The information security field is always evolving... To get in the field you need a basic level of understanding. I suggest that you check out the OWASP books, that are freely available for download at lulu.com
For starters I'd recommend "OWASP Top 10 - 2010 Edition" and then go on reading the ones you find yourself interested in.
OWASP isn't the ultimate source for information, but it's a start. You can find guidelines etc from their site... I suggest that you check it out if you're interested in penetration testing.