Official (ISC)2 Guide to the CISSP Exam [ILLUSTRATED] (Hardcover)

by Susan Hansche CISSP (Author), John Berti CISSP (Author), Chris Hare (Author) "Information Security Management entails the identification of an organization's information assets and the development, documentation, and implementation of policies, standards, procedures, and guidelines, which ensure..." (more)
Key Phrases: packet flood attack, selected safeguards, data classification program, United States, Frame Relay, Boca Raton (more...)

Editorial Reviews

Review
Official (ISC)2 Guide to the CISSP Exam is an encyclopedic tome filled with a dizzying array of security information. The International Information Systems Security Certification Consortium (ISC)2 has designed this book to help you study and pass the Certified Information Systems Security Professional (CISSP) test. … The chapters are concise digests that systematically review each CBK domain. … Excellent. Buy the study guide if you can only choose one book. If they save you the cost of retaking the CISSP exam, then it is money well spent.
- Technical Support, Dec. 2004

This book is an excellent guide to prepare [for] the CISSP exam. It is the only official study guide in the world. It provides detailed security analysis and it is totally characterized by sample questions and answers and explanations…I definitely suggest this book…
Rossano Ferraris on ITSecurity.com

Product Description
Candidates for the CISSP exam can now go directly to the source for study materials that are indispensable in achieving certification. The Official (ISC)2 Guide to the CISSP Exam is derived from the actual CBK review course created and administered by the non-profit security consortium (ISC)2. In addition to being an invaluable study guide, this book is detailed enough to serve as an authoritative information security resource. Both of the guide's co-authors are CISSPs, and the entire text has been reviewed and approved by Hal Tipton, Co-Founder and Past President of ISSA and Co-Founder of (ISC)2. The ten subject areas included, each a section from the Common Body of Knowledge (CBK), have been reviewed by multiple CISSPs, all of whom are recognized leaders in their fields.A CISSP certification garners significant respect, signifying that the recipient has demonstrated a higher standard of knowledge, proficiency, and ethics. This book ensures that a student is fully prepared to face the exam's rigorous criteria. It is crafted to match the overall theme of the exam, which emphasizes a general, solutions-oriented knowledge of security that organizations want.

Product Details

• Hardcover: 902 pages
• Publisher: AUERBACH (December 15, 2003)
• Language: English
• ISBN-10: 084931707X
• ISBN-13: 978-0849317071
• Product Dimensions: 9.4 x 6.4 x 2.2 inches
• Shipping Weight: 2.4 pounds
• Average Customer Review: 3.8 out of 5 stars See all reviews (54 customer reviews)
• Amazon.com Sales Rank: #132,290 in Books (See Bestsellers in Books)

  Popular in this category: (What's this?)

  #17 in

  Books > Computers & Internet > Certification Central > Exams > CISSP

Customer Reviews

Most Helpful Customer Reviews

83 of 85 people found the following review helpful:

4.0 out of 5 stars Good book to have, March 24, 2004

By	Phuong D Nguyen "-pn-" - See all my reviews

Guys,

I finally took the CISSP exam, and passed *not* using this book alone. I ordered this book 1 month before taking the CISSP exam, since someone recommended me to buy it, saying that it's an advantage to go through the material in the book prior to the real exam. While that is generally true, some of the sad facts are not :).

The book was written by 3 authors, and reviewed by Hal Tipton (a very well respected and knowledgeable security professional); therefore, the content in the book is superior. And since it was written by 3 authors, it also means you will experience 3 different writing styles throughout the whole book. The format of the book is consistent, but tough luck, the writing style is so inconsistent--making it very unpleasant to digest the presented material.

I found some chapters are easy to digest with, and some are not (because of the 3 different writing styles from 3 authors). The book doesn't present the CBK material in a good way for you to memorize, it acts more like a reference book. I have read All-in-One and Prep Guide Gold Edition, and those 2 books are GREAT to start with. I do like the Official (ISC)2 Guide because it covers material that the other books DON'T. Especially the Physcial Security and Operations Security domain. After reading the Physical Security domain I had a feeling like "Great, I know how to pick a lock now ;)". This book also tells you what you need for the CISSP exam and what you don't, which is a really good thing. It clearly states that "this information is not needed for the CISSP exam... it's being included here for your reference" and I find that's very helpful, saving me from memorizing superfluous information.

