EditWYSIWYGAttachPrintable
r9 - 31 May 2007 - 11:52:14 - AntonAylwardYou are here: Infosecwiki >  CISSPForum Web > TheForumFAQ
This FAQ is best viewed in a window with a width of around 1024 px

The CISSP Forum FAQ -
Answers to
Frequently Asked Questions
about the CISSP Forum

http://groups.yahoo.com/group/cisspforum/files
cisspforum-faq.txt

Originated by
Chris Brown
This version maintained by
Rob Slade

Last Revised June 30, 2005

1. Hello and Welcome

This version of the FAQ has been reformated for the InfoSecWiki.

The motivation for this is

  1. To make it easier to maintain
  2. To make it easier to add comments
  3. To make it easier to access

The Wiki allows for comments and discussion and keeps a revision history.

1.1 Introduction

This document is the FAQ (Frequently Asked Questions) for the CISSPforum mailing list External link mark on Yahoo Groups. It is a collection of answers to questions that are or have been repeatedly asked in the forum or (possibly) important information related to the use of the mailing list. We'd ask you to keep the most recent version of this file for future reference, but we are rather sure that you won't.

1.2 Changes since the last revision

A lot of the additional information comes from the CISSP-Asylum FAQ.

1.3 (ISC)2 Policies and guidelines

The (ISC)2 has promulgated a set of guidelines for this forum, separate, distinct, and prior to the publication of this FAQ. Look for the document 'CISSP Forum Guidelines.pdf' in the file section of the Yahoo! Group website or the CISSP Forum section of the (ISC)2 website External link mark after signing in.

1.4 NoticeGuarantee and Endorsement

The information provided in this document is not guaranteed.

Period

The information provided is often the opinion of one person and there may be valid opposing views. Use the information in this document at your own risk.

This FAQ is not promulgated nor endorsed by the (ISC)2 or its affiliates. This is an independent work by the members of the CISSPForum External link mark, and this particular version is heavily modified by a member who is clearly disturbed.

No added salt.

1.5 Editor/Maintainer

The original editor was Chris Brown, chris.brown@ctg@@_NOSPAM_@@.com, who seems to have disappeared. He freely admitted that much of the content was taken from previous posts to the cisspforum mailing list. Rob Slade, rslade@sun@@_NOSPAM_@@.soci.niu.edu, copied a ton of his stuff, modified the rest so that it made less sense, and finally took over the thing.

1.8 Submitting Articles

Send them directly to Rob Slade via email, slade@victoria@@_NOSPAM_@@.tc.ca. All submissions ungratefully stolen.

2.0 BASIC LIST USE

2.1 Posting messages

Any member of the list can post to CISSP Forum by sending an e-mail to the list address which is:

cisspforum@yahoogroups@@_NOSPAM_@@.com.

Posting can also be done, by members who have tied their membership address to a Yahoo identity, via the Web page interface at http://groups.yahoo.com/group/cisspforum/post.

2.2 Replying to messages

The CISSP Forum External link mark has been set up so that, by default, replies are sent to the whole list, not just the originator of the message. If you wish your reply to go to only the originator, copy that person's address into a new message, or choose the individual address as an option if you are using the Yahoo Groups Web interface. About 4000 people will get your message if you make a mistake.

2.3 Are there rules for this list other than this FAQ?

See https://www.isc2.org/download/CISSP%20Forum%20Guidelines.pdf
This document is publicly available, and was last updated February 24, 2002.

Alternatively, http://groups.yahoo.com/group/cisspforum/files/ and click on the file "CISSP Forum Guidelines.pdf"

Topics covered in that document include:

  1. What is the CISSP Forum?
  2. Who can be a member of the CISSP Forum?
  3. Who is the host of the CISSP Forum?
  4. Who should I contact if I'm having any difficulties with my subscription?
  5. How do I subscribe to or unsubscribe from the CISSP Forum?
  6. How does the Forum work?
  7. How can I access the CISSP Forum at the Yahoo Groups web site External link mark?
  8. I'm receiving too many messages. Should I unsubscribe?
  9. What is unacceptable content?
  10. How do I reply to postings?
  11. How do I report abuse of the Forum?
  12. What if my email program has an "Out of the Office" option?
  13. Who do I contact if I need help with the Forum?

