(Part 2) Reddit mentions: The best security certification books
We found 414 Reddit comments discussing the best security certification books. We ran sentiment analysis on each of these comments to determine how redditors feel about different products. We found 110 products and ranked them based on the amount of positive reactions they received. Here are the products ranked 21-40. You can also go back to the previous section.
21. CISSP All-in-One Exam Guide, Eighth Edition
Specs:
Height | 9 Inches |
Length | 7.25 Inches |
Number of items | 1 |
Release date | October 2018 |
Weight | 4.31444646734 Pounds |
Width | 2 Inches |
22. CompTIA Security+ SY0-401 Cert Guide, Deluxe Edition (3rd Edition)
- Used Book in Good Condition
Features:
Specs:
Height | 9.3 Inches |
Length | 7.8 Inches |
Number of items | 1 |
Weight | 3.4392112872 Pounds |
Width | 1.8 Inches |
23. Certified Ethical Hacker Exam Prep
Used Book in Good Condition
Specs:
Height | 9 Inches |
Length | 7 Inches |
Number of items | 1 |
Weight | 2.46476808916 Pounds |
Width | 1.5 Inches |
24. CompTIA Security+ Review Guide, Includes CD: Exam SY0-301
- Sybex
Features:
Specs:
Height | 9.299194 Inches |
Length | 7.40156 Inches |
Number of items | 1 |
Weight | 1.24340715768 Pounds |
Width | 0.79917163 Inches |
25. CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide (Exam CS0-001)
Specs:
Height | 9.1 Inches |
Length | 7.5 Inches |
Number of items | 1 |
Weight | 1.5652820602 Pounds |
Width | 0.91 Inches |
26. CompTIA Security+ All-in-One Exam Guide, Fifth Edition (Exam SY0-501)
- High Quality Steel Construction
- Hands Free Ball Pick Up
- It is Patented
Features:
Specs:
Height | 9.5 Inches |
Length | 1.5 Inches |
Number of items | 1 |
Weight | 2.71609506784 pounds |
Width | 7.75 Inches |
27. CEH Certified Ethical Hacker All-in-One Exam Guide, Fourth Edition
- AIR-PULSE CLITORAL STIMULATION - The Satisfyer Pro 2 uses non-contact pressure-wave technology to provide feelings of suction and pulsations, similar to the sensations you feel during oral sex.
- QUIET AND DISCREET - The Pro 2 has a stronger motor than its predecessor, but is quieter and more discreet than ever before. Once the skin-friendly silicone head surrounds your clitoris, you'll hardly hear a sound!
- 11 INTENSITIES - With the new button design, easily increase or decrease the intensity of the Pro 2 easily. And with 11 intensities to switch through, you're sure to find the sweet spot that brings you intense pleasure.
- WATERPROOF - The Pro 2 has an IPX7 waterproof rating, making it the perfect companion for the shower or bath. It's protected against immersion in water up to 1 meter deep for up to 30 minutes of use.
- OPTIMIZED HEAD DESIGN - The head, made from skin-friendly silicone, is now bigger and wider so that it can surround your clitoris even more effectively, allowing you to forget the world while it provides you with stimulation
Features:
Specs:
Height | 8.89762 Inches |
Length | 9.13384 Inches |
Number of items | 1 |
Release date | March 2019 |
Weight | 1.83424601984 Pounds |
Width | 1.10236 Inches |
28. Computer Security: Principles and Practice (2nd Edition) (Stallings)
- Used Book in Good Condition
Features:
Specs:
Height | 9.1 Inches |
Length | 7.1 Inches |
Number of items | 1 |
Weight | 2.5573622392 Pounds |
Width | 1.3 Inches |
29. CEH v9: Certified Ethical Hacker Version 9 Study Guide
Wiley
Specs:
Height | 9.098407 Inches |
Length | 7.299198 Inches |
Number of items | 1 |
Release date | May 2016 |
Weight | 2.38981092008 Pounds |
Width | 1.401572 Inches |
30. Healthcare Information Security and Privacy
- QUICKLY ACCESS A SATA SSD OR HDD: Add drive space to your laptop by connecting to a 3.5" or 2.5"SSD or HDD using this SATA to USB cable. You can connect to an external drive to: add storage, perform backups, create disk images, implement data recoveries, and transfer content to your laptop.
- FAST TRANSFER SPEEDS WITH UASP: The SATA to USB adapter supports USB 3.0 data transfer speeds of 5Gbps. But, you can experience transfer speeds up to 70% faster than conventional USB 3.0, when connected to a computer that also supports UASP
- CONNECT FROM ANYWHERE: The hard drive USB adapter is a portable solution that tucks away nicely in a laptop bag with no external power required
- SAVE TIME: The hard drive transfer cable lets you easily swap between drives with no need to install the drive inside an enclosure. It’s plug-and-play and doesn’t require drivers.
- 12V 2A POWER ADAPTER INCLUDED: This USB 3.0 to SATA 22 pin connector cable is equipped with a DC-Jack port, which could supply enough power. With the power supply, both 2.5" or 3.5" SATA HDD could be connected. Please be kindly noted that power supply is necessarily required if 3.5" SATA HDD is connected. WARRANTY: 45 Days Money Back Guarantee & 24-Month Worry-free Warranty.
