Re: [CCCure CISSP] CISSPstudy Digest, Vol 64, Issue 5

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] CISSPstudy Digest, Vol 64, Issue 5

Nagarajan Viswanathan
Hi Sameer,

Can you post the question and the answers given in isc2 book?

Thank you,

Nagarajan


On Wed, Oct 23, 2013 at 1:03 AM, <[hidden email]> wrote:
Send CISSPstudy mailing list submissions to
        [hidden email]

To subscribe or unsubscribe via the World Wide Web, visit
        http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
or, via email, send a message with subject or body 'help' to
        [hidden email]

You can reach the person managing the list at
        [hidden email]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CISSPstudy digest..."


Today's Topics:

   1. Cissp books questions (abid James)
   2. Re: Cissp books questions (Rogelio O'Farril)
   3. Re: Cissp books questions (abid James)
   4. Re: Cissp books questions (Clement Dupuis)


----------------------------------------------------------------------

Message: 1
Date: Tue, 22 Oct 2013 23:56:30 +0530
From: abid James <[hidden email]>
To: "[hidden email]" <[hidden email]>
Subject: [CCCure CISSP] Cissp books questions
Message-ID: <[hidden email]>
Content-Type: text/plain; charset="iso-8859-1"

Hello All,

I am reading ISc2 official document 2nd edition which is very confusing me . Whereas i find Shon  Harris Cissp-AIO guide understandable. Is it ok to study only Shon Harris books for the exam

The official guide has CCTV under compensating control

Here is the example for controls

Administrative Directive Policy
Deterrent  policy

Preventative  User registration  procedure

Detective Review violation reports

Corrective Termination,Unplug, isolate, & terminate connection

Recovery DR Plan,Backups

Compensating Supervision,Job rotation Logging, Keystroke monitoring, CCTV

Technical Config Standards

Deterrent Warning Banner,IDS

preventative Password based login ,IPS

Detective : Logs


Please help
regards
Sameer




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/mailman/private/cisspstudy_cccure.org/attachments/20131022/c42f83ed/attachment.html>

------------------------------

Message: 2
Date: Tue, 22 Oct 2013 11:44:55 -0700 (PDT)
From: Rogelio O'Farril <[hidden email]>
To: The CISSP Study Mailing list <[hidden email]>
Subject: Re: [CCCure CISSP] Cissp books questions
Message-ID:
        <[hidden email]>
Content-Type: text/plain; charset="iso-8859-1"

Remember that controls can fit under different categories depending their implementation. A camera for example, can be used to detect intruders or to act as a deterrent.

In regards to books I think the more the merrier. I find Harris' book overly verbose, plus it always helps to have a different point of view in case something is not clear. I would add Conrad's book.




On Tuesday, October 22, 2013 1:27 PM, abid James <[hidden email]> wrote:


Hello All,

I am reading ISc2 official document 2nd edition which is very confusing me . Whereas i find Shon? Harris Cissp-AIO guide understandable. Is it ok to study only Shon Harris books for the exam

The official guide has CCTV under compensating control

Here is the example for controls

Administrative Directive Policy
Deterrent? policy

Preventative? User registration? procedure

Detective Review violation reports

Corrective Termination,Unplug, isolate, & terminate connection

Recovery DR Plan,Backups

Compensating Supervision,Job rotation Logging, Keystroke monitoring, CCTV

Technical Config Standards

Deterrent Warning Banner,IDS

preventative Password based login ,IPS

Detective : Logs


Please help
regards
Sameer




_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/mailman/private/cisspstudy_cccure.org/attachments/20131022/dec5df6c/attachment.html>

------------------------------

Message: 3
Date: Wed, 23 Oct 2013 00:49:28 +0530
From: abid James <[hidden email]>
To: Rogelio O'Farril <[hidden email]>,
        "[hidden email]" <[hidden email]>
Subject: Re: [CCCure CISSP] Cissp books questions
Message-ID: <[hidden email]>
Content-Type: text/plain; charset="iso-8859-1"











Thank you the reply. i agree with you that controls can
be fit into different categories. However, without giving the scenairo
how can you categorize.
Let me explain CCTV as the official guide 2 ver it is put under compensating control, Generally, If you ask anyone why we use
CCTV camera i would say for detection. If the intruder sees the camera than it can be deterrent .
As per the official guide it says CCTV is a technical and compensating - could any one explain
i
 understand for the scenairo after doing the cost benefit analysis the
cost of the security guard is more we can use CCTV . However i don't
understand how it can be a technical control type.