AxelEble - 28 Jul 2005
One of the informal but nevertheless more important rules is that all emails should be signed with at least the name of the author.

As CraginShelton says:

Finally, I must say I am generally annoyed by forum members who obfuscate their identity here by using a non-informative e-mail address and at the same time never providing any form of signature on their posts. This is not a semi-autonomous usenet group trading ripped mp3 files or porn jokes, or a random crowd who jus happened to all find ourselves at the same bar on Friday night. This is an international professional networking group, with every member meeting a specific professional credential requirement, properly vetted. As a general matter of courtesy, both personal and professional, I believe we should always introduce or identify ourselves to our colleagues in this forum. It is just basically rude to wear a mask of anonymity in this environment.

2.4 Can I send files via the CISSP Forum list?

Any file attachments sent to the mailing list will be stripped off. Members who post documents or other materials are frequently embarrassed at having posted, essentially, nothing. (Plain text is best for posting.) However, any member can create a file in the files area, and announce it on the list.

3.0 LIST CONTENT

The CISSPForum is a high-volume mailing list. This means a lot of emails are exchanged per day (sometimes even per hour). In this context, sending out an email with the subject "First Post", "Test" or something like that is extremely annoying. The subject of an email to this (or, for that matter, any high volume) mailing list should give a hint about the content (even if it's (extremely) off topic).

Emails without (even (extremely) off-topic) content should be avoided by all means: they add to the traffic and they add to distraction.

In that light, the "CISSP Verification" postings are marginally better in that one does not expect them to have any meaningful content. "First post" postings however might have.

If you want to post (if only to verify your certification for the several 3rd party services), then put some content in that is at least somewhat security related. It helps every one of the currently 4434 members of this list.

AxelEble - 28 Jul 2005

3.1 Is this the proper place to compare certifications?

Probably not. The question has been raised, and you'll get replies, some thoughtful, some not.

3.2 Is this a good place to ask ethical questions?

Yes, but try cissp-ethics@yahoogroups@@_NOSPAM_@@.com

3.3 Is it OK to ask about topics previously covered?

Everybody does it, but it would be appreciated if you go and check out the archives, which can be done, with some difficulty, via the Yahoo Groups Web interface External link mark. The archives of the cisspforum are archived at http://cissp.zsquad.org, with a bit better interface.

For further information, contact javed@atranell@@_NOSPAM_@@.com.

4.0 TOPICS PREVIOUSLY COVERED (PAST THREADS)

4.1 Where can I find thread summaries?

Basically, you can't, but see 3.3.

4.2 Topic: Reformed hackers (e.g. Kevin Mitnik, Frank Abagnale)

Been argued, no resolution. Some hold that we have to be, like Ceasar's wife, above suspicion. Some hold that reformed hackers have sometimes "paid their debt to society" and can have things to contribute.

4.3 Topic: Security ROI

We are tired of this.

4.4 Topic: Standards and Resources

The nice thing about computer standards is that there are so many of them.

For terminology resources:

For book resources

For web resources

For CISSP study resources

Another excellent resource is http://www.infosecwiki.com/

4.5 Topic: cissp.txt

We are really tired of this.

a) There is a list of CISSPs at [someURL].cissp.txt. This is appalling!
b) There is a list of CISSPs at [someURL].cissp.txt and my name is not on it! What gives?
c) There is a list of CISSPs at [someURL].cissp.txt and my name is on it! Aaaiiieeee!
` Yes, there is a list that appears at various places around the net, usually named cissp.txt. This contains some names (and some contact information, some of which is still, actually, valid!) of CISSPs who had listed themselves in the public directory at http://www.isc2.org (some people say circa 2003, others say early 2005). At one time someone obviously mined the public directory (possibly for marketing purposes), later, someone (possibly someone else: for their story see http://www.reznor.com/4-11/2005/cissp.txt) thought it would be a good joke to post the list and see if they could get lots of people upset. (They seem to have succeeded.)