The Physcial Security domain also covers the CCTV camera, very nice material indeed. You should expect to see some CCTV questions on the exam. If you don't really want to buy the book, you can easily search for the material on the net. But yeah the included material is worth it folks.

The book also comes with a CD that includes 204 CISSP sample questions, but beware, those questions ain't something that you might be able to see on the exam. I haven't found any practice tests useful, if at all (not even cccure.org). Don't buy practice tests, just concentrate on the CBK and you'll be fine. Don't expect similar or "exact" questions or anything like that popping up in the real CISSP exam. That just won't happen and CISSP practice tests are only of little use.

All in all, the material in the book is great for reference but not for memorizing. If you really want something to start with, please start with All-in-one, I wouldn't go for Krutz book as he has included tons of SUPERFLUOUS information (you do Krutz) in his book. So, before, the CISSP's choice was All-in-One + Prep Guide, but now it should be All-in-One + Official (ISC)2 Guide. You guys should never start preparing for the CISSP exam without All-in-One, the CBK material is presented to you in a very CONCISE and UNDERSTANDABLE manner. Although Shon Harris does love chatting, but I believe it's the only enjoyable way there is to learn and tackle the CISSP exam. Keep in mind this bottom line, All-in-one is a great book to start with and Official (ISC)2 Guide is a great "reference" book to keep.

Sorry, I'm too tired to go back and review what I have typed earlier so I end here ;). I don't give this book 5 stars because of the inconsistency in writing; otherwise, this book is great. You guys should buy it.

8 of 8 people found the following review helpful:

5.0 out of 5 stars Good reference for the exam, April 1, 2005

By	Jeremy (Baltimore, USA) - See all my reviews

Honestly folks, the exam is designed for somebody with 3 - 5 years of experience in security. All of the low reviews apply to the ability of this book to serve as a training guide for security - a task for which it is not designed. The book did an excellent job of isolating how the test would ask questions and how ISC2 expects a CISSP candidate to understand and answer questions about security as a security professional. Highly recommended for both a study review and a professional reference.

{For the curious, yes, I passed the test with the assistance of this book.}

6 of 6 people found the following review helpful:

4.0 out of 5 stars Very good to help pass the CISSP, February 10, 2006

By	Sean E. Connelly "Just a bithead - CCIE#17085" (Alexandria, VA) - See all my reviews (REAL NAME)

I sat for and passed the CISSP test in January 2006. I used the following resources to help in passing the CISSP:

Shon Harris - All-in-One - 3rd Edition - 30%
Official ISC Guide to the CISSP Exam - 15%
Kurtz - CISSP Prep Guide - Gold Edition - 10%
CISSP for Dummies - 5%
Cccure.org - 25%
Other resources - 15%

"Official (ISC)2 Guide to the CISSP Exam" by Hansche, Berti and Hare is an excellent resource to help prepare for the CISSP. The presentation of each CBK is fairly balanced. Please note, this book should not be used as an introduction to the topics covered on the CISSP, but rather used at the later stages of preparing for the exam. I also do not believe this book should be read cover-to-cover, rather referenced to help understand individual topics.

The book has it's benefits and it's pitfalls. In particular, the book does present some material that I simply could not verify in other books. For example, on page 107, when discussing the Biba Security Model, exhibit 7 was great at easily demonstrating the lattice of integrity levels. On the other hand, the book also had poor formatting, and different material may just be clumped together. For example, on page 129, when discussing the Orange Book's four evaluation classes, unlike other material, this book does a poor job at showing the importance and differences of operational vs lifecycle assurance.

I do not believe I would have passed the CISSP without the aid of the "Official (ISC)2 Guide to the CISSP Exam". It's not an easy read, but a great resource.

I give this book 4 pings out of 5:
!!!.!