Customer Rating:  
Summary: Average
Comment: Nutshell review - An average review book for the CISSP exam. There are better resources available.
Customer Rating:
Summary: This is the book that will get you pass the CISSP exam!
Comment: I used the CISSP for Dummies as a first book to get me in the mode and hit this book hard over and over again. It helped me to pass the test on my first try. It has enough details and excellent test questions. I'm not sure about the ISSEP parts as I did not go through it. At $6.99 when I bought it compared to the $26.99 I paid for the Dummies book, this is the best bang for the buck in studying for the exam, no question about that.
Customer Rating:
Summary: Gooddish study guide for this certification
Comment: Good points:
+Surveys of all areas of the CISSP exam.
+Each area covered in detail with many examples.
+Well written in the usual sober style of Wiley guides.
+Good layout, easy on the eyes and with lots of margin space for notes. Easier to read than the official (ISC)2 guide.
+CD gives over 300 practice questions.
Bad points:
-Typos, one every ten pages or so.
-Some mistakes, or at least areas where I disagreed. (See below for an example.)
-Out of date. (That's not really the author's fault but that's Reality, accept it, what with revolutions happening every six months...)
One example of a disagreement came in a question where we were asked to choose which of four methods was NOT a good way of wiping data from a diskette. I chose "writing data to the diskette several times" but the book gave the correct answer as "formatting the diskette seven times". I disagree. At my office before disgarding a PC, IT wipes the hard drive. They reformat the drive once then they overwrite the entire hard disk several times with random sequences of bytes. Such software is easy to find on the internet and the method is pretty standard.
While there are many challenging concepts and more than a few insights especially in areas where I don't have much experience, I find much to be just plain wrong or at best naive. One big problem is (ISC)2 itself: what you need to know to get their accreditation is wrong. The above disagreement is one example, but there are more: (ISC)2 thinks software piracy is like stealing anything else, when in fact the status of intellectual property is not yet well defined.
Verdict: if you need to take the CISSP accreditation get this book along with the official (ISC)2 study guide, otherwise don't.
Vincent Poirier, Tokyo
Afterword: I underwent the exam last March and passed. I can't talk about the exam's content (as part of the agreement one signs upon taking the exam) but I will make one positive comment: the questions were more relevant and less naive than the study material had led me to expect.
VP, Dublin
Customer Rating:
Summary: Not bad, but the "Official" study guide is better IMO
Comment: This book is ok, but I think the book sold by ISC2 is much better. I only used this as a "supplement" to the official guide.
There are so many CISSP products on the market and I think most of them are BS (i.e. Shon Harris' $1000 review product). Maybe if you know nothing about security and have the choice of a $4,000 boot camp and the Shon Harris $1,000 package, otherwise, get the official guide (about $60) and spend some time reading it. It comes with practice tests in the back and a small test per chapter (most certification books are like this).
Customer Rating:
Summary: Passed my CISSP Test today!!
Comment: I received notice today that I passed the CISSP test, and this book was the main source I used for studying. It is thorough without giving you extraneous information you don't need for the test. The writing style is adequately pleasant to get through for a technical book. Having the book in PDF form as well was a really helpful plus.
Thanks, Ron Krutz! I will add that reading one or two other books at the same time will greatly increase your overall comprehension of the material. This test is not about technical details, but showing that you grasp the underlying big concepts in security. I would study a domain by reading three study guides' chapters on that one domain before moving on to another domain. This gave me a great perspective.
Strat
|
|
