security subjects, which (ISC)˛ refers to as test domains. He also shared a list of test domains encompassed by the 125 multiple-choice questions on the SSCP exam. TechRepublic’s subscription site, TechProGuild, offers a more in-depth look at the 10 test domains on the CISSP exam.
Resources from TechRepublic members
TechRepublic member vraptorz suggested that pros working toward their CISSP should sign up for the CISSP and SSCP Open Study Guides Announce List. Messages posted to the group advise cert seekers of new study guides, links, and other developments.
Certified CISSP MadMark prepared for his exam by using the list, along with “two years reading, proposing policy changes, configuring tech, security project management, a self-paced exam simulator, and a 3-day course from (ISC)2.” In a discussion on TechRepublic, he shared links to the simulator he used and recommended a book, Information Security Management Handbook, Vol. 4.
“Please avoid the ‘CISSP in 24 hours’ stuff,” MadMark advised. “It is crap, and there are enough 'paper-certs' out there already.”
Additional study materials
Members will find further tips and materials for study at CISSP.com, which was created by Andrew A. Afifi to promote the certification. For example, the site lists the following free books that may help cert seekers prepare for the exam:
- Computer Vulnerabilities (Knight)
- Firewalls Complete (Goncalves)
- Handbook of Applied Cryptography (Menezes)
- The Little Black Book of Computer Viruses (Ludwig)
- The Hacker Crackdown: Law and Disorder on the Electronic Frontier (Sterling)
The GIAC alternative
Joss’ article didn’t mention the vendor-neutral Global Information Assurance Certification (GIAC) series offered by The SANS (SysAdmin, Audit, Network, Security) Institute. However, TechRepublic members chimed in to remind others of its offerings. Hellbee said she believes GIAC is a more relevant option because she’s heard that the CISSP is dated. “The infosec guys I know feel more confident in the GIAC series, which are more technical, focused certs,” she said.
GIAC currently offers the following individual certificate programs:
- GIAC Security Essentials Certification (GSEC)
- GIAC Certified Firewall Analyst (GCFW)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Windows Security Administrator (GCWN)
- GIAC Certified UNIX Security Administrator (GCUX)
- GIAC Information Security Officer (GISO)
- GIAC Systems and Network Auditor (GSNA)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Security Leadership Certificate (GSLC)
- GIAC IT Security Audit Essentials (GSAE)
- GIAC Gold Standard Certificate (GGSC-0100)
Candidates for GIAC certification must complete a research paper and pass either one or two exams, depending on the certification track. Although candidates don't have to earn GIAC certifications in any particular order, the organization recommends that you master security fundamentals before moving on to more advanced topics.
GIAC certs: How do they compare?
Are you a GIAC-certified security professional or considering becoming one? How do you think GIAC compares to (ISC)2 and CompTIA?
Transform your business interactions with real-time voice, video and telepresence solutions.
Tech Vendor: Cisco
Tech Vendor: Cisco
ZDNet Asia Live
RT @mistertechblog: I wrote about Nexus One and Touchdown, desktop dock, Bluetooth/USB tethering, ebooks here: http://bit.ly/bRdzx0
11 hours 52 minutes ago by yklee13 on topsy
Read my blog post on getting the most from your Nexus One: http://www.zdnetasia.com/blogs/m...
11 hours 58 minutes ago by mistertechblog on twitterData Centre Operator (Fresh Graduates Welcome to Apply) in ... http://bit.ly/bagYuu
12 hours 23 minutes ago by intmasterfeed on topsy#Cisco #Cloud Cloud on ZDNet Asia: Aussie university joins Cisco cloud · Early-adopter criminals embrace cloud... http://bit.ly/d93C8S #TCN
13 hours 25 minutes ago by thetechgang on topsy
RT @3wconsulting: Whitepaper from http://3W.com.au "Outsourcing Your IT Requirements to Philippines" now on @zdnetaustralia & @zdnetasia http://ow.ly/1oY9f
20 hours 12 minutes ago by LeesaAT3W on twitter
Whitepaper from http://3W.com.au "Outsourcing Your IT Requirements to Philippines" now on @zdnetaustralia & @zdnetasia http://ow.ly/1oYbA
20 hours 13 minutes ago by itemployment on twitter
Whitepaper from http://3W.com.au "Outsourcing Your IT Requirements to Philippines" now on @zdnetaustralia & @zdnetasia http://ow.ly/1oYbz
20 hours 13 minutes ago by brucemills on twitter
Zdnetasia.com Estimated Worth $178,365 USD. Daily Ad Revenue:$244 USD, Daily Views:81,445 Pages... - http://www.haplog.com/www.zdneta...
1 day 56 minutes ago by Haplog on twitterThe receivers don't transmit back to the satellite. Unless there is a phone line attached to the receiver, they don't have any wa...
1 day 39 minutes ago by bessellbrowne on Apple to join the geolocation craze?"Lead Cognos BI Developer Insurance - Jobs - ZDNet Asia" http://bit.ly/bRcxOG
1 day 33 minutes ago by rhrcognos on topsywhatever little understanding I have we 'll only progress toward end of the world if we use HPCs to lenthen life of human being. Huma...
2 days 45 minutes ago by abhi32002@gmail.com on High computing promises elixir of lifeThanks for the knowledgeable article on SDDs. Allas...when all this reasearch will happen in Indian Universities. Hope the new bill on Fo...