Features:
Specs:
Height | 9.12 Inches |
Length | 7.38 Inches |
Number of items | 1 |
Release date | January 2015 |
Weight | 1.3448197982 Pounds |
Width | 0.8 Inches |
31. CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide
- INDUSTRY EXCLUSIVE EVENFLOW(tm) TECHNOLOGY for the ultimate in comfort and relaxation. Enjoy quiet, even pressure reminiscent of a full body hug thanks to the Calmforters’ ingenious CloudSoft Polyfill(tm) and Stardust Minibead(tm) 100% GLASS BEAD weighting system. NEW 15LB BLANKET NOW AVAILABLE, TYPE OR COPY AND PASTE THE FOLLOWING CODE IN THE AMAZON SEARCH BAR: B07C4XRVT2
- ULTRA-LUXURIOUS MINKY FABRIC COVER- Outer cover is silky soft on one side while the opposite side features our unique SensaCool Dot(tm) System that helps keeps users cool. Completely reversible. Unlike most weighted blankets with highly noticeable lumpy, square pocket stitching, the Calmforter features a completely uniform appearance since the entire weighting system is hidden inside the cover.
- 2 PART CONSTRUCTION FOR EASY WASHING AND LONG LIFE- The outer cover easily zips apart for fast, easy washing and quick drying. No need to wash the entire blanket like old-style 1 piece blankets that take forever to dry and deteriorate quickly as the weights are repeatedly washed. PRICE INCLUDES COVER! NOTE: Most blankets sold today by Chinese sellers do not include a cover.
- GENEROUS 60" x 80" DIMENSION. Don’t end up with an undersized blanket! Studies show that a 60” x 80” size is the ideal dimension to provide full-time, full-body benefits as you sleep. The XL dimension prevents the blanket from sliding off the body as you move in bed.
- DESIGNED IN THE USA by a team of Healthcare Professionals. As Chinese sellers flood the market we are proud to be Designed in the USA, Stocked in the USA and Serviced in the USA by our team of dedicated professionals located in Orlando, FL. The Original Calmforter- THE WORLDS FIRST AND STILL #1 PREMIUM WEIGHTED BLANKET.
Features:
Specs:
Release date | September 2014 |
32. CompTIA Security+ SY0-501 Exam Cram (5th Edition)
Specs:
Height | 9 Inches |
Length | 6 Inches |
Number of items | 1 |
Weight | 2.23548733668 Pounds |
Width | 1.75 Inches |
33. CEH Certified Ethical Hacker Study Guide
Specs:
Height | 9.299194 Inches |
Length | 7.40156 Inches |
Number of items | 1 |
Weight | 1.51237111732 Pounds |
Width | 0.999998 Inches |
34. CompTIA CySA+ Cybersecurity Analyst Certification Bundle (Exam CS0-001)
Specs:
Height | 9 Inches |
Length | 7 Inches |
Number of items | 2 |
Release date | December 2018 |
Weight | 2.46035884392 Pounds |
Width | 0.5 Inches |
35. CHFI Computer Hacking Forensic Investigator Certification All-in-One Exam Guide
- Max BBCOR. Max value. -- The BBCOR rating peaks at over .49, just under the .50 legal limit, giving you an extremely powerful baseball bat at an unbeatable price.
- Balanced speed. Balanced power. -- A balanced weight distribution that's slightly end-loaded helps give you faster hands and a more powerful swing.
- Consistent power. -- We engineered the Metal baseball bat to have a wider sweet spot for more consistent power.
- Ridiculous value. -- With a BBCOR rating of .49, you get a 1-piece aluminum alloy baseball bat with power that rivals industry leaders for a fraction of the price.
- 1 Year durability guarantee. -- If your StringKing BBCOR baseball bat breaks within its warranty period, we will replace it for free.
Features:
Specs:
Height | 9.4 Inches |
Length | 7.6 Inches |
Number of items | 1 |
Weight | 1.88054309486 Pounds |
Width | 1.1 Inches |
36. CompTIA Security+ Guide to Network Security Fundamentals - Standalone Book
- There are two types of people in this world.. 1) Those who can extrapolate from incomplet data
- Lightweight, Classic fit, Double-needle sleeve and bottom hem
Features:
Specs:
Height | 9 Inches |
Length | 7.5 Inches |
Number of items | 1 |
Weight | 2.64995638924 pounds |
Width | 1.25 Inches |
37. CompTIA Security+ SY0-501 Cert Guide (4th Edition) (Certification Guide)
- 3-9x Magnification
- 32mm Objective Lens
- 1" One-piece Tube
- 30/30 Reticle
Features:
Specs:
Height | 9.4 Inches |
Length | 7.8 Inches |
Number of items | 1 |
Weight | 3.50314534318 Pounds |
Width | 1.95 Inches |
38. EnCase Computer Forensics, includes DVD: The Official EnCE: EnCase Certified Examiner Study Guide
Specs:
Height | 9.299194 Inches |
Length | 7.499985 Inches |
Number of items | 1 |
Weight | 2.19139488428 Pounds |
Width | 1.401572 Inches |
39. CompTIA CySA+ Study Guide: Exam CS0-001 (Packaging may vary)
Brand New in box. The product ships with all relevant accessories
Specs:
Height | 9.200769 inches |
Length | 7.299198 inches |
Number of items | 1 |
Weight | 2.0282528104 Pounds |
Width | 1.401572 inches |
40. Mike Meyers’ CompTIA Network+ Certification Passport, 4th Edition (Exam N10-005) (CompTIA Authorized)
Used Book in Good Condition
Specs:
Height | 9 Inches |
Length | 5.9 Inches |
Number of items | 1 |
Weight | 1.37568451488 Pounds |
Width | 0.9 Inches |
🎓 Reddit experts on security certification books
The comments and opinions expressed on this page are written exclusively by redditors. To provide you with the most relevant data, we sourced opinions from the most knowledgeable Reddit users based the total number of upvotes and downvotes received across comments on subreddits where security certification books are discussed. For your reference and for the sake of transparency, here are the specialists whose opinions mattered the most in our ranking.