Regards
Sameer

Date: Tue, 22 Oct 2013 11:44:55 -0700
From: [hidden email]
To: [hidden email]
Subject: Re: [CCCure CISSP] Cissp books questions

Remember that controls can fit under different categories depending their implementation. A camera for example, can be used to detect intruders or to act as a deterrent.
In regards to books I think the more the merrier. I find Harris' book overly verbose, plus it always helps to have a different point of view in case something is not clear. I would add Conrad's
 book.


     On Tuesday, October 22, 2013 1:27 PM, abid James <[hidden email]> wrote:



Hello All,

I am reading ISc2 official document 2nd edition which is very confusing me . Whereas i find Shon  Harris Cissp-AIO guide understandable. Is it ok to study only Shon Harris books for the exam

The official guide has CCTV under compensating control

Here is the example for controls

Administrative Directive Policy
Deterrent  policy

Preventative  User registration  procedure

Detective Review violation reports

Corrective Termination,Unplug, isolate, & terminate connection

Recovery DR Plan,Backups

Compensating Supervision,Job rotation Logging, Keystroke monitoring, CCTV

Technical Config Standards

Deterrent Warning Banner,IDS

preventative Password based login ,IPS

Detective : Logs


Please help
regards
Sameer





_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/mailman/private/cisspstudy_cccure.org/attachments/20131023/20fb6e0f/attachment.html>

------------------------------

Message: 4
Date: Tue, 22 Oct 2013 15:32:40 -0400
From: Clement Dupuis <[hidden email]>
To: The CISSP Study Mailing list <[hidden email]>
Subject: Re: [CCCure CISSP] Cissp books questions
Message-ID:
        <CALR7dM0-74pJj-qDa4613swTQs=[hidden email]>
Content-Type: text/plain; charset="iso-8859-1"

Good day Abid,

The controls are not presented very well in many of the book.

Controls matches with Administrative, Technical, and Physical policies and
approach.

You mention that CCTV is mostly for detection, I do not believe it is
true.   Most people are recording events in real time but only very few
company will have someone monitoring the output or intrusion detection
built within their CCTV system.  It is mostly used to investigate after the
fact.

CCTV/Video Cameras are a TECHNICAL control that are used mostly as a
DETECTIVE mechanism after the fact.  The CCTV is compensating, if someone
was able to breach your perimeter or even get into your building, then the
intruder might be picked up be the CCTV even thou your fence or door lock
failed.  This is how it can be compensating.

Having Video Cameras visible act as a DETERRENT.    If an intruder sees
that a building is well lit at night with dozens of cameras, the intruder
may not attempt to break in.

There is a huge TECHNICAL side to proper monitoring with CCTV.  You need
cabling, you need power, you need recording devices with storage, you need
bandwidth, you need to configure the software threshold, you need to
configure the network parameters if they are IP cameras, etc... etc...

Usually such control would have some policies or procedures on the
administrative side, then you would have your actual hardware and software
on the technical side, you would have the physical components as well.
CCTV are definitively supplementing your physical and environmental
security.

Best regards

Clement





Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +703 535 8600
Mobile: +1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @
YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related
training  <<
-------------------------------------------------------------------------------------------------------


On Tue, Oct 22, 2013 at 3:19 PM, abid James <
[hidden email]> wrote:

>
>
>
>
>
>
> Thank you the reply. i agree with you that controls can be fit into
> different categories. However, without giving the scenairo how can you
> categorize.
> Let me explain CCTV as the official guide 2 ver it is put under
> compensating control, Generally, If you ask anyone why we use
> CCTV camera i would say for detection. If the intruder sees the camera
> than it can be deterrent .
> As per the official guide it says CCTV is a technical and compensating -
> could any one explain
> i understand for the scenairo after doing the cost benefit analysis the
> cost of the security guard is more we can use CCTV . However i don't
> understand how it can be a technical control type.
>
> Regards
> Sameer
>
> ------------------------------
> Date: Tue, 22 Oct 2013 11:44:55 -0700
> From: [hidden email]
> To: [hidden email]
> Subject: Re: [CCCure CISSP] Cissp books questions
>
>
> Remember that controls can fit under different categories depending their
> implementation. A camera for example, can be used to detect intruders or to
> act as a deterrent.
>
> In regards to books I think the more the merrier. I find Harris' book
> overly verbose, plus it always helps to have a different point of view in
> case something is not clear. I would add Conrad's book.
>
>
>   On Tuesday, October 22, 2013 1:27 PM, abid James <
> [hidden email]> wrote:
>   Hello All,
>
> I am reading ISc2 official document 2nd edition which is very confusing me
> . Whereas i find Shon  Harris Cissp-AIO guide understandable. Is it ok to
> study only Shon Harris books for the exam
>
> The official guide has CCTV under compensating control
>
> Here is the example for controls
>
> Administrative Directive Policy
> Deterrent  policy
>
> Preventative  User registration  procedure
>
> Detective Review violation reports
>
> Corrective Termination,Unplug, isolate, & terminate connection
>
> Recovery DR Plan,Backups
>
> Compensating Supervision,Job rotation Logging, Keystroke monitoring, CCTV
>
> Technical Config Standards
>
> Deterrent Warning Banner,IDS
>
> preventative Password based login ,IPS
>
> Detective : Logs
>
>
> Please help
> regards
> Sameer
>
>
>
>
> _______________________________________________
> You can find the list archive at:
> http://cissp-study.3965.n7.nabble.com/
>
> CISSPstudy mailing list
> [hidden email]
>
> To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
>
> _______________________________________________ You can find the list
> archive at: http://cissp-study.3965.n7.nabble.com/ CISSPstudy mailing
> list [hidden email] To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your
> accout visit the link below:
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
> _______________________________________________
> You can find the list archive at:
> http://cissp-study.3965.n7.nabble.com/
>
> CISSPstudy mailing list
> [hidden email]
>
> To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/mailman/private/cisspstudy_cccure.org/attachments/20131022/8c1a438d/attachment.html>

------------------------------

Subject: Digest Footer

_______________________________________________
You can search through the mailing list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org


------------------------------

End of CISSPstudy Digest, Vol 64, Issue 5
*****************************************



--
Thank you,

Nagarajan Viswanathan
Cell# +91-8793263249
[hidden email]

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] CISSPstudy Digest, Vol 64, Issue 5

Nagarajan Viswanathan
Hi Sameer,

My two cents here on why CCTV is given under compensatory control could be because the cost of deploying security guards to keep an eye on a area could is not cost efficient so having a CCTV in place and 1/2 guard keeping an eye on the movement in the area is inexpensive and meets the purpose.

Nagarajan




On Wed, Oct 23, 2013 at 1:03 AM, <[hidden email]> wrote:
Send CISSPstudy mailing list submissions to
        [hidden email]

To subscribe or unsubscribe via the World Wide Web, visit
        http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
or, via email, send a message with subject or body 'help' to
        [hidden email]

You can reach the person managing the list at
        [hidden email]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CISSPstudy digest..."


Today's Topics:

   1. Cissp books questions (abid James)
   2. Re: Cissp books questions (Rogelio O'Farril)
   3. Re: Cissp books questions (abid James)
   4. Re: Cissp books questions (Clement Dupuis)


----------------------------------------------------------------------

Message: 1
Date: Tue, 22 Oct 2013 23:56:30 +0530
From: abid James <[hidden email]>
To: "[hidden email]" <[hidden email]>
Subject: [CCCure CISSP] Cissp books questions
Message-ID: <[hidden email]>
Content-Type: text/plain; charset="iso-8859-1"

Hello All,

I am reading ISc2 official document 2nd edition which is very confusing me . Whereas i find Shon  Harris Cissp-AIO guide understandable. Is it ok to study only Shon Harris books for the exam

The official guide has CCTV under compensating control

Here is the example for controls

Administrative Directive Policy
Deterrent  policy

Preventative  User registration  procedure

Detective Review violation reports

Corrective Termination,Unplug, isolate, & terminate connection

Recovery DR Plan,Backups

Compensating Supervision,Job rotation Logging, Keystroke monitoring, CCTV

Technical Config Standards

Deterrent Warning Banner,IDS

preventative Password based login ,IPS

Detective : Logs


Please help
regards
Sameer




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/mailman/private/cisspstudy_cccure.org/attachments/20131022/c42f83ed/attachment.html>

------------------------------

Message: 2
Date: Tue, 22 Oct 2013 11:44:55 -0700 (PDT)
From: Rogelio O'Farril <[hidden email]>
To: The CISSP Study Mailing list <[hidden email]>
Subject: Re: [CCCure CISSP] Cissp books questions
Message-ID:
        <[hidden email]>
Content-Type: text/plain; charset="iso-8859-1"

Remember that controls can fit under different categories depending their implementation. A camera for example, can be used to detect intruders or to act as a deterrent.

