Customer Reviews

Information Security Management Handbook, Fourth Edition, Volume III

5 star:		(2)
4 star:		(2)
3 star:		(1)
2 star:		(0)
1 star:		(0)

 

 

After reading several of the reviews listed, many with low ratings, it came to my attention that the people have completely missed the point. The CISSP is supposed to be an acknowledgement of your understanding of security, not a piece of paper. You want to blow through a test? Go get Transender and get your paper MCSE. This book is meant to present the various areas of security and provide some insight arranged in the 10 domains. To cover every aspect of security would take volumes - hence the value of these editions. If you are looking for a quick fix, this book is not for you. This book continually communicates the foundation concepts of security that you will need to be a true CISSP. It concerns me that a book compiled with so much referenced security information is considered low ranking. Based on the "it doesn't help with the test" statements, I fear that the CISSP will become the flooded, worthless paper we see in other certifications. For those of us who are CISSPs and have been in the industry for sometime, this quick fix attitude will damage the certification and lead to poor practices in the industry. Read this book and learn, the story is there, clearly. When you know security - then take the test, don't learn how to take the test.

This book truly is a masterpiece. Tipton has compiled all of the diverse chapters smoothly and keeps your attention with subtle humor. This book is a "must have" if you are to be responsible for the implementation of BCP/DRP in your organization.

Ignore the negative responses. You have to possess a higher level of knowledge in order to comprehend books of this nature.

Very enjoyable reading. Bravo Tipton and Krause.

No one book will help you 'pass' the CISSP exam. If you believe that such a book exists, you are disillusioned.

If you are studying for the CISSP exam and choose to read this book, remember that you will need to 1) use a variety of sources to enhance your subject matter knowledge 2) read(pick)through volume 1 and 2 (this is volume 3) to get a full picture of what this series of books has to offer in general knowledge about the subject of information security.

However, this is a popular book given that at the time this book series was started (early-mid 90's), there were few, if any, other books that even came close to aggregating the common body of subject matter knowledge. Of course, now there are several books out that attempt to cover the ten domains in an attempt to help people 'pass' the CISSP exam (ala MCSE, CNE cram-style).

While an interesting read and applicable for a security professional, if you are interested in a book strictly to help with CISSP preparation, try the CISSP Prep Guide instead.

Regardless, I still enjoyed reading it.

Chap 9 is a great read on VPN security and technologies. I liked the "low down" on vendor VPN performance tricks toward the end of the chapter. Has some good info on Topologies and deployment techniques.