Study Materials
I used this book almost exclusively. It is $10 on the Kindle (this if the 401 version). I got a 73 on the pre-assessment test, and after reading the book an 86 on the post.
As many on this sub-reddit have mentioned, Professor Messer - I gave his videos a try. Of course it's subjective, but he puts me to sleep. The other problem (no specific examples), I found some of the things he said contradicting or just different enough from my readings that it was confusing me. So I stopped using his videos.
CBT Nuggets is available for me through work, and I used Keith Barker's videos. If this is available to you, use it. They have a 7-day free trial, use that and if you can get it all in in 7 days (definitely possible and I don't know if the trial allows full access), get it done for free in 7 days). Otherwise, $88 for a month, and if it helps you pass the exam/understand the material better, do it. Best of all, what Keith was saying seemed directly in-line with my studies, no contradictions and whatever slight variances there were compared to my studies, were explained and made sense.
Practice Exams
I used the ExamCompass practice exams and CertMaster practice exams. Other than validating that I knew my stuff, they don't teach you anything. ExamCompass is free and one of the first results that comes up if you search for CompTIA security practice exam. CertMaster is yours if you get the re-take bundle through CompTIA. Since my work paid for my exam, I had them pay for that one. I'm fortunate to have a workplace that pays for these things, and HR doesn't check anything just approves whatever's put in front of them.
The Exam
The exam itself was nothing like the practice exams. The simulation questions were laughably easy - almost like put the square block in the circular hole type questions - but I'm sure there's variance in this and your results may vary. The questions themselves were nothing like ANY of the practice exams. I felt like I was taking the wrong test or something. Literally felt like it was asking me Cat is to 75786 as Microwave is to
a) carpet
b) hammer
c) wall
d) hamster.
Then again, CompTIA always has those questions not related to the exam for some kind of evaluation purpose - so maybe that's what those were. You will have these kinds of questions, and some of them on a second look can help you see things differently, you might notice a port number in that string of output that you can use to "guess" the correct answer because the multiple choice is a bunch of protocols and one of those protocols matches that port number.
I finished with ~20 minutes to spare, though I used that time to go back and review my questions and answers. On review though, on all but 3 questions, I said to myself, "that's the same answer I would've chosen anyway." I went through that tense moment of answering the demographic questions, and getting to the anticlimactic page telling me I had passed.
Advice
Use what works for you. Gibson's book really worked for me - and Keith Barker's videos were informative and entertaining (...and I'd like to thank you, for watching). Other's here have mentioned a lot of success with Messer, and fwiw, it works for them. If it works for you, use his videos. He's put a lot of work into them - they're free, and people have passed by his videos alone.
Know your gosh-darned port numbers - you should've been doing this since A+ and definitely in your Net+ studies. Though you don't have to take the Net+ prior to the Sec+, I understand why they recommend having it first. There were at least 2 questions that I was able to (easily) answer due to my Network studies.
There's no mention of this in any of my studies, but I got that POODLE question. If I hadn't read about that, literally the day of the exam on this sub-reddit, it would've been a complete guess. I got that one question right because of staying up-to-date on this.
If you are a native English speaker, and are taking this exam in English, you can reasonably correctly guess some of the terms and vocabulary answers - still, study how CompTIA wants you to know things like Threat, Vulnerability, Risk, etc.
https://www.amazon.com/gp/product/1337288780/ref=ppx_yo_dt_b_asin_title_o05_s00?ie=UTF8&psc=1
This was the book I used. I originally rented it for a class, but had to change my schedule up so I just decided to keep it and start studying. I would definitely read another though. Or watch Professor Messers videos if I were to study again. I feel like the book I used was really good, but I definitely would have been more prepared had I used another dedicated study material. Had I rented a second book, I would have rented this one
https://www.amazon.com/CompTIA-Security-Guide-Fifth-SY0-501/dp/1260019322/ref=sr_1_5?crid=14IBV4EVTTAYM&keywords=comptia+security%2B&qid=1562432800&s=books&sprefix=comptia%2Cstripbooks%2C171&sr=1-5
I used their COMPTIA IT Essentials book and I thought it was very good. Those would be my personal recommendations for books, because they are what I am familiar with. I think if you can, you should absolutely watch Messer's videos though. They are really amazing.