In regards to books I think the more the merrier. I find Harris' book overly verbose, plus it always helps to have a different point of view in case something is not clear. I would add Conrad's book.




On Tuesday, October 22, 2013 1:27 PM, abid James <[hidden email]> wrote:


Hello All,

I am reading ISc2 official document 2nd edition which is very confusing me . Whereas i find Shon? Harris Cissp-AIO guide understandable. Is it ok to study only Shon Harris books for the exam

The official guide has CCTV under compensating control

Here is the example for controls

Administrative Directive Policy
Deterrent? policy

Preventative? User registration? procedure

Detective Review violation reports

Corrective Termination,Unplug, isolate, & terminate connection

Recovery DR Plan,Backups

Compensating Supervision,Job rotation Logging, Keystroke monitoring, CCTV

Technical Config Standards

Deterrent Warning Banner,IDS

preventative Password based login ,IPS

Detective : Logs


Please help
regards
Sameer




_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/mailman/private/cisspstudy_cccure.org/attachments/20131022/dec5df6c/attachment.html>

------------------------------

Message: 3
Date: Wed, 23 Oct 2013 00:49:28 +0530
From: abid James <[hidden email]>
To: Rogelio O'Farril <[hidden email]>,
        "[hidden email]" <[hidden email]>
Subject: Re: [CCCure CISSP] Cissp books questions
Message-ID: <[hidden email]>
Content-Type: text/plain; charset="iso-8859-1"











Thank you the reply. i agree with you that controls can
be fit into different categories. However, without giving the scenairo
how can you categorize.
Let me explain CCTV as the official guide 2 ver it is put under compensating control, Generally, If you ask anyone why we use
CCTV camera i would say for detection. If the intruder sees the camera than it can be deterrent .
As per the official guide it says CCTV is a technical and compensating - could any one explain
i
 understand for the scenairo after doing the cost benefit analysis the
cost of the security guard is more we can use CCTV . However i don't
understand how it can be a technical control type.

Regards
Sameer

Date: Tue, 22 Oct 2013 11:44:55 -0700
From: [hidden email]
To: [hidden email]
Subject: Re: [CCCure CISSP] Cissp books questions

Remember that controls can fit under different categories depending their implementation. A camera for example, can be used to detect intruders or to act as a deterrent.
In regards to books I think the more the merrier. I find Harris' book overly verbose, plus it always helps to have a different point of view in case something is not clear. I would add Conrad's
 book.


     On Tuesday, October 22, 2013 1:27 PM, abid James <[hidden email]> wrote:



Hello All,

I am reading ISc2 official document 2nd edition which is very confusing me . Whereas i find Shon  Harris Cissp-AIO guide understandable. Is it ok to study only Shon Harris books for the exam

The official guide has CCTV under compensating control

Here is the example for controls

Administrative Directive Policy
Deterrent  policy

Preventative  User registration  procedure

Detective Review violation reports

Corrective Termination,Unplug, isolate, & terminate connection

Recovery DR Plan,Backups

Compensating Supervision,Job rotation Logging, Keystroke monitoring, CCTV

Technical Config Standards

Deterrent Warning Banner,IDS

preventative Password based login ,IPS

Detective : Logs


Please help
regards
Sameer





_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/mailman/private/cisspstudy_cccure.org/attachments/20131023/20fb6e0f/attachment.html>

------------------------------

Message: 4
Date: Tue, 22 Oct 2013 15:32:40 -0400
From: Clement Dupuis <[hidden email]>
To: The CISSP Study Mailing list <[hidden email]>
Subject: Re: [CCCure CISSP] Cissp books questions
Message-ID:
        <CALR7dM0-74pJj-qDa4613swTQs=[hidden email]>
Content-Type: text/plain; charset="iso-8859-1"

Good day Abid,

The controls are not presented very well in many of the book.

Controls matches with Administrative, Technical, and Physical policies and
approach.

