Security Interviews Exposed: Secrets to Landing Your Next Information Security Job

Overview

  • Technology professionals seeking higher-paying security jobs need to know security fundamentals to land the job-and this book will help
  • Divided into two parts: how to get the job and a security crash course to prepare for the job interview
  • Security is one of today's fastest growing IT specialties, and this book will appeal to technology professionals looking to segue to a security-focused position
  • Discusses ...
See more details below
Paperback
$21.92
BN.com price
(Save 26%)$29.99 List Price

Pick Up In Store

Reserve and pick up in 60 minutes at your local store

Other sellers (Paperback)
  • All (22) from $1.99   
  • New (10) from $4.19   
  • Used (12) from $1.99   
Sending request ...

Overview

  • Technology professionals seeking higher-paying security jobs need to know security fundamentals to land the job-and this book will help
  • Divided into two parts: how to get the job and a security crash course to prepare for the job interview
  • Security is one of today's fastest growing IT specialties, and this book will appeal to technology professionals looking to segue to a security-focused position
  • Discusses creating a resume, dealing with headhunters, interviewing, making a data stream flow, classifying security threats, building a lab, building a hacker's toolkit, and documenting work
  • The number of information security jobs is growing at an estimated rate of 14 percent a year, and is expected to reach 2.1 million jobs by 2008
Read More Show Less

Editorial Reviews

From the Publisher
"The book is readable and written in a light, witty style". (Info Security, September 2007)
Read More Show Less

Product Details

  • ISBN-13: 9780471779872
  • Publisher: Wiley
  • Publication date: 7/23/2007
  • Edition number: 1
  • Pages: 244
  • Sales rank: 772,254
  • Product dimensions: 7.41 (w) x 9.20 (h) x 0.50 (d)

Meet the Author

Chris Butler (CISSP, JNCIS-FWV, JNCIA-SSL, CCSE, IAM/IEM) is a Senior Solutions Architect with Intellitactics. Chris has more than a dozen years of experience in the networking and security fields. He is a veteran of the United States Navy, where he worked in the cryptography field. Chris has designed, implemented, and supported some of the largest networks in the country for large insurance companies, investment firms, software companies, service providers, and pharmaceutical companies. He has also provided network and security consulting services for numerous U.S. government agencies, including the Department of State, Department of Defense, and the Department of Energy. He has worked extensively with the leading security and networking vendors throughout his career. He is also well versed in both commercial and open source network and security management software. Chris has also performed in-depth application analysis and network modeling using OPNET software for dozens of large companies. He is a member of the IEEE Computer Society and SANS.

Russ Rogers (CISSP, IAM/IEM) is a Senior Cyber Security Analyst and the former CEO and co-founder of Security Horizon, Inc. Russ is a United States Air Force veteran and has served in military and contract support for the National Security Agency, Defense Information Systems Agency, and the other federal agencies. He is also the editor-in-chief of The Security Journal. Additionally, he serves as the Professor of Network Security at the University of Advancing Technology (uat.edu) in Tempe, Arizona. Russ is the author, co-author, or technical editor for nearly a dozen books on information security. Russ has spoken and provided training to audiences around the world and is also a co-founder of the Security Tribe information security research Web site at www.securitytribe.com. His education includes a bachelor’s and master’s degree from the University of Maryland in Computer Science areas.

Mason Ferratt (JNCIS-FWV, JNCIA-M MSEE, BSME) is a Federal Systems Engineer with Juniper Networks in Charleston, South Carolina. He has performed large-scale network security engineering for numerous government clients. His most recent work involves the Department of Defense medical community, where his team is responsible for the security posture of all Navy and Army hospitals and clinics in the world. His specialty is in purpose-built intrusion detection/protection, VPN encryption, firewall, content filtering, and secure remote access devices. His prior jobs include network engineering design, modeling, and testing for the Department of State, and pre- and post-sales network engineering for several optical/WAN vendors (Corvis Corporation, Corrigent Systems, Lucent Technologies, Ascend Communications, and Network Equipment Technologies). He holds a Master of Science degree in Electrical Engineering from George Washington University, and a Bachelor of Science degree in Mechanical Engineering from the University of Virginia. He holds a Top Secret/SCI clearance and is an IEEE member.

Greg Miles (CISSP, CISM, IAM/IEM) is a co-founder, President, Chief Financial Officer, and Principal Security Consultant for Security Horizon, Inc., a Colorado-based professional security services and training provider and veteran-owned small business. He is a United States Air Force veteran and has served in military and contract support for the National Security Agency, Defense Information Systems Agency, Air Force Space Command, and NASA supporting worldwide security efforts. Greg has planned and managed Computer Incident Response Teams (CIRTs), Computer Forensics, and INFOSEC training capabilities. Greg has been published in multiple periodicals, including The Security Journal and The International Journal on Cyber Crime. He co-authored Network Security Evaluation: Using the NSA IEM (Syngress. ISBN: 978-1597490351) and Security Assessment: Case Studies for Implementing the NSA IAM (Syngress. ISBN: 978-1932266962). Greg is a network security instructor for the University of Advancing Technology (UAT) and an advisor with Colorado Technical University (CTU).