Right now CySa+ materials are going on sale because the test is going to change. A new test is coming in the next 6 months or so. That being said it might be worth while getting Net+ first. As I'm sure you noticed while taking Sec+ there is a lot of Networking involved. However, if you are comfortable with networking then I'd just straight to CySa+ while the materials are cheep and your Sec+ knowledge is still fresh.
>New CompTIA CySA+ (CS0-002) exam coming in Q2 2020!
This study bundle is 51% off on amazon currently.
CySa+, like Sec+, is DoD approved so it's (typically) worth more in the job market than Net+
> CompTIA CySA+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA). Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program.
It's great that you already have a goal in mind. I don't know too much about this particular field but I would start off gaining interest in the basis of computer security. This would include encryption schemes, hashing functions, network intrusion detection, secure computing, and others. Here's a book that I read through for an introduction to computer security class. There's probably better books out there but that's the one I read.
Overall, computer security is one of the more specific fields so be sure not to skip over your core computer science and mathematics education.
Your most important starting step is to make sure that you have the foundational knowledge, at least at a conceptual level. I'm a big fan of books, so I would recommend a few to you.
Pick ONE of these. Exam is not necessary, but recommended:
Mike Meyers CompTIA Network+ All-in-One Exam Guide
Todd Lammle's CCENT Study Guide - ICND1
Pick ONE of these. Pay attention to business terminology as well. Again, exam is not necessary, but recommended:
Mike Meyers CompTIA Security+ Certification - SY0-501
CompTIA Security+ All-in-One Exam Guide
Darril Gibson SSCP All-in-One Exam Guide
100% read this. It's the Bible of Python scripting. Second edition is brand spanking new too:
Automate the Boring Stuff with Python
This is a good all-around Penetration Testing book that teaches Linux too. You don't *have* to use Kali, Ubuntu is probably less intimidating to those new to Linux, but you will have to install your own software/packages. This is the only book on this list I haven't read, but I often see it recommended:
Penetration Testing: A Hands-on Introduction to Hacking
While you read these books, you should install some kind of Linux distro on a home computer and use it for practice. I would also recommend doing HackTheBox(first challenge is to hack the login page) and starting with the easy boxes. Do as much as you can on your own first, but if you get stuck, watch IppSec's YouTube walk-through for the box you are on. Might be a bit overwhelming until you get through most of the books on that list though.
You should also start looking towards either the eJPT/eCPPT, the OSCP, or GPEN at this point, as those are the best value certifications in this field and will hold a lot of weight at an interview. There's some stigma with certifications in IT/CS, but the ones I listed are all baseline knowledge and/or high value for those in this field. At the very least the knowledge will go far. But definitely avoid anything from EC-Council like the plague.
Honestly, I just took the assessment blind after beginning the class and passed it. I have experience in the field, but I recently did this Professor Messer course to get my Sec+ and the majority of the knowledge was in that YouTube course.
You can watch the Professer Messer material in a weekend if you watch it at 1.25 speed, again just take notes on things that don't immediately click for you and pay special attention to those in other training material.
This series of books is good in general for CompTIA exams: On Amazon , they always have end of chapter quizzes that map pretty well onto exams.
How are you doing on the practice exams? Any special areas that aren't clicking for you?
I've used Cybrary's practice exams in the past and found them pretty okay:https://www.cybrary.it/catalog/transcender_tests/comptia-cysa-practice-exam/
I'm no hacker or anything, but a few things I would do if I wanted to get into that field would be to learn networking/net security. Being a comp sci major, I assume you understand networking. You could study for the Security+ exam, just to get a good understanding of IT Security and whatnot. Then study for the CEH. I've got a pretty good study guide for CEH, I believe it's this book.
I don't know much about the field, but it does sound fascinating.
I used 3 books in my readings:
https://www.amazon.com/Meyers-CompTIA-Security-Certification-SY0-501/dp/126002637X/ref=sr_1_9?keywords=security%2B&qid=1564790977&s=gateway&sr=8-9
https://www.amazon.com/CompTIA-Security-SY0-501-Exam-Cram/dp/0789759004/ref=sr_1_8?keywords=sy0-501&qid=1564791002&s=gateway&sr=8-8
https://www.amazon.com/CompTIA-Security-SY0-501-Guide-Certification/dp/0789758997/ref=sr_1_16?keywords=sy0-501&qid=1564791002&s=gateway&sr=8-16
I have an ACM membership so I was able to access them all from their learning library. Was able to read all three books in 27 days. Did the practice tests online (mostly got between 96% - 98%). No one author is able to cover all the material. But since this is something that I really need to learn, I try to source out materials from different sources.
I usually go with the For Dummies version first to break it into my brain in a form that's understandable before I cover it using the actual text. Yes, it takes time, and not really allow you to accelerate but it helps me to actually understand what I'm supposed to learn and not just pass the test.
Like with PowerShell right now, I'm on chapter 8 of Windows PowerShell Programming for the Absolute Beginner, 3rd which approaches PowerShell programming by building games. Almost have half of it done then I'd go for Learn PowerShell Scripting in a Month of Lunches. Again, I'm not saying this approach is best, but it works for me to understand things better. Plus work does reimbursement for stuff I buy for the class which really helps if I need a book (an actual printed book).
