<br><font size=2 face="sans-serif">also try Applied Cryptography by Bruce
Shneier</font>
<br><font size=2 face="sans-serif"><br>
</font><img src=cid:_1_0CF396040CF393DC001945D742257626>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td width=40%><font size=1 face="sans-serif"><b>cisspstudy-request@cccure.org</b>
</font>
<br><font size=1 face="sans-serif">Sent by: cisspstudy-bounces@cccure.org</font>
<p><font size=1 face="sans-serif">09/01/2009 06:00 PM</font>
<table border>
<tr valign=top>
<td bgcolor=white>
<div align=center><font size=1 face="sans-serif">Please respond to<br>
cisspstudy@cccure.org</font></div></table>
<br>
<td width=59%>
<table width=100%>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">To</font></div>
<td><font size=1 face="sans-serif">cisspstudy@cccure.org</font>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">cc</font></div>
<td>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">Subject</font></div>
<td><font size=1 face="sans-serif">cisspstudy Digest, Vol 15, Issue 2</font></table>
<br>
<table>
<tr valign=top>
<td>
<td></table>
<br></table>
<br>
<br>
<br><tt><font size=2>Send cisspstudy mailing list submissions to<br>
cisspstudy@cccure.org<br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org<br>
or, via email, send a message with subject or body 'help' to<br>
cisspstudy-request@cccure.org<br>
<br>
You can reach the person managing the list at<br>
cisspstudy-owner@cccure.org<br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of cisspstudy digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. Re: Cryptography Study Guide (amar singh)<br>
2. Re: preambles questions (An.Dang@do.treas.gov)<br>
3. Re: preambles questions (Vardhan, Aditya {PI})<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Tue, 1 Sep 2009 17:04:40 +0530 (IST)<br>
From: amar singh <amar_ncet@yahoo.co.in><br>
To: The CISSP Study Mailing list <cisspstudy@cccure.org><br>
Subject: Re: [Cisspstudy] Cryptography Study Guide<br>
Message-ID: <182297.48273.qm@web8904.mail.in.yahoo.com><br>
Content-Type: text/plain; charset="iso-8859-1"<br>
<br>
<br>
<br>
william stallings is easy and best...did from that <br>
BEST OF LUCK<br>
<br>
<br>
________________________________<br>
From: "Dallas, Michael J Civ USAF USAFE 100 CS/SCQ" <mike.dallas@mildenhall.af.mil><br>
To: Prakash <prakash2757@yahoo.com>; The CISSP Study Mailing list
<cisspstudy@cccure.org><br>
Sent: Tuesday, 1 September, 2009 4:13:10 PM<br>
Subject: Re: [Cisspstudy] Cryptography Study Guide<br>
<br>
Thank you Prakash... this should be helpful<br>
<br>
Mike<br>
<br>
<br>
<br>
-----Original Message-----<br>
From: Prakash [mailto:prakash2757@yahoo.com] <br>
Sent: 01 September 2009 11:36<br>
To: The CISSP Study Mailing list<br>
Cc: Dallas, Michael J Civ USAF USAFE 100 CS/SCQ<br>
Subject: Re: [Cisspstudy] Cryptography Study Guide<br>
<br>
Hello Mike,<br>
<br>
You can read Cryptography from Shon Harris AIO & Official Book. They
are very well explained.<br>
<br>
You can also read following books.<br>
<br>
Handbook of Applied Cryptography (Free Online Version with copyright permission
from CRC Press)<br>
http://www.cacr.math.uwaterloo.ca/hac/ <http://www.cacr.math.uwaterloo.ca/hac/>
<br>
<br>
One more great resource here - http://williamstallings.com/Crypto/Crypto4e.html
<http://williamstallings.com/Crypto/Crypto4e.html> <br>
<br>
Hope it helps.<br>
<br>
- Prakash<br>
http://www.linkedin.com/in/prakashp <http://www.linkedin.com/in/prakashp>
<br>
<br>
<br>
<br>
--- On Tue, 9/1/09, Dallas, Michael J Civ USAF USAFE 100 CS/SCQ <mike.dallas@mildenhall.af.mil>
wrote:<br>
<br>
<br>
<br>
??? From: Dallas, Michael J Civ USAF USAFE 100 CS/SCQ <mike.dallas@mildenhall.af.mil><br>
??? Subject: [Cisspstudy] Cryptography Study Guide<br>
??? To: "'cisspstudy@cccure.org'" <cisspstudy@cccure.org><br>
??? Date: Tuesday, September 1, 2009, 3:03 PM<br>
??? <br>
??? <br>
<br>
??? Does anyone have (or know where I can get) a good study guide to use
for cryptography? <br>
<br>
??? This is the only domain of the 10 that I seem to have trouble with...