Oh, and special note to c: you have had your CISSP for a while, and posted some info to the (ISC)2 public directory, so why are you so upset?

5.0 LIST MEMBERSHIP OPERATIONS AND SETTINGS

5.1 How do I subscribe?

  1. Go to Yahoo External link mark and create a profile. (This is not strictly necessary, but comes in handy at times later on, and is easy to do while waiting for glacially slow results from (ISC)2. Doesn't have to be done first, either.) Use the email account you will want on the CISSPforum. (Not strictly necessary, but you can explore the various options on Yahoo for yourself.)

        • groups.yahoo.com or egroups.com

  2. Go to http://www.isc2.org and request an account, if you haven't already done so. (This is an account on http://www.isc2.org, and gets you into the private CISSP areas. Also handy for getting onto the job board there, which is notable for its lack of results, but why not try, eh?) (Warning: http://www.isc2.org has been winner of the World's Least Intuitive Website Interface for at least four years running.)

        • https://www.isc2.org/cgi/login.cgi

    You can possibly also contact Wilf at forum@isc2@@_NOSPAM_@@.org, but try the form, first.

  3. When you have your http://www.isc2.org account (account/username is your CISSP number/exam candidate number), login and get into the private areas. One of which will mention getting onto the CISSP Forum. Fill out the form using the email account that you want/you used in creating the Yahoo profile. (Also make sure that you choose the right CISSP Forum, currently listed as "Yahoo!Groups": (ISC)2 is experimenting with alternatives as of this writing.)

        • https://www.isc2.org/cgi/cissp_forum.cgi

  4. REMEMBER THIS PAGE AND HOW YOU GOT TO IT!! YOU WILL NEED IT TO UNSUBSCRIBE, IF YOU WANT TO.

  5. Wait. Eventually you will either get an invite, or start getting email from the forum.

5.2 How do I access the archive?

When you sign up for the group at the (ISC)2 site, you are subscribed to the list, but can't access it with any method other than email until you create a yahoogroups.com ID or associate your existing ID with this group. Here are explicit instructions for both.

Create a new ID @ yahoogroups and caveats: Go to http://www.yahoogroups.com and click the blue "Register" link on the left or right hand side near the top. In alternate email address, enter the address that is currently receiving the cisspforum. If you fake the "demographic" information on this page you will be hurting when you need to recover the password you forgot. Be sure to clear the "send me special offers..." checkbox and make sure your birthdate makes you 18 or older or Yahoo will ask for your mommy or daddy wink Once you have registered, be sure to use the "click here" link to manage your "marketing preferences" which yahoo will promptly honor in 5 days or so (says so on the screen).

Add CISSPforum to your yahoogroups: Once logged in, click "My Groups" in the upper right hand portion of the page. From here, usually, you can associate your account with the CISSP forum by searching for groups with your email address on their list. Tonight, however, the "database is down". This may get you started, but I'll complete this when it is back up.

Special thanks to JOHN MCGUIRE for this article.

5.3 How do I temporarily stop getting email from the list?

First, you must be as a Yahoo! ID and password and that account must be associated with this list. See the first the previous question on how to do this.

Next, log in to http://groups.yahoo.com with your Yahoo! ID and password. Once logged in click on 'My Groups', find the link for the group 'cisspforum' and click on it. Then click on 'Edit My Membership' near the upper right part of the page. You will see a list of options.

DO NOT UNSUBSCRIBE FROM THE GROUP.

Rather, look for the section 'Message Delivery'. In this section select 'No Email' and click on the 'Save Changes' button.

To start receiving email again, get back to the options page, select 'Individual emails' and click on the 'Save Changes' button.

5.4 How do I set up my out of office message so I don't send out-of-office messages to the whole list?

Do not turn on "reply-to-messages-not-sent-directly-to-me" or "reply-to-all". Your best bet is to read the manual for your mail system or call your helpdesk.