Ed Fuller (CISSP, IAM/IEM) is Senior Vice President, COO, and Principal Security Consultant for Security Horizon, Inc. He has more than 28 years of experience in operations, communications, computer information systems, and security. He is the primary lead for INFOSEC Assessments and Training for Security Horizon. Ed has served as team lead for INFOSEC assessments for more than nine years. He has served other companies as an INFOSEC Training Manager and Senior Security Consultant. Ed was integrally involved in establishing, implementing, and supporting the worldwide security program for the Defense Information Systems Agency (DISA), directly supporting Field Security Operations (FSO). He was a participant in the development of the Systems Security Engineering Capability Maturity Model (SSE-CMM) and has been a key individual in the development and maintenance of the Information Assurance Capability Maturity Model (IA-CMM). Ed also serves as a Lead Instructor for the National Security Agency (NSA) INFOSEC Assessment Methodology (IAM) and the INFOSEC Evaluation Methodology (IEM). Ed retired from the United States Navy with more than 23 years of distinguished service. Ed is a co-author for Security Assessment: Case Studies for Implementing the NSA IAM (Syngress. ISBN: 978-1932266962) and Network Security Evaluation: Using the NSA IEM (Syngress. ISBN: 978-1597490351) and a frequent contributer for the The Security Journal, a quarterly security periodical.

Chris Hurley (IAM/IEM) is a senior penetration tester working in the Washington, D.C. area. He is the founder of the WorldWide WarDrive and organized the DEF CON WarDriving Contest from its inception until last year. He has authored or co-authored several books on wireless security and penetration testing, including WarDriving & Wireless Penetration Testing (Syngress. ISBN: 978-1597491112), The Penetration Tester’s Open Source Toolkit (Syngress. ISBN: 978-1597490214), InfoSec Career Hacking (Syngress. ISBN: 978-1597490115), and Stealing the Network: How to Own an Identity (Syngress. ISBN: 978-1597490061).

Rob Cameron (JNCIS-FWV, JNCIA-M, CCSP, CCSE+) is a Security Solutions Engineer for Juniper Networks. He currently works on designing security solutions for Juniper Networks that are considered best-practice designs. Rob specializes in network security architecture, firewall deployment, risk management, and high-availability designs. His background includes six years of security consulting for more than 325 customers. He is the lead author of Configuring Netscreen and SSG Juniper Firewalls (Syngress. ISBN: 978-1597491181) and Configuring NetScreen Firewalls (Syngress. ISBN: 978-1932266399).

Brian Kirouac (CISSP, IAM/IEM) is the Chief Technology Officer and Principal Security Consultant for Security Horizon, Inc. Brian has more than 15 years of experience as an IT professional. Before joining Security Horizon, he served in a wide range of information technology positions in both domestic and international environments. He was a network administrator for a major university, eventually migrating to system administrator specializing in UNIX and Windows integration. He was also the Lead Technical Security Specialist at a municipal four-service utility. In addition to his current position at Security Horizon, Brian serves as an instructor for the National Security Agency (NSA) INFOSEC Assessment (IAM) and INFOSEC Evaluation (IEM) Methodologies and team member of NSA IA-CMM Appraisals. Brian’s publication history includes being a frequent contributor to The Security Journal, being both a refereed and invited speaker for SANS, and a refereed presenter for a NASA Conference on tethered satellites.

Read More Show Less

Table of Contents

Acknowledgments.

Introduction.

Chapter 1: Finding, Interviewing for, and Getting the Job.

Qualifications.

Pursuing a Degree.

The Perfect Job.

Job Search.

Interviewing.

Money Talks.

Accepting or Rejecting the Offer.

Summary.

Nontechnical Interview Questions.

Chapter 2: Knowing Networks: Fundamentals.

Introduction.

Questions.

Recommended Reading.

Chapter 3: Knowing Security: Fundamentals.

Adjust Your Thinking.

Core Values.

Basic Concepts.

Managing Risk.

Data Classification and Labeling.

Ethics in Information Security.

Daily Security Responsibilities.

Summary.

Interview Q&A.

Recommended Reading.

Chapter 4: Understanding Regulations, Legislation, and Guidance.

Regulations, Legislation, and Guidance Defined.

Why Does an Employer Care?

Why Should You Care?

Government- and DoD-Specific Information.

Commercial Information Security.

Using This Information in the Interview.

Summary.

Interview Q&A.

Recommended Reading.

Chapter 5: Knowing Firewalls: Fundamentals.

Firewall Technologies.

Major Vendors.

Device Types.

Management.

Deployment Strategies.

Summary.

Interview Q&A.

Recommended Reading.

Chapter 6: Knowing Virtual Private Networks.

Goals and Assumptions.

The Cryptography of VPNs.

IP Security Review.

Implementing IPsec.

Alternatives to IPsec.

Summary.

Interview Q&A.

Recommended Reading.

Chapter 7: Knowing IDS/IPS/IDP.

Introduction.

Questions.

What Questions Do You Want to Ask Me?

Recommended Reading.

Chapter 8: Everything You Ever Wanted to Know about Wireless but Were Afraid They' Ask.

The Fundamentals.

Wireless Cards and Chipsets.

Wireless Drivers for Linux.

WLAN Detection (WarDriving).

Wireless Security.

Rogue Wireless Devices.

Summary.

Interview Q&A.

Recommended Reading.

Chapter 9: Finding Your Posture.

History of Information Security.

Modern Information Security.

Security Objectives.

Determining the Security Posture.

Prioritizing the Vulnerabilities.

Vulnerability Management.

Summary.

Interview Q&A.

Recommended Reading.

Chapter 10: Tools.

Enumeration, Port Scanning, and Banner Grabbing.

Wireless Enumeration.

Vulnerability Scanning.

Password Compliance Testing.

Network Sniffing.

Penetration Testing.

Learning.

Summary.

Interview Q&A.

Recommended Reading.

Additional Resources.

Index.

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted November 6, 2007

    A reviewer

    I have a CISSP but bought this book to prep for an IT security job in a hospital network. I landed the job and it was due in part to the prep from this book. These authors did their homework and definitely give the reader a comfort level for the live interview.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)