Check out this post on the BT forum, might help ?

http://www.backtrack-linux.org/forums/showthread.php?t=48556

What are the 6 books you are reading?

The fact that it has such a low pass rate makes it all the move valuable I think. It means that you can't just read a couple of brain dumps and pass the exam.

To contrast that I have worked for a company that did things almost right… The only users with internet access were the office admin team (HR, Front Desk). The Developers and Analysts had no internet, no external email, no USB access and could not print!

I see what you are saying. I think what the other guys are saying is that you include your normal Lab work in with the pen test report at the end? So work on the format of the lab work report as you go so you don't have a heap of formatting to do right at the end.... is that correct???

I have worked for a number of large companies and have found that different ones treat InfoSec differently.

One in particular were very keen to make sure IP was not leaked out of the company, they made sure all users were aware of the Green, Yellow , Red designations of data. Anything that was above Green was NOT to go to people outside of the company and Red and Yellow print outs were to be shredded.

But when it came to the security of the network and data on the network it was different. Users were allowed to copy files to USB keys with no encryption. Never once did they employ a company to test the security of the network, relying 100% on the automated scanning tool!

Do you guys find this is often the case with companies? They do a great job in some parts of InfoSec and not others?

I agree with Jamie.R, even if you have no intentions of doing the CCNA it is worth looking at the books or some of the training vid's on the net. While it might be VERY CISCO heavy it is a great foundation.

It's true the kindle isn't good for tech books... but if you have a tab that you want to use then just download the kindle app.... works great. I have it on my mobile, my galaxy.... all over the place... when I am at work if I need to look something up I user the cloud reader....

It looks like you have great development skills but might advantage from reading up on networking…

I know that this isn’t the most 1337 book in the world but it’s a good quick start to networking and will give you a solid base:

http://www.amazon.com/Networking-All---One-For-Dummies/dp/0470625872/ref=sr_1_3?ie=UTF8&qid=1345431169&sr=8-3&keywords=networking

If you think that is a little too basic maybe one of the CISCO press books, a CCNA study guide...

Nice advice Sh4dowmanpp... those are all great books.

Sounds like you need a little rest Sternone.... get some air and some sun....

Hope the rest of the training goes well 

D'oh! Shot down.... where do you place the IP??? 

If your after a good book on the topis then Metasploit: The Penetration Tester's Guide is the way to go. I finished it a couple of months ago and found it very well written with lots of great examples.

http://www.amazon.com/Metasploit-The-Penetration-Testers-Guide/dp/159327288X/ref=sr_1_sc_1?ie=UTF8&qid=1345155869&sr=8-1-spell&keywords=metaspliot

Well to answer your question about sending the payload via email the best bet would be to create a malicious PDF and send it to the "user" on the windows 7 machine.

http://www.offensive-security.com/metasploit-unleashed/Client_Side_Attacks

I guess that depends on who you talk to. I like it because you can build POC's nice and fast with very little code. Also it's easy to pick up if you haven't had much software development experience.

Just a reminder that you should only get it from a trusted source! Never know what someone has installed in it if you go grabbing it from a random location….. just sayin.