The opinions of your fellows in regard to failing to take appropriate actions can be found in cissp-ooo-replies@yahoogroups@@_NOSPAM_@@.com and cissp-clueless@yahoogroups@@_NOSPAM_@@.com

5.4.1 Out-of-Office Notices in Lotus Notes

The following gives a good recommendation External link mark on how to use the Out-of-Office Agent in Notes:

Enabling the Out of Office Message

  1. Click Actions, Mail Tools, Out of Office
  2. Specify the dates you are leaving and returning
  3. If you would like certain people/groups to receive a special message, add them to "People/groups who should receive a special message"
  4. Enter the text for your special message
  5. If you do not want the out of office message to go to certain people/groups add them to "People/groups who should not receive any messages". Make sure to check the "Do not automatically reply to Internet Email addresses"!
  6. Click the Enable Out of Office Agent button
  7. If Notes asks which server to run the out-of-office agent on, choose your mail server and click OK
  8. The out of office agent will run until you disable it upon your return

Disabling the Out of Office Message

  1. Click Actions, Mail Tools, Out of Office
  2. Click "I Have Returned To The Office"

AxelEble - 28 Jul 2005

For further information on the Lotus Notes Out-of-Office Agent, see the following articles:

For Notes 4.x & 5.x: Demystifying the Out of Office Agent External link mark

For Notes 6.x and 7: Lotus Notes Out of Office Agent, revisited External link mark

LesBell - 04 Oct 2005

5.5 How do I unsubscribe?

First, do not unsubscribe using the yahoogroups.com subscription maintenance features. To subscribe and unsubscribe go to the (ISC)2 website External link mark and log in from the main page with your User ID and Password. The same page you used to subscribe is the one you use to unsubscribe (different form, lower down the page). (Told you you'd need it.)

More vituperative, if less helpful, suggestions can be found in cissp-clueless@yahoogroups@@_NOSPAM_@@.com

6.0 INTERACTING WITH (ISC)2

6.1 How do I receive regular communication from (ISC)2?

Subscribe to the (ISC)2 newsletter. To do this sign into the (ISC)2 website External link mark, and then click on "subscribe to (ISC)2 newsletter." You will be taken to a bcentral.com partner site, and must provide your email address, name, city, state, country, and company name. You may also provide your interests (very short list), and what certifications you have (also short list). Within a few minutes you will receive a confirmation message welcoming you to the mailing list.

6.2 How do I submit CPEs?

Currently, the page at https://www.isc2.org/cgi-bin/cissp_content.cgi?page=89 has lots of details and a link to the submission form. If it has changed, look around the site for links such as "CPE" or "Credential Maintenance."

7.0 MISCELLANY

7.1 What is the 11th domain?

The 11th CBK domain is a general reference to any topic that the membership of the forum currently considers Clueless. It includes the specialties "Out-of-office," "unsubscribe," and "Could have found it on Google in 2 seconds."

(You can apparently construct anything using the base URL of http://www.justfuckinggoogleit.com/search?q= and then adding the terms separated by a +, such as: http://www.justfuckinggoogleit.com/search?q=security+glossary)

If you don't think this is funny, you might benefit from a subscription to cissp-humour-impaired.

7.2 What other CISSP-related mailing lists are there?

Please note that none of the following are (ISC)2 sponsored or endorsed.

There is an inactive but archived group at http://groups.yahoo.com/group/cissp/

Regional/Area study groups

These last groups are meant in fun. In particular, note that none of these last are (ISC)2 sponsored or endorsed.

Acknowledgements and Contributors

! Submit-a-comment boxes

Would anyone object if I removed the little comment boxes scattered throughout this FAQ? Comments can be added at the end (like this one) and people with editing rights can hack the wiki about as they wish, subject to the usual wiki ethics, so I'd prefer to cut the comment boxes and make the FAQ more readable.

Gary.
-- NoticeBored - 27 Aug 2005 - 12:50

Comment:
Text:

TopicClassificationForm
TopicClassification FAQ
TopicSummary The FAQ for the YahooGroups CISSP Forum External link mark
InterestedParties

RelatedTopics

Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r9 < r8 < r7 < r6 < r5 | More topic actions
 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Infosecwiki? Send feedback