thanks much<br>
<br>
??? <br>
<br>
??? Mike<br>
<br>
??? -----Inline Attachment Follows-----<br>
??? <br>
??? <br>
??? _______________________________________________<br>
??? cisspstudy mailing list<br>
??? cisspstudy@cccure.org <http://us.mc365.mail.yahoo.com/mc/compose?to=cisspstudy@cccure.org>
<br>
??? http://cccure.org/mailman/listinfo/cisspstudy_cccure.org<br>
??? <br>
<br>
<br>
<br>
_______________________________________________<br>
cisspstudy mailing list<br>
cisspstudy@cccure.org<br>
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org<br>
<br>
<br>
<br>
See the Web&#39;s breaking stories, chosen by
people like you. Check out Yahoo! Buzz. http://in.buzz.yahoo.com/<br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090901/6792b26d/attachment-0001.html><br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Tue, 01 Sep 2009 08:19:08 -0400<br>
From: An.Dang@do.treas.gov<br>
To: cisspstudy@cccure.org<br>
Subject: Re: [Cisspstudy] preambles questions<br>
Message-ID:<br>
<3B449623CE62F94DB4FA3CCD437BDD9D2A055D7AD0@EXC15VP.do.treas.gov><br>
Content-Type: text/plain; charset=us-ascii<br>
<br>
I have a few questions that are in the "gray area" of things.
I have the answers (maybe) but want to know what the group thinks.<br>
<br>
Using ISC(2) preambles as guides, answers these questions:<br>
<br>
1) A visiting professor is assigned to work in a university computing center.
He found a hole in a financial transaction program that would enable
one to collect students' social security numbers, last names, and other
personally identifiable information. He quietly collected the information
into a computer file and gave the file to the system administrator on his
last day. <br>
a) The professor was unethical. He should have disclosed the hole
right away.<br>
b) There is nothing unethical with what he did. He did not give the
information to anyone else.<br>
c) Though he did nothing unethical, the professor should have disclosed
the information because ISC(2) preambles stated responsibility to the public
first.<br>
d) None of the above. ISC(2) ethics were observed.<br>
<br>
2) An analyst for an anti-virus software company is assigned to test a
new product. He developed an automated program to generate multiple
instances of a computer virus with varying signatures. He wants to use
it to test the new anti-virus software the company is going to publish.<br>
a) He should not use it. It is illegal to create virus.<br>
b) There is nothing wrong with using it since it is contained in a test
lab and would never get out to the Internet.<br>
c) It is unethical to develop something that would potentially harm the
public.<br>
d) It is part of his job. It is completely ethical.<br>
<br>
<br>
<br>
<br>
<br>
------------------------------<br>
<br>
Message: 3<br>
Date: Tue, 1 Sep 2009 22:00:03 +0800<br>
From: "Vardhan, Aditya {PI}" <aditya.vardhan@intl.pepsico.com><br>
To: "The CISSP Study Mailing list" <cisspstudy@cccure.org><br>
Subject: Re: [Cisspstudy] preambles questions<br>
Message-ID:<br>
<BA3849E85C9B6040BFA9656812C802F943A664@PEPWMV33125.cww.pep.pvt><br>
Content-Type: text/plain;
charset="us-ascii"<br>
<br>
Pl share the correct answers,<br>
I think these are,<br>
1- a<br>
2 -b<br>
<br>
-----Original Message-----<br>
From: cisspstudy-bounces@cccure.org<br>
[mailto:cisspstudy-bounces@cccure.org] On Behalf Of An.Dang@do.treas.gov<br>
Sent: Tuesday, September 01, 2009 5:49 PM<br>
To: cisspstudy@cccure.org<br>
Subject: Re: [Cisspstudy] preambles questions<br>
<br>
I have a few questions that are in the "gray area" of things.
I have<br>
the answers (maybe) but want to know what the group thinks.<br>
<br>
Using ISC(2) preambles as guides, answers these questions:<br>
<br>
1) A visiting professor is assigned to work in a university computing<br>
center. He found a hole in a financial transaction program that would<br>
enable one to collect students' social security numbers, last names, and<br>
other personally identifiable information. He quietly collected the<br>
information into a computer file and gave the file to the system<br>
administrator on his last day. <br>
a) The professor was unethical. He should have disclosed the hole
right<br>
away.<br>
b) There is nothing unethical with what he did. He did not give the<br>
information to anyone else.<br>
c) Though he did nothing unethical, the professor should have disclosed<br>
the information because ISC(2) preambles stated responsibility to the<br>
public first.<br>
d) None of the above. ISC(2) ethics were observed.<br>
<br>
2) An analyst for an anti-virus software company is assigned to test a<br>
new product. He developed an automated program to generate multiple<br>
instances of a computer virus with varying signatures. He wants to use<br>
it to test the new anti-virus software the company is going to publish.<br>
a) He should not use it. It is illegal to create virus.<br>
b) There is nothing wrong with using it since it is contained in a test<br>
lab and would never get out to the Internet.<br>
c) It is unethical to develop something that would potentially harm the<br>
public.<br>
d) It is part of his job. It is completely ethical.<br>
<br>
<br>
<br>
_______________________________________________<br>
cisspstudy mailing list<br>
cisspstudy@cccure.org<br>
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org<br>
<br>
<br>
<br>
------------------------------<br>
<br>
_______________________________________________<br>
cisspstudy mailing list<br>
cisspstudy@cccure.org<br>
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org<br>
<br>
<br>
End of cisspstudy Digest, Vol 15, Issue 2<br>
*****************************************<br>
</font></tt>
<br>