Customer Reviews

Official (ISC)2 Guide to the SSCP CBK ((ISC)2 Press)

5 star:		(0)
4 star:		(2)
3 star:		(3)
2 star:		(0)
1 star:		(0)

 

 

The content in this book is good... it really is. Yes, it's presented in the most dry and unentertaining way possible, but's it IS a basic security book. However, the data you'll need is all there... in very, very small print.

The problem with the book, and my justification for a 3-Star rating, is the practice tests. This was a SELLING POINT for me, as practice tests for the SSCP are somewhat rare. It's not that the questions are bad, it's the fact that no one bothered to proof-read the answers section. Ch1Q12, for example tells you that the correct answer is C, when it reality it's B. I didn't realize that until I noticed that the "explaination" for the correct answer of C, was a verbatim reprinting of answer B. Basically a typo. That's a big freakin deal when the typo is the correct answer to a practice test. There are 2 or 3 like that in the first chapter alone.

Also, some of the practice test questions are just a paragraph split up. It's almost funny. You'll have Question 2 over a certain 3 sentence paragraph. Well, answers A, B and C are all just reproductions of those sentences. Heck, sometimes you can actually read the paragraph in the answers.

So, to sum it up... it's a good book that includes a lot of good information; however, the practices tests are lazy and often times incorrect. If that's your selling feature, don't bother.

Hi, This book is a necessary read to have a full grasp of what's included in the SSCP exam. Its dry and takes a while but I passed my SSCP on the first try using no other resources (there seems to be a limited number overall since most attention is paid to the CISSP). I suspect each domain was written by a different author because my ability to understand/retain the information was dramatically different chapter to chapter. Also, there were typos.. which can add to the confusion. As I said though, necessary for your exam. Good Luck!

Each domain is written by a different author which gives it a choppy, inconsistent feel. I had been working as an IT security consultant for 2+ years (with a CS degree), and I used this book along with three other general books in order to become a SSCP. Given my level of experience I would not have studied for the test using only this book if I had to do it all over again. Each book (including this one) I used had it's fair share of well written chapters and surprisingly inconsistent chapters.

This book was disappointing, from the start where there was no publishing information (Release # or publication dates), it was hard to get my head around why they hid that information.
The content is dry but acceptable for the most part.
The questions are shallow and there are not very many of them.
It was obvious that the ISC2 had a 'point of view' that was a bit different from mine. It seemed to be mostly 'Accepted wisdom' and no 'common sense'. The worst of the corporate world view. I am probably not completely informed on the issues to the extent necessary but that is my first opinion.
One of the troubling things is that I found a mistake in the Cryptography section. They claimed that a Certificate Authority (i.e. Verisign) issues the certificate, but they actually sign the certificate that you create and hand it back. It was very strange that a highly technical subject has such a major issue. It makes me wonder what other mistakes they made.
And the formatting has rampant wordheadingitis with a lot of heading levels being broken.
So, if you can stand the mistakes you could still learn enough to pass the exam (I think) but I have given up on that exam because I have decided that I probably(?) have enough experience for the bigger CISSP exam or the CSSLP qualification, and I am studying the well thought of Shon Harris CISSP Certification All-in-One Exam Guide, 4th Ed. (All-in-One).

INTRO:
The SSCP exam and certification is a great way to make headways into the IT Security world. The exam requires 1 year of experience and application via (ISC)2's website. This book contains the most up to date Common Body of Knowledge (CBK) that (ISC)2 has published more recently (2006).

EXAM:
This book should cover all the material (7 domains) tested on the exam. It is a prudent measure, to use more than one resource to study for any IT exam. I would also recommend the practice exams offered by (ISC)2.

CONCLUSION:
If you want to learn about the fascinating world of IT Security, have passed CompTIA's Security+ exam and are looking for a challenge, or do not have the years of work experience to qualify for (ISC)2's CISSP exam, this book is for you. Do no expect this book to be typo free (at least the answers to the test questions seem to need revision).