2 days 58 minutes ago by abhi32002@gmail.com on APAC HPC users eye solid-state drivesIt was a good article. This brings a good opportunity for Indian IT firms to come up with new solutions in this field. HPC can become a b...
2 days 17 minutes ago by abhi32002@gmail.com on High computing most-wanted job in AsiaCOL KR DHARMADHIKARY(RETD) its very late to reply the link, but if it is still alive and looking for opportunity, i would like to know th...
2 days 14 minutes ago by deb021280 on Education takes off in rural India, helped by PCs
High performance computing (HPC) most-wanted job in Asia http://bit.ly/9vFC3i (via @zdnetasia) #singapore
2 days 31 minutes ago by mySingapore on twitterHe doesn't care if her shoes are of glass, All he wants to see is a huge rack and nice a*s. Sleeping beauty's not awoken by true ...
2 days 48 minutes ago by warlowdavies on One pair of 3D glasses to rule them all
RT @zdnetasia: EMC COO, Pat Gelsinger, on bridging gaps in the organization and its cloud ambitions in Asia. (cont) http://tl.gd/i5jjd
2 days 19 minutes ago by mistymaitimoe on twitter
EMC COO, Pat Gelsinger, on bridging gaps in the organization and its cloud ambitions in Asia. http://bit.ly/9etOZW
2 days 23 minutes ago by zdnetasia on twitter
Asian SMBs need to pay more attention to disaster recovery planning http://bit.ly/bDet08 via @zdnetasia
2 days 39 minutes ago by asiapacsolution on twitterAsian SMBs need to pay more attention to disaster recovery planning http://bit.ly/bDet08
2 days 54 minutes ago by zdnetasia on twitter
[TECH] URL Shorteners slow Web redirection. - http://bit.ly/bySnWK @zdnetasia
3 days 37 minutes ago by danielcktan on twitter
URL shorteners are great but they can slow web redirection & you pray it would never go down http://bit.ly/bySnWK via @zdnetasia
3 days 5 minutes ago by angahsin on twitterURL shorteners slow Web redirection. http://bit.ly/bySnWK
3 days 34 minutes ago by zdnetasia on twitterChinese agencies cry foul over Google. http://bit.ly/by6rwV
3 days 40 minutes ago by zdnetasia on twitterall of sg's isps have been practising compulsory invisible proxy for all home subscribers at their backend since many years back alre...
3 days 57 minutes ago by melvinchia on Web filters mean bad news for businessit is not to good for china.
Proactol
Very good explanation of JMX
4 days 48 minutes ago by Babith B on Managing applications with JMXThe reaction to a report issued Tuesday by Flurry Analytics managed to completely overlook some interesting news--the Android-based Motorola Droid outsold the original iPhone over the same period of time following their respective launches--to focus instead on the sales numbers for the Nexus One.
4 days 51 minutes ago by lonemavericks on diggsAnother ZTE story....
4 days 53 minutes ago by Moderate Your Greed on Philippines opens bid for final 3G licenseWe at www.fifosys.com have also seen a growth in IT outsourcing and anticipate it as a growing field.
5 days 26 minutes ago by sarah Jane on Companies' outsourcing spend to increaseI agree with you. The iSiVaL is super portable and TVs can't expand their image size. I recorded a video that might bring some ideas to...
5 days 57 minutes ago by Jesse B Andersen on Buying a projector? Try an LED TV insteadhermm... he deserved it.. he shud not talk abt sensitive things like tat, well, he shud think twice before saying all those things, event...
5 days 35 minutes ago by ... on Facebook user charged in MalaysiaPassword manager tools are potential security threat. Criminals who hack into the computer can use the password manager to log onto any s...
5 days 35 minutes ago by ohanae on What defaults should random password generators use?I've found the cross platform utility unetbootin to be rather handy for this kind of thing as well.
5 days 9 minutes ago by Jim on Use Live USB Creator to install Fedora 12 from a USB stickKeep up with ZDNet Asia
Linkedin 
RSS Feeds 
Newsletters 
Twitter Inside ZDNet Asia
Sponsored
The Desktop Virtualization Revolution is here!
Find our more with Citrix Simplicity is Power
2010 IT Salary & Skills Report
Find out the salary range of IT professionals. Join activeTechPros for free access to the report.
The Internet Show 2010, 21-22 Apr 2010, Singapore
FREE admission for visitors who pre-register online. Register Today!
This is Ricky, an IT Manager from a worldwide advertising agent.
I am writing to talkback about the passage of Prep for CISSP and explore GIAC alternative.
Currently, I am holding two information security certifications - CISSP and GIAC GCIH. After the challenges, I had a deep experience about the two certifications.
CISSP tests a board range of topics related to infosec. To prepare the exam, people just read books and study the multiple choices sample questions to tackle the examination. I knew some people who just got CISSP. They are supposed to know about cryptographic topics like public/private key encryption. Yet, when I asked them to implement PGP, most couldn't.
In my opinion, CISSP is just a pure knowledge certification.
GIAC is totally different from CISSP. GIAC has three levels of certificate programs - Beginner, Immediate, and Advanced. Each level has several focuses such as Intrusion Analyst, Incident Handler, etc. When I prepared for the GCIH, I found that I have to understand and master particular skills. Before writing the practical paper, I have to simulate a situation and configure technical settings. After passing the paper, another challenge is completed exams.
If CISSP is like an MBA, then GIAC is like a PhD.