Customer Reviews

CISSP Exam Cram (2nd Edition)

5 star:		(2)
4 star:		(4)
3 star:		(1)
2 star:		(1)
1 star:		(2)

 

 

I have many years of first had experience with IT security and thought that studying for and taking the CISSP would take little effort. CISSP is a mile wide and an inch deep as far as how it covers material. A key is to get over how to read the question and give them exactly what they are looking for because there may be more than two correct answers; one is just more correct.

It is a great book that has questions in the style as they are asked on the CISSP. I answered a lot of questions, on material I knew very well, incorrectly. I was answering as a technician, not a manager. This book taught me how to "READ" the question and give them the "BEST" answer from a manager perspective. For the material, I used using two other books, the Shon Harris, and the Sybex CISSP guides, and passed the CISSP on my first attempt.

A few individuals gave this book low reviews because it lacked content. This book isn't meant to teach the material.

Taking an unknown test such as the CISSP can be intimidating, but if you want to get an idea of how the questions are worded on the test, this is the book. If you just use this book without any other study material or knowledge, you will fail.

The test CD is OK with respect to how it works. But the way it reports your results from a practice exam is horrible. You can't tell if you're doing well or not. It just keeps track of how many questions out of the entire question database (for a domain) you've answered right. For example, let's use the Telecommuncations domain. For your first practice exam, you tell it you want 50 questions. You know that it will select the questions randomly, and so does the CISSP exam. You're looking for an indication of pass/fail. If you get 45 right, does it tell you you got a 90%? No, it tells you that you got something like 9%. That's 9% of the total database of about 300 questions. Until you've taken either a huge number of practice exams or one huge one, you don't know if you would pass a randomly-selected exam. Not a good system.

Sure, there are books out there that have a much higher page count, but is anyone really excited about reading 1,000 plus pages. At around 600 pages, front to back, the CISSP Exam Cram is compact, easy to read, and digestible. That is the strength of this book is that it is packed with valuable exam-specific material and is easy to read. Its simplicity allows the reader to gain a good understanding of some of the more complex security concepts. In my experience I have always used more than one resource when studying for certification exams and for the CISSP this is one I would recommend. Use it as a first time review or a last minute cram before the exam.

As has been stated in other reviews, it wouldn't be wise to use this as your sole book to prepare for the CISSP exam. Yes, a couple of typos here and there. You'd be best served to read EVERY word in this book and then move on to more in depth coverage of the domains in one of the bigger books, i.e. AIO, the Official Guide, etc.

This IS good introductory/supplemental material.

Mr. Gregg seems to have a sweet spot wit his style and format. this book covers the topics extremely well, this is not an easy book to write or an easy exam for which to prepare; the subjects range from the technical to the more subjective topics of BCP and DRP. I read four books cover to cover and this one is by far the best. It is well written, I'm not an English mayor, nor do I expect my books to be written as a literary masterpiece, I do require them to have a semblace of being written with care and edited. This books achieves the daunting task of presenting the broad material succinctly. The sample questions and corresponding explanatory answers augment the reader's comprehension. I also bought Gregg's book for the CEH Cram, and based on this book, also decided to buy the CISSP one. I will be keeping both of them for future reference.

Easy read to use to prep for exam. I like that this book is concise and offers what you need to pass the exam. While other books may go into greater depth. I was looking for something that provided an overview of the exam objectives and gave me a good foundational knowledge of what is needed to master each domain.

The sine qua non of a test prep book (especially one like this book that costs $40 and is nothing more than sets of questions and answers) is that the answers be RIGHT.

I have only spent a few hours with this book and have already found a number of wrong answers and other errata.

p. 23, answer to question 35: "If a door is considered fail-safe, it remains locked during a power outage." I think that is in fact the definition of "fail-secure"

Question 12 on p.170 is the same as question 73 on p. 183.

Question 72 on p. 183 has the wrong answer (the "not" in q. 72 should be removed).

As other reviewers have pointed out, sometimes the answer explanations are good, but many times they are minimal or meaningless.

This book is a no-nonsense read. It's down and dirty; no fluff. I used this and one larger, more detailed book to study. I used this book to study during the day on my lunch hour, then I'd go home at the end of the day and expand upon that study with the larger text. The included CD-based flash cards and practice exams were great. I recommend this text!

I bought this book to help study for the CISSP exam, I'm about 200 pages in so far and ready to pull my hair out. The author seemed to have the need to write about every subject, but not neccesarily provide any information. Did you know a 4 digit combination lock is more secure than a 3 digit combination lock? Wonderful.

A common template the author employs is describing a security mechanism only by generalities about the problem it is supposed to address, not how it works. Here is the paraphrase of how he describes the Brewer and Nash security model: Conflict of interest is a problem. Therefore the model prevents workers from COI.

i have bought this book after my experience with exam cram in CISA, which helped me alot with the CISA Exam as i did not study from any book except the exam cram. Now i am preparing for my CISSP Exam and i thought that exam cram for CISSP should be as powerfull as the one of CISA, but i have gone through the physical security module and i am willing to start on the access control system and methodolgy module now, but i feel it is not enough. he is giving a very brief information, and i really do not know would this be enough to go through the exam or not.