Just wanted to put a quick update. I've been extremely busy with school, work, and family life so I haven't had much time to put into learning more about the InfoSec industry. That is about to change though. I have decided to not return to NC State to pursue my Masters in Computer Science. They offer almost no security related classes through their distance education program and that has had me conflicted for a few months.
After doing some searching I found a program that I am interested in at Western Governors University and they have a Masters in Information Security and Assurance. The school is accredited and seems legit from the research I've done so far. One of the things I like about the school is you basically learn at your own pace and when you know the material you can take an assessment to prove you know the material and you are done with that course. They have 6 month sessions and have a flat rate tuition ($3000) for a session no matter how many assessments you end up passing. That is a lot less expensive than most schools I've looked into. They also use some industry certifications as their assessments (CCENT, C|EH, C|HFI, GIAC G2700) so it would be good to come out of school with a Masters and some certs.
My plan is to take a year off of school and start learning more about the industry, I'm mainly interested in penetration testing, forensics, and malware. I'm hoping to post some of my experiences here over the next year on what I am learning and how I'm going about it. Another reason for taking a year off is we have our 3rd child due to arrive around the first of the year so there will be some life changing going on. Hopefully I'll stay sane enough to get in some InfoSec learning......
Until next time....
Wednesday, July 25, 2012
Tuesday, July 3, 2012
Books
There are plenty of free resources out there but I do like to pay for good books. I personally use O'Reilly's Safari for online book reading. I've been using it for a few years now and I really like it. It is nice to be able to use my tablet, phone, or computer to read a book. There is a 10 day free trial and that is what hooked me many years ago. I currently have a 10 book bookshelf and I am able to choose 10 new books a month (if I happen to read all 10 that month...which doesn't happen). I believe I upgraded to the 10 book option as a deal and I got it for $19.99 per month which I feel is a pretty good deal. Here are the books currently on my shelf regarding Information Security.
Currently Reading
Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)
On the Bookshelf
The Basics of Digital Forensics
Windows Forensic Analysis Toolkit, Third Edition: Advanced Analysis Techniques for Windows 7
Digital Forensics with Open Source Tools
The Shellcoder's Handbook: Discovering and Exploiting Security Holes
Windows System Programming (4th Edition)
Write Great Code, Volume 2: Thinking Low-Level, Writing High-Level
Windows via C/C++
I believe you can kind of tell by the looks of the books that I'm greatly interested in Forensics but I'm also interested in Malware Analysis, Pen Testing....more of the engineering side of things. It amazes me how smart folks out there can find exploits in systems, it makes me want to learn more.
The issue I have is TIME. Having a full time system admin job always requires me to continue learning and keeping up with that part of the industry. Then when I get home I usually have school work to do although this semester is very helpful because it is a C Programming class. Speaking of, C Programming - A Modern Approach is the book we are using for class. It is a good book so far but since it is geared towards being a school text it is expensive. Back on the topic of time, I also have a family I love spending time with and also try to have some type of social life. That leaves late nights for my InfoSec stuff but I'm trying to do as much as I can right now.
I've seen quite a few books recommended out on different InfoSec blogs and sites, here are a few of them. I haven't read any of these but I'm hoping some are available through O'Reilly so I can check them out.
TaoSecurity seems to do a review on the best books every year. I haven't read any of these yet but I will be putting some of them on my list.
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Crimeware: Understanding New Attacks and Defenses
Security Engineering: A Guide to Building Dependable Distributed Systems
Hacking Exposed Series
The Giant Black Book of Computer Viruses
The Mac Hacker's Handbook
The New School of Information Security
Cryptography Engineering
If anyone reading this has read any of these books and can give a recommendation or not that would be great.
Currently Reading
Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)
On the Bookshelf
The Basics of Digital Forensics
Windows Forensic Analysis Toolkit, Third Edition: Advanced Analysis Techniques for Windows 7
Digital Forensics with Open Source Tools
The Shellcoder's Handbook: Discovering and Exploiting Security Holes
Windows System Programming (4th Edition)
Write Great Code, Volume 2: Thinking Low-Level, Writing High-Level
Windows via C/C++
I believe you can kind of tell by the looks of the books that I'm greatly interested in Forensics but I'm also interested in Malware Analysis, Pen Testing....more of the engineering side of things. It amazes me how smart folks out there can find exploits in systems, it makes me want to learn more.
The issue I have is TIME. Having a full time system admin job always requires me to continue learning and keeping up with that part of the industry. Then when I get home I usually have school work to do although this semester is very helpful because it is a C Programming class. Speaking of, C Programming - A Modern Approach is the book we are using for class. It is a good book so far but since it is geared towards being a school text it is expensive. Back on the topic of time, I also have a family I love spending time with and also try to have some type of social life. That leaves late nights for my InfoSec stuff but I'm trying to do as much as I can right now.
I've seen quite a few books recommended out on different InfoSec blogs and sites, here are a few of them. I haven't read any of these but I'm hoping some are available through O'Reilly so I can check them out.
TaoSecurity seems to do a review on the best books every year. I haven't read any of these yet but I will be putting some of them on my list.
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Crimeware: Understanding New Attacks and Defenses
Security Engineering: A Guide to Building Dependable Distributed Systems
Hacking Exposed Series
The Giant Black Book of Computer Viruses
The Mac Hacker's Handbook
The New School of Information Security
Cryptography Engineering
If anyone reading this has read any of these books and can give a recommendation or not that would be great.
Subscribe to:
Posts (Atom)