IT Security Interviews Exposed: Secrets to Landing Your Next Information Security Job

It′s not a job. It′s THE job, and here′s how to get it.
What does your ideal IT security job look like? What will prospective employers expect you to know? What affects how they view you and your skills? What if you haven′t had much experience? What if you′re not 30 anymore?
Here′s the crash course in how to discover, apply for, and land the IT security job you want. Written by a squad of highly credentialed security professionals, this guide prepares you with the technical knowledge, interview skills, strategies, and job search techniques you need to find and get the perfect job.
Meet every job search challenge
What does — and doesn′t — belong on your résumé
How to survive a telephone interview
All about firewall technologies, devices, deployment strategies, and management
A review of security essentials, regulations, legislation, and guidelines
The effects of state cyber security laws, Sarbanes–Oxley, and international standards
A refresher course in network fundamentals
Everything you should know about wireless, security posture, and tools
When and how to say "no"

Spis treści:
Acknowledgments.
Introduction.
Chapter 1: Finding, Interviewing for, and Getting the Job.
Qualifications.
Pursuing a Degree.
The Perfect Job.
Job Search.
Interviewing.
Money Talks.
Accepting or Rejecting the Offer.
Summary.
Nontechnical Interview Questions.
Chapter 2: Knowing Networks: Fundamentals.
Introduction.
Questions.
Recommended Reading.
Chapter 3: Knowing Security: Fundamentals.
Adjust Your Thinking.
Core Values.
Basic Concepts.
Managing Risk.
Data Classification and Labeling.
Ethics in Information Security.
Daily Security Responsibilities.
Summary.
Interview Q&A.
Recommended Reading.
Chapter 4 : Understanding Regulations, Legislation, and Guidance.
Regulations, Legislation, and Guidance Defined.
Why Does an Employer Care?
Why Should You Care?
Government– and DoD–Specific Information.
Commercial Information Security.
Using This Information in the Interview.
Summary.
Interview Q&A.
Recommended Reading.
Chapter 5: Knowing Firewalls: Fundamentals.
Firewall Technologies.
Major Vendors.
Device Types.
Management.
Deployment Strategies.
Summary.
Interview Q&A.
Recommended Reading.
Chapter 6: Knowing Virtual Private Networks.
Goals and Assumptions.
The Cryptography of VPNs.
IP Security Review.
Implementing IPsec.
Alternatives to IPsec.
Summary.
Interview Q&A.
Recommended Reading.
Chapter 7: Knowing IDS/IPS/IDP.
Introduction.
Questions.
What Questions Do You Want to Ask Me?
Recommended Reading.
Chapter 8: Everything You Ever Wanted to Know about Wireless but Were Afraid They′ Ask.
The Fundamentals.
Wireless Cards and Chipsets.
Wireless Drivers for Linux.
WLAN Detection (WarDriving).
Wireless Security.
Rogue Wireless Devices.
Summary.
Interview Q&A.
Recommended Reading.
Chapter 9: Finding Your Posture.
History of Information Security.
Modern Information Security.
Security Objectives.
Determining the Security Posture.
Prioritizing the Vulnerabilities.
Vulnerability Management.
Summary.
Interview Q&A.
Recommended Reading.
Chapter 10: Tools.
Enumeration, Port Scanning, and Banner Grabbing.
Wireless Enumeration.
Vulnerability Scanning.
Password Compliance Testing.
Network Sniffing.
Penetration Testing.
Learning.
Summary.
Interview Q&A.
Recommended Reading.
Additional Resources.
Index.

Nota biograficzna:
Chris Butler (CISSP, JNCIS–FWV, JNC IA–SSL, CCSE, IAM/IEM) is a Senior Solutions Architect with Intellitactics. Chris has more than a dozen years of experience in the networking and security fields. He is a veteran of the United States Navy, where he worked in the cryptography field. Chris has designed, implemented, and supported some of the largest networks in the country for large insurance companies, investment firms, software companies, service providers, and pharmaceutical companies. He has also provided network and security consulting services for numerous U.S. government agencies, including the Department of State, Department of Defense, and the Department of Energy. He has worked extensively with the leading security and networking vendors throughout his career. He is also well versed in both commercial and open source network and security management software. Chris has also performed in–depth application analysis and network modeling using OPNET software for dozens of large companies. He is a member of the IEEE Computer Society and SANS.
Russ Rogers (CISSP, IAM/IEM) is a Senior Cyber Security Analyst and the former CEO and co–founder of Security Horizon, Inc. Russ is a United States Air Force veteran and has served in military and contract support for the National Security Agency, Defense Information Systems Agency, and the other federal agencies. He is also the editor–in–chief of The Security Journal. Additionally, he serves as the Professor of Network Security at the University of Advancing Technology (uat.edu) in Tempe, Arizona. Russ is the author, co–author, or technical editor for nearly a dozen books on information security. Russ has spoken and provided training to audiences around the world and is also a co–founder of the Security Tribe information security research Web site at www.securitytribe.com. His education includes a bachelor’s and master’s degree from the University of Maryland in Computer Science areas.Mason Ferratt (JNCIS–FWV, JNCIA–M MSEE, BSME) is a Federal Systems Engineer with Juniper Networks in Charleston, South Carolina. He has performed large–scale network security engineering for numerous government clients. His most recent work involves the Department of Defense medical community, where his team is responsible for the security posture of all Navy and Army hospitals and clinics in the world. His specialty is in purpose–built intrusion detection/protection, VPN encryption, firewall, content filtering, and secure remote access devices. His prior jobs include network engineering design, modeling, and testing for the Department of State, and pre– and post–sales network engineering for several optical/WAN vendors (Corvis Corporation, Corrigent Systems, Lucent Technologies, Ascend Communications, and Network Equipment Technologies). He holds a Master of Science degree in Electrical Engineering from George Washington University, and a Bachelor of Science degree in Mechanical Engineering from the University of Virginia. He holds a Top Secret/SCI clearance and is an IEEE member.
Greg Miles (CISSP, CISM, IAM/IEM) is a co–founder, President, Chief Financial Officer, and Principal Security Consultant for Security Horizon, Inc., a Colorado–based professional security services and training provider and veteran–owned small business. He is a United States Air Force veteran and has served in military and contract support for the National Security Agency, Defense Information Systems Agency, Air Force Space Command, and NASA supporting worldwide security efforts. Greg has planned and managed Computer Incident Response Teams (CIRTs), Computer Forensics, and INFOSEC training capabilities. Greg has been published in multiple periodicals, including The Security Journal and The International Journal on Cyber Crime. He co–authored Network Security Evaluation: Using the NSA IEM (S