You mention that CCTV is mostly for detection, I do not believe it is
true.   Most people are recording events in real time but only very few
company will have someone monitoring the output or intrusion detection
built within their CCTV system.  It is mostly used to investigate after the
fact.

CCTV/Video Cameras are a TECHNICAL control that are used mostly as a
DETECTIVE mechanism after the fact.  The CCTV is compensating, if someone
was able to breach your perimeter or even get into your building, then the
intruder might be picked up be the CCTV even thou your fence or door lock
failed.  This is how it can be compensating.

Having Video Cameras visible act as a DETERRENT.    If an intruder sees
that a building is well lit at night with dozens of cameras, the intruder
may not attempt to break in.

There is a huge TECHNICAL side to proper monitoring with CCTV.  You need
cabling, you need power, you need recording devices with storage, you need
bandwidth, you need to configure the software threshold, you need to
configure the network parameters if they are IP cameras, etc... etc...

Usually such control would have some policies or procedures on the
administrative side, then you would have your actual hardware and software
on the technical side, you would have the physical components as well.
CCTV are definitively supplementing your physical and environmental
security.

Best regards

Clement





Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +703 535 8600
Mobile: +1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @
YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related
training  <<
-------------------------------------------------------------------------------------------------------


On Tue, Oct 22, 2013 at 3:19 PM, abid James <
[hidden email]> wrote:

>
>
>
>
>
>
> Thank you the reply. i agree with you that controls can be fit into
> different categories. However, without giving the scenairo how can you
> categorize.
> Let me explain CCTV as the official guide 2 ver it is put under
> compensating control, Generally, If you ask anyone why we use
> CCTV camera i would say for detection. If the intruder sees the camera
> than it can be deterrent .
> As per the official guide it says CCTV is a technical and compensating -
> could any one explain
> i understand for the scenairo after doing the cost benefit analysis the
> cost of the security guard is more we can use CCTV . However i don't
> understand how it can be a technical control type.
>
> Regards
> Sameer
>
> ------------------------------
> Date: Tue, 22 Oct 2013 11:44:55 -0700
> From: [hidden email]
> To: [hidden email]
> Subject: Re: [CCCure CISSP] Cissp books questions
>
>
> Remember that controls can fit under different categories depending their
> implementation. A camera for example, can be used to detect intruders or to
> act as a deterrent.
>
> In regards to books I think the more the merrier. I find Harris' book
> overly verbose, plus it always helps to have a different point of view in
> case something is not clear. I would add Conrad's book.
>
>
>   On Tuesday, October 22, 2013 1:27 PM, abid James <
> [hidden email]> wrote:
>   Hello All,
>
> I am reading ISc2 official document 2nd edition which is very confusing me
> . Whereas i find Shon  Harris Cissp-AIO guide understandable. Is it ok to
> study only Shon Harris books for the exam
>
> The official guide has CCTV under compensating control
>
> Here is the example for controls
>
> Administrative Directive Policy
> Deterrent  policy
>
> Preventative  User registration  procedure
>
> Detective Review violation reports
>
> Corrective Termination,Unplug, isolate, & terminate connection
>
> Recovery DR Plan,Backups
>
> Compensating Supervision,Job rotation Logging, Keystroke monitoring, CCTV
>
> Technical Config Standards
>
> Deterrent Warning Banner,IDS
>
> preventative Password based login ,IPS
>
> Detective : Logs
>
>
> Please help
> regards
> Sameer
>
>
>
>
> _______________________________________________
> You can find the list archive at:
> http://cissp-study.3965.n7.nabble.com/
>
> CISSPstudy mailing list
> [hidden email]
>
> To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
>
> _______________________________________________ You can find the list
> archive at: http://cissp-study.3965.n7.nabble.com/ CISSPstudy mailing
> list [hidden email] To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your
> accout visit the link below:
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
> _______________________________________________
> You can find the list archive at:
> http://cissp-study.3965.n7.nabble.com/
>
> CISSPstudy mailing list
> [hidden email]
>
> To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/mailman/private/cisspstudy_cccure.org/attachments/20131022/8c1a438d/attachment.html>

------------------------------

Subject: Digest Footer

_______________________________________________
You can search through the mailing list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org


------------------------------

End of CISSPstudy Digest, Vol 64, Issue 5
*****************************************



--
Thank you,

Nagarajan Viswanathan
Cell# +91-8793263249
[hidden email]

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org