"Bryan J. Smith" <[EMAIL PROTECTED]> writes: > Dave Phillips <[EMAIL PROTECTED]> writes: > > (ISC)²**CISSP CBK Domains:* > > ... cut ... > > I previously argued we should look at the SSCP domains, > instead of CISSP. The SSCP domains are system security, > and all seven (7) domains map very well into actual > "objectives/tasks" that you can do on a system. ;)
Dang and I was already attached to the previous mapping. I'll attempt a mapping to these, too, but I do like the 'marketing' spin on the CISSP side. Besdies, who's ever heard of the SSCP? I can't even get the acronym correct when I speak of it. Always ends up as CSSP, SCCP, CCCP, ... :) > Do we cover all discretionary access controls (DAC) > in LPIC-1, 2 or other 3 (LDAP, Samba) exams? > > If so, then nevermind. If not, you want to add them. > > - DAC: Legacy POSIX ACLs (in LPIC-1/2) > - DAC: Extended POSIX ACLs (again, are they elsewhere?) No, they're in 303. In host-based AC but it'll probably get broken out. > It's easy to "lose track" of what to cover. But if you > start recognizing different implementations of DAC, MAC > and RBAC, it's much easier to realize what you can cover, > and what's left for LPIC-1/2 or other level 3 exams. I'd > argue DAC is probably game outside of the Security, which > should focus on MAC/RBAC (and maybe only tasks where DAC > is related). Possibly. I'll leave all of DAC, MAC and RBAC in the 303 for now. We can always push some of it down into LPIC-2 at some point. > > * Application Security > > Service hardening > > The CISSP can actually go all over on that one. In reality, > for a "systems security practitioner," it breaks down into > a couple of different categories. No doubt on that. We seem to have picked some token and ubiquitous services but people want to seem to focus that way. > The CISSP domains really go into networking beyond what > a "systems security practitioner" should be tested on, > at least from the standpoint of Linux. That's why I > really prefer the SSCP domains. It's not that some of Ah, I wasn't thinking a total mapping but an 'applied subset' (by applied, I mean non-theory). Regards, -- g. matthew rice <[EMAIL PROTECTED]> starnix care, toronto, ontario, ca phone: 647.722.5301 x242 gpg id: EF9AAD20 http://www.starnix.com professional linux services & products _______________________________________________ lpi-examdev mailing list [email protected] http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