Awesome contest! Thank you for doing this for other people! This will make someone or someones verry happy indeed!
I want this book and/or this book
These are study books for IT ceritifications. They will make a difference to me because if I can pass the certification tests I can get a better job and make more money.
Yes, unfortunately, it's not cheap. I always do better with a $100 book than with an $1,000 course anyway, and it's a much better use of my valuable time. I checked my Amazon history and it was this book. https://www.amazon.com/gp/product/0071831568. I used the same series for passing the CEH. As for the certs, I quit college and worked to pay the bills while my wife was in school, and by the time she finished, I was already established in the IT space. I never went back to college, so I tend to compensate with certs. They do help a lot when looking for IT consulting work. =)
It's certainly worth a go. I'd read through a guide, such as this:
https://www.amazon.com/Certified-Ethical-Hacker-Guide-Fourth/dp/126045455X/ref=dp_ob_title_bk
Then email EC-Council and explain that you have been working in IT security for 3 years (ok, so you might need to exaggerate a bit here), and that you'd simply like to take the exam, as you feel you already know the information contained in their syllabus.
You might get a few back and forths, but if they are playing hardball, say that your manager has only given you enough in the training budget for one cert this year, and you've chosen the CEH exam, but can't get the funds for the whole course. I expect they'd rather you pend the money on taking their exam, than went elsewhere.
To be honest though, you're probably better off buying the book to study anyway, then taking the OSCP cert from OffSec
It's called out pretty clearly in the description, but it should be version 4. The Boson questions are definitely closer to the exam, and the practice questions at the end of each chapter of the AIO are good as well.
https://www.amazon.com/dp/126045455X/ref=cm_sw_r_sms_apa_i_nsJTDb0J7S9G1
I am currently studying for the Sec+ myself. Through my job I have access to a few books. The resources I am using so far and have liked.
My goal is to take the test by the end of Oct. I am also creating/using Flash Cards (from an app) and plan to upload them when I finish so others can use them to help study as well.
When I first sat down to study for the Sec+ I used the following:
So those would be good to look at for the SY0-401 as well.
If you're brave enough, reading the Security+(amazon) cert book and these(wikipedia)is a pretty good step as well.
So you want to become a script kiddy and try and hack with backtrack 5 eh. That's not really the way to learn, you want to read read and read security books. ( http://www.amazon.com/Certified-Ethical-Hacker-Exam-Prep/dp/0789735318 )
To install a OS to a USB use this program, ( http://www.linuxliveusb.com/ ) it will download it, format the drive, and install it to USB for you.
If you are truly interested in learning a different OS, I suggest Linuxmint, Ubuntu or Fedora. Once you get your feet wet with those, try a Gentoo box.
I'm currently studying for an HCISPP certificate and have found the following to be a pretty good guide to all things healthcare security related (not only HIPAA):
https://www.amazon.com/Healthcare-Information-Security-Privacy-All/dp/0071831797
2 Reasons. I have a friend who already has study materials from his 2 allotted pre-tests (audio and videos) and I have already purchased GCIA Books online. Almost done studying. Hopefully can get to the 91% and be on the GCIH Advisory Board..
Reason#2 is that the NEW CISSP Books won't be released until End of OCT. If I'm going to buy the materials, might as well be up-to-date.
Yeah he's great!
https://www.google.com/url?sa=t&source=web&rct=j&url=https://www.amazon.com/CompTIA-Cybersecurity-Analyst-Certification-CS0-001/dp/126001181X&ved=2ahUKEwiezIummY7lAhVzIqYKHesCCKkQFjAAegQIBRAB&usg=AOvVaw1aUg1VXkH1whQQvROIqE8W
The following book that I'm going to recommend is something that I've seen a few people commenting negatively about but I found it incredibly useful. Especially if you're considering a "hacking for dummies" book.
http://www.amazon.co.uk/Certified-Ethical-Hacker-Study-Guide/dp/0470525207
Explains the basics, what you'll find in the hacking world in terms of tools and scripts, real world scenarios, end of chapter quizzes if you're that kind of learner etc.
Only other thing I can recommend is;
"X language for pen testers/security engineers/hackers etc".
Example; Violent Python - A cookbook for hackers, forensic analysts, penetration testers and security engineers.
Since you have your CISSP, the InfoSec material will be a breeze. If the CISSP is a mile wide and an inch deep, then I'd say the HCISPP is 3/8 of mile wide and a half-inch deep. You'll be fine.
​
For the Healthcare information, I know it touched on things like the healthcare industry, breach timelines, security and privacy regulation, technology specific to healthcare (EHR, EMR, coding, data exchange, etc.).
​
Looking through my notes, I see that I actually read this as well: https://www.amazon.com/Healthcare-Information-Security-Privacy-Murphy/dp/0071831797
I personally recommend:
CEHv9 https://www.amazon.com/CEH-v9-Certified-Ethical-Version/dp/1119252245/
Hacking the art of exploitation https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/
Penetration Testing: A hand on Introduction to hacking: https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641/
They would do you more service buying books like http://www.amazon.com/Certified-Ethical-Hacker-Study-Guide/dp/0470525207 or http://www.amazon.com/Network-Warrior-Gary-Donahue/dp/1449387861/ref=sr_1_1?s=books&ie=UTF8&qid=1451148178&sr=1-1&keywords=network+warrior
But maybe they just don't know ... they see you only "sitting behind that thing they don't understand very well, for hours", you probably never talked about hobbies without it going awry, I can imagine. Not blaming anyone or anything, just saying, this is what usually happens and their reaction is gentle nudge.
