Customer Reviews

The CISSP Prep Guide: Gold Edition

5 star:		(10)
4 star:		(7)
3 star:		(6)
2 star:		(3)
1 star:		(1)

 

 

I Passed CISSP Test by Using This Book and Boson Practice Test 3.
I had spent 4 weeks studying them while working full time.
I had not attended any CISSP training course.
I had not even looked at the ISC2 study guide.

The "Advanced Sample Questions" at the end of each chapter are very useful too.
Some questions are not covered in the textbook, but they are explained in detail in the "Answers to Advanced Sample Questions". This is one way to extend one's insight into new areanas quickly and systematically. If one does not study these questions and answers, one will end up having to go somewhere else to find something else to cover the same topics in longer time and from MULTIPLE sources, withOUT knowing the questions and answers.

Boson CISSP Practice Test 3 will also extend one's knowledge further by referring to related WEB sites. Be aware that Boson CISSP Practice Test 1 is based on Information Security Management Handbook, Fourth Edition by Harold F. Tipton, Micki Krause. Boson CISSP Practice Tests 2 and 3 are not based on any particular prep/text books.

Wish that the above review would help and encourage you somewhat.

I concur with the other reviews on this book that's a great book and perfect for the CISSP exam. However, I do have a warning for Amazon buyers. I purchased this book along with the Advanced Prep Quide Q&A by the same publisher as recommended by Amazon. As it turns out, the Advanced Guide is really a supplement to older editions or non-Gold editions. The Gold Edition includes all the material in the Advanced book - SO DON'T BUY BOTH. I wrote Amazon and asked them to correct this. They can feel free to edit/delete this if they have.

I studied for the CISSP exam using this book, parts of other books, and some online resources. I also took the seminar offered by ISC^2. A month after completing the seminar, I took the exam. And about a week or so after that, I was relieved to find out that I had passed. Based on my experience, here are some words to the wise about this book in reference to the actual exam.

A review of any preparatory book has to be done in comparison with other books that attempt to do the same. It is no use criticizing a particular book only to find out that no better resource exists. However, it is important to highlight how a particular book compares with the actual goal of preparing the student for the particular exam that has to be taken. With that in mind, I will state up front that IMHO this book is probably one of the better books out there when preparing for the CISSP exam. (I have not read the Shon Harris book so I can not comment on it. However, from what I've heard, it is better in its coverage of the not-so-technical domains of the CISSP exam like Security Models and Law/Ethics. Perhaps a combination of these two books would be most effective in terms of preparing for the exam -- along with other resources of course.)

Coverage of some of the technical topics in this book seems very good. I was particularly impressed with their coverage of the Cryptography chapter -- it is a difficult topic and the book seems to do a decent job of covering it. However, be aware that the coverage of this topic in the book is above and beyond the level required for CISSP. The authors go into significant details on certain algorithms etc. which is absolutely unnecessary for CISSP. On the other hand, the authors don't seem to explain (in a clear, comprehensive manner) how symmetric and asymmetric cryptography ties in together when carrying out a typical secure session over the internet -- including the exchange of asymmetric keys for securely exchanging symmetric keys which then can be used for data transfer as well as the authentication process using digital signatures. Another example of an area where the book seems to dwell too deep into topics which are only required at an inch-deep level for CISSP purposes is the section on Kerberos. However, one should keep in mind that a little extra knowlege never hurt anyone. (The only problem is that when studying for the exam, one may get the impression that a particular topic will indeed be covered in such detail -- which obviously is a false impression). In other areas, I found that the section on Security Models was not very well done and seemed disparate at times in its coverage. This was certainly one area where I found other sources to significantly add to my understanding of the topic.

Some people have stated that a number of questions presented in the Advanced Questions section of the book are not covered in the chapter reading and that this is a problem with the book. However, if one views these questions as further study/information material and not necessarily a test of one's understanding of the chapter, this problem goes away. The fact is that the authors provide independent, detailed explanation in answer to each question presented in the Advanced Questions section and these explanations serve to provide further information that was not present in the chapter reading. As such, I found this quite useful since it added to my knowledge rather than just testing on what I had read. For those who wish to test their understanding of the material, there is a good "testing" resource online at www.cccure.org.

Overall, the authors seem very knowledgeable about all of the domains and present the material in a clear manner. In fact, given the breadth of the material in CISSP domains, their depth in certain areas is quite impressive.

I have often heard people say that the CISSP exam tests your experience in the security field, and that is not something you can gain from a book. Don't take this statement lightly! Books such as this one can only give you the theory behind "common sense" decisions that a security personnel would make during his/her daily work. They provide a good foundation. When it comes to the exam, use many resources (including this book of course), don't get caught in the details, and think common sense -- but with a security perspective!