This would greatly improve my life
I could use it to study for my Network+ Cert and advance my career in IT.
=P
I agree. I would look into virtual labs too.
I personally liked these:
https://www.cybrary.it/catalog/practice_labs/comptia-cybersecurity-analyst-csa
And the Sybex book and practice questions:
https://www.amazon.com/CompTIA-CySA-Study-Guide-CS0-001/dp/1119348978/
https://www.amazon.com/CompTIA-CySA-Practice-Tests-CS0-001/dp/1119433207/
Edit: CompTIA renamed Cybersecurity Analyst from CSA to CySA. So you will see a mix for a while.
This is probably your best bet All In One Book.
A couple by William Stallings: Computer Security: Principles and Practice and Cryptography and Network Security: Principles and Practice
Experience only gets you so far on the CISSP, as plenty of smart people with loads of experience fail, because they don't understand how to take an exam or the boundaries of it. You can't cram for the CISSP, and need to make sure that you study evenly over time before the exam, as there is a lot of range in topics, but not much depth. Here is how I passed:
I used Shon Harris's CISSP All-In-One:
https://www.amazon.com/CISSP-All-One-Guide-Eighth/dp/1260142655/ref=sr_1_1?crid=NGMZ8UWXWDNQ&keywords=cissp+all-in-one+exam+guide%2C+eighth+edition+by+shon+harris&qid=1570840219&sprefix=shon+harris+all+%2Caps%2C234&sr=8-1
In the back of the book there is a testing engine online hosted by the publisher. I did that over and over (after reading the book) until I knew the answers like second nature. When doing the testing engine, it is important to know why answers are wrong as much as knowing the right answer.
Please see the following video, where I used the same method to study and pass the CISSP and multiple AWS exams:
https://youtu.be/wod92WIn92E
​
My background: been a CISSP since 2012, and have personally helped 2 people study and pass this exam.
Hope this helps!
Few books for you to consider - I got these for my course and are hugely useful. I've also included the Encase book as I know our forensics guys go back to it all the time:
Computer forensics using open source tools
The essential Brian Carrier - file system forensics
Real Digital Forensics
Encase training book
Digital Forensics Investigation
Forensic Discovery
> I have my A+ cert
>
>they recommended a segmented network. and I had to google what that even was.
>
>I am the "IT Guy" The previous "IT Guy" got me this job
You need to start reading cbks right now in all your free time. Even if you don't take the cert exams for the cbks below, it is knowledge you need to know asap.
​
I suggest these (in order):
​
https://www.amazon.com/CompTIA-Network-Certification-Seventh-N10-007/dp/1260122387/ref=sr_1_3
https://www.amazon.com/CompTIA-Server-Certification-Guide-SK0-004/dp/125983803X/ref=sr_1_1
https://www.amazon.com/Windows-Server-Complete-Study-Guide/dp/111885991X/ref=sr_1_4
https://www.amazon.com/Windows-PowerShell-Cookbook-Scripting-Microsofts/dp/1449320686/ref=pd_sbs_14_5/143-0552349-3403540
https://www.amazon.com/Windows-Server-Complete-Study-Guide/dp/1119359147/ref=sr_1_3
https://www.amazon.com/CompTIA-Security-Guide-Fifth-SY0-501/dp/1260019322/ref=sr_1_4
That is because it is the old version.
To be fair that is the one I studied since I studied after the current test was released but before the new edition and I passed first try so maybe it's fine?
​
EDIT: NOPE. 8th Edition is $41, which is $3 cheaper.
​
https://smile.amazon.com/CISSP-All-One-Guide-Eighth/dp/1260142655/ref=sr_1_1_sspa?keywords=cissp+all+in+one&qid=1555433292&s=gateway&sr=8-1-spons&psc=1
I would say self-study for the EnCE. That'll be probably the best for you.
Carry out all of the exercises and what not and make sure you research anything you don't understand.
im watching jason dion cysa videos and bought this one based on the most reviews, theres no perfect book like gibson was to Security+
https://www.amazon.com/gp/aw/d/1119348978/ref=mp_s_a_1_2?ie=UTF8&qid=1525549311&sr=8-2&pi=AC_SX236_SY340_QL65&keywords=comptia+cysa%2B&dpPl=1&dpID=51F3etaiN4L&ref=plSrch
You should be fine. But invest in yourself. Read this book and profit. At least that's what I did and I knew nothing about networking before. Now I can at least understand what the networking team is doing.
https://www.amazon.com/CompTIA-Network-Certification-Passport-Authorized/dp/0071789057/ref=sr_1_11?s=books&ie=UTF8&qid=1494895422&sr=1-11&keywords=comptia+passport+plus
I passed 501 with about 2.5 weeks of study with CompTIA Security+ Certification Study Guide, Third Edition and CompTIA Security+ SY0-501 Exam Cram. Probably 4 or 5 hours in the beginning reading to anywhere between half hour to 2 hour sections of reviewing stuff. Didn't feel ready and the test questions were way different but I knew enough about it all to pass it. Definitely doable, just put the time into reviewing stuff.