Dear All, I recently completed my CISSP review studies, passed the exam, and completed the CISSP endorsement process. This is a very worth while endeavor and, as someone with many years of Internet security and risk management experience, I highly recommend the CISSP certification process for everyone. Reviewing the 10 common bodies of knowledge (CBK) has value for everyone in the IT business and I am very pleased to have taken the time to review the material and complete the exam. For my self-study review, I purchased four books via Amazon: (1) The CISSP Pre Guide - Gold Edition by Ronald L. Krutz and Russell Dean Vines, (2) All-In-One CISSP Exam Guide, Third Edition by Shon Harris, (3) Official (ISC)2 Guide to the CISSP Exam by Susan Hansche, John Berti and Chris Hare, and (4) CISSP Certified Information Security Professional Training Guide by Roberta Bragg. Each of these texts came with a CDROM for practicing test questions on a Windows PC and covered the 10 CISSP CBKs. I found the first three CISSP books in my list to be helpful. Of those three, the most helpful was The CISSP Prep Guide - Gold Edition by Krutz and Vines. This book is concise, well written, and easy to read. The CDROM is excellent and nearly error free. The text is well thought out and informative. I also recommend Shon Harris' book, with reservation. I found it hard to get to the required CISSP information, at times, due to the attempts at humor in the book. The CDROM of sample test questions were also very good, albeit not as rich in features as the book by Krutz and Vines. The Official (ISC)2 Guide to the CISSP Exam by Susan Hansche, John Berti and Chris Hare was a disappointment. This book read just like a cut-and-paste from the Internet and other documents; and the companion CDROM was full of errors and omissions. After a while I stopped using this text book and focused on the first two. I am sorry to say that CISSP Certified Information Security Professional Training Guide by Roberta Bragg was a complete disappointment from every perspective. The CDROM example tests were riddled with errors and omissions. For those interested in my self-study technique, I took each book and studied one (sometimes two) of each of the CBK chapters each day. Then, I repeated the same process for each of the other books, except for the book by Bragg, which was dropped for reasons mentioned. I took all the sample tests repeatedly, before and after and then again. I must have practiced between 4000-5000 sample questions. It was challenging and enjoyable. In summary, I highly recommend Krutz and Vines and also recommend, with reservation, the book by Shon Harris. No single book can cover the entire CBK of the CISSP. The more you study, the better. Best of luck on your CISSP studies. The CISSP is certainly an experience that will improve your knowledge of the field of IT security and benefit the profession at-large.

I just took the CISSP exam after three weeks of studying, with The CISSP Prep Guide: Gold Edition as my main study guide. Unfortunately, Krutz & Vines have included a wealth of information that I didn't need to know, meaning I spent hours memorizing superfluous information. For example, they delve into the gory details of the various cryptographic algorithms. I was careful to learn that information, only to have another exam guide point out that "the CISSP exam does not cover the specific details of how cryptographic algorithms work, so if you are confused by this information, feel free to move on."
While it is true that you can do well on the CISSP test by studying this book, you don't need much of the information presented here, and most of it is presented more concisely in other study guides. Furthermore, other study guides I used contained valuable information that was not in this book, information that did appear in test questions.
As goofy and badly-written as it may seem, Shon Harris's study guide will serve you better in the end.

This book presented me a good outline of study material for the CISSP test in which I passed the first time. The CISSP test is no walk in the park. The book was excellent in the 10 domains of security.

If people are serious about this certification (and qualify) then this is a book that will disect each domain without too much runoff explanation. This book is a good fit for somebody that has 3 to 5 years experience in Information Security.

The CISSP Prep Guide: Gold Edition is a very good reference for anyone wanting to study for the exam.

The Gold Edition is quite comprehensive, and covers all of the core elements of the CBK. The often overly technical writing makes the book difficult to read at times.

While most test software that comes with books is often second rate, the CD-ROM Prep Exam guides are quite valuable. The CD-ROM contains over 360 questions on the 10 areas of the CBK.

While no one should not base his or her entire CISSP exam preparation on any single reference, The CISSP Prep Guide: Gold Edition is nonetheless a good place to start.

There are 250 questions in the exam. Since the authors are all CISSPs, they are not allowed to directly give away the questions. Each book offers a relative limited number of practice questions. When I was preparing for the exam I realized that I would need to practice with a large number of questions to be properly prepared. So, I decided to ignore all the comments here on which book was better. I bought and read several books to prepare for it. My logic was: if I read an additional book and it helped me to get just that one additional question that I might need to pass the exam, it would save me at least the $500 that I would have to otherwise pay to take it again. I took the exam recently and passed! Looking back, this and the others all helped.

I just took the CISSP exam after three weeks of studying, with The CISSP Prep Guide: Gold Edition as my main study guide. Unfortunately, Krutz & Vines have included a wealth of information that I didn't need to know, meaning I spent hours memorizing superfluous information. For example, they delve into the gory details of the various cryptographic algorithms. I was careful to learn that information, only to have another exam guide point out that "the CISSP exam does not cover the specific details of how cryptographic algorithms work, so if you are confused by this information, feel free to move on."
While it is true that you can do well on the CISSP test by studying this book, you don't need much of the information presented here, and most of it is presented more concisely in other study guides. Furthermore, other study guides I used contained valuable information that was not in this book, information that did appear in test questions.
As goofy and badly-written as it may seem, Shon Harris's study guide will serve you better in the end.

I sat for and passed the CISSP test in January 2006. I used the following resources to help in passing the CISSP:

Shon Harris - All-in-One - 3rd Edition - 30%
Official ISC Guide to the CISSP Exam - 15%
Kurtz - CISSP Prep Guide - Gold Edition - 10%
CISSP for Dummies - 5%
Cccure.org - 25%
Other resources - 15%

"The CISSP Prep Guide" by Krutz and Vines was a great tool at helping me pass the CISSP. While the book itself is somewhat dated (and eclipsed by a newer edition), I feel this book still covers over 85% of the topics on the CISSP. I believe of all the books I used to prepare, this book was the best organized. The reading had an easy flow yet was still presented at a decent technical level (not too easy and not too deep).

My weakest CBK is, by far, crypto (even though I've built a 1,000 IPSec tunnels!). This book did the best at making me understand the different components of PKI and the different encryption methods. You may need to supplant the documentation presented for Security Architecture. Overall, I feel the questions were a waste of space (with many errors), and I did not use them to help prepare for the exam.

Overall, if one has a decent comfort level with the 10 domains, this book may be all that is necessary. The book is still relevant and useful.

I give this book 4 pings out of 5:
!!!.!