No lab questions per se; there were scenarios like read this nmap out and choose the best answer. No pick more than 1's. I used Oriyano's guide. Didn't read all of it. Maybe 50%. https://www.amazon.com/CEH-v9-Certified-Ethical-Version/dp/1119252245/ref=sr_1_1?ie=UTF8&qid=1486960385&sr=8-1&keywords=ceh+v9
I'm working on studying for this while I wait to be re-enrolled. Just purchased the all-in-one CHFI book for $30. I've used these books before for CompTIA exams and thought it might be a good place to start.
https://www.amazon.com/Computer-Hacking-Forensic-Investigator-Certification/dp/0071831568/ref=sr_1_3?keywords=all-in-one+chfi&qid=1572398962&sr=8-3
No. It's a lot of unnecessary work. Study for them, sure; do the Skillport modules , even though they aren't super helpful. If anything it'll knock out some busy work for you during the course. I'd recommend buying Passport books for both Net+ and Sec+ (Net+ passport book) and using those as your main study material. If you hit that hard before you go and for the month that you're here before you take the certs I'm 90% sure you'll pass.
I passed CySA+ using This book and This video course.
Security+ has a bit of overlap, especially if you took the 501. Focus well on the information about regulations, chain of custody, and forensic processes.
You know, I have not studied Security+.
Speaking for myself, I would assume you'd want to be aware of the latest technology & matters related to the field, not study material that may not be as relevant, and missing out on new methodologies.
This is a field where you need to be cognizant of current practices.
What Cybersecurity skills do employers look for? https://certification.comptia.org/it-career-news/post/view/2017/07/05/what-cybersecurity-skills-do-employers-look-for
It is true that you do not have many resources to choose from for 501 as the other Redditter mentions.
I located this book just in case. It is by David Prowse.
https://www.amazon.com/CompTIA-Security-SY0-501-Guide-Certification/dp/0789758997
David Prowse: http://www.davidlprowse.com/articles/
Bio: David Prowse: http://www.pearsonitcertification.com/authors/bio/6b781d51-4a68-4490-ab10-02a757602ceb
I would imagine that this is the book. https://www.amazon.com/CompTIA-CySA-Study-Guide-CS0-001/dp/1119348978/ref=sr_1_1?ie=UTF8&qid=1518465950&sr=8-1&keywords=sybex+csa
It seems to be often recommended.
Oh no problem at all, I found there were a few questions on Poodle/shellshock in there which I knew there would be and questions regarding a few tools (nmap and such). I do have a study guide and a good prep book that I used. CEHv9 Study Guide found here: https://www.amazon.com/CEH-v9-Certified-Ethical-Version/dp/1119252245
You can find it other places too, if you would like to see the study guide send me a PM and i'll copy and paste it for you!
Can you pass a drug test and do you have a clean record? If so, get your Comptia Security+ 501 certificate. It is required for any government IT job which is probably one of he biggest employers here in the Springs. Every video instruction you need is free on youtube. The books are $35 on amazon. You can get discounted test certificates here. Sec+501 took me maybe a month of studying to pass, and getting it will open up more doors for you in the IT field in this town than any other certificate, so long as you meet the requirements in my first sentence. The clearance may or may not be a necessity depending on where you go. On base might be difficult, but there are more jobs than you think out there for government contracting. DOD, DHS, and numerous other agencies all have contracting jobs readily available in this town. But you need Sec+.
He does! I just bought the kindle version (only $10) to use for my own studies.
https://www.amazon.com/gp/aw/d/126001181X/ref=mp_s_a_1_2?ie=UTF8&qid=1520706009&sr=8-2&pi=AC_SX236_SY340_FMwebp_QL65&keywords=csa%2B&dpPl=1&dpID=515Z0goTp7L&ref=plSrch
https://www.amazon.com/CompTIA-CySA-Study-Guide-CS0-001/dp/1119348978/ref=sr_1_1?ie=UTF8&qid=1519675757&sr=8-1&keywords=CSA%2B
https://www.amazon.com/CompTIA-Cybersecurity-Analyst-Guide-Certification/dp/0789756951/ref=sr_1_2?ie=UTF8&qid=1519675757&sr=8-2&keywords=CSA%2B
I used this book:
https://www.amazon.com/gp/aw/d/B00NNWKN3G/ref=mp_s_a_1_1?ie=UTF8&qid=1495649897&sr=8-1&pi=AC_SX236_SY340_QL65&keywords=security%2B
|Network+|https://www.amazon.com/gp/product/1260122387/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1|https://www.professormesser.com/network-plus/n10-007/n10-007-training-course/|https://certnet.de/wp-content/uploads/2017/08/Network-N10-007-Exam-Objectives.pdf|Didn't actually use any practice tests for net+ but would recommend|
|Security+|https://www.amazon.com/gp/product/1260019322/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1|https://www.udemy.com/comptia-security-certification-sy0-501-the-total-course/|https://www.comptia.jp/pdf/Security%2B%20SY0-501%20Exam%20Objectives.pdf|https://www.udemy.com/comptia-security-practice-exams/|
|CySA+|https://www.amazon.com/gp/product/126001181X/ref=ppx_yo_dt_b_asin_title_o00_s01?ie=UTF8&psc=1|https://www.udemy.com/comptiacsaplus/|https://www.comptia.jp/pdf/comptia-cybersecurity-analyst-(cs0-001).pdf|https://www.udemy.com/comptiacsa/|
https://www.amazon.com/CompTIA-Security-Guide-Fifth-SY0-501/dp/1260019322
Basically I got a call from a recruiter on Wednesday night saying that if I passed the test by the end of Friday I would have a guaranteed job. Thursday morning I popped an addy, read messers study guide, did the chapter quizzes in the book, and the rest of the day I worked on the chapters I was deficient in. Friday morning I took the exam and passed.
i am also using the udemy videos plus this book https://www.amazon.com/CompTIA-CySA-Study-Guide-CS0-001/dp/1119348978/ref=pd_lpo_sbs_14_t_1?_encoding=UTF8&psc=1&refRID=Q1HMEANW19CTDCH8E366
professor messer, and this book https://www.amazon.com/CompTIA-Security-Guide-Network-Fundamentals/dp/1337288780
also exam compass questions
The Sybex study guide will be available on April 24th. I plan on buying that, studying for a month, then taking a shot at the exam in late May.
https://www.amazon.com/CompTIA-Security-Guide-Fifth-SY0-501/dp/1260019322/ref=mp_s_a_1_4?ie=UTF8&qid=1540824481&sr=8-4&pi=AC_SX236_SY340_FMwebp_QL65&keywords=security%2B+sy0-501
Yea, in face this is the bundle I got:
https://www.amazon.com/CompTIA-Cybersecurity-Analyst-Certification-CS0-001/dp/1260453251/ref=sr_1_5?keywords=CySA%2B&qid=1558129385&s=gateway&sr=8-5
>I know I likely won't do well in the event, however, I want to challenge and provide myself a goal
Why not? You'll just have to study like hell.
PM if needed
I have the same question. I'm partial to this one:
https://www.amazon.com/CompTIA-Security-Guide-Fifth-SY0-501/dp/1260019322/ref=sr_1_3?ie=UTF8&qid=1518405572&sr=8-3&keywords=security%2B
But it only comes in CD-ROM or Kindle format. I managed to find the hard cover edition on McGraw Hill's site and CompTia's own online shop but the cost of having it shipped to Canada is too high for my taste. Anyone know of a place I can pick this up in Canada?
I took the Net+ in November before I enrolled at WGU. I read through the Mike Myers Network+ Passport book and passed the exam no problem YMMV
https://www.amazon.com/CompTIA-Network-Certification-Passport-Authorized/dp/0071789057
This is exactly why the professionals in IT very rarely talk security with people who arent in the industry. TV and movies have really made people think things will happen that never will, or are near impossible.
The type of effort you are talking would be like if some terrorist encrypted their manifesto on a thumb drive and the government had to crack it right away to avoid another attack. Dont you remember how complicated it was just to get into the San Bernadino people's iphones? The resources and time required once you pass a certain level are insane.
I hope no one here is that type of person. If you want to find out how complicated it really is, this is where you start down the rabbit hole.
https://www.amazon.com/Certified-Ethical-Hacker-Guide-Fourth/dp/126045455X/ref=sr_1_3?keywords=ethical+hacking&qid=1570333559&sr=8-3
and this
https://www.kali.org/
I suggest using Virtual Machines on a separate drive to boot your system with the network NIC drivers removed if you install and start messing with how that all works.
Also, here is a tool to tell you the amount of possible passwords. Even with ONLY letters uppercase and lower, the amount you get at 20 characters is like the amount of stars in the galaxy or something insane you could compare it to. Grains of sand in the outer banks maybe? Just at 26 letters you have 52 characters to make combinations from when you consider upper and lowercase. Think of how many possible combinations there are when you shuffle a deck of cards. You shuffle a deck, I shuffle a deck, what are the odds I shuffle them and the cards end up in the same order as yours? Even using a computer to try and match your pile, its gonna take a really really really long time. Then mix in numbers and characters. Each single possibility added to make is 53, 54, 55 etc, turns it into a HUGE unfathomable number when you are at 20 characters. You cant brute force it, and without a REALLY educated guess, thats your only option. Unless you are the gubment and have a key for the algorithm.
http://www.csgnetwork.com/optionspossiblecalc.html
For the Total Tester 6.2, that comes with the this book. I did not buy the book, but a colleague of mine bought it, and he lend me the disc. I'm thinking, "great more test practice questions to try", and it came with a PDF of the book, so I can look at different explanation. There has been another one regarding threat actors that did not make any sense as well. Since the book, as far as I know, is the only one with definitions for structured threats, but there is no matrix on regarding what threat actors are unstructured, structured and high structured, unless you go into the part in the book to explain that.
I have watch the PluralSight videos, not Prof. Messer, and there was no matrix I can find on the different structures of threats. I am thinking to myself, am I that bad at these tests.