Customer Reviews

Security+ Study Guide

5 star:		(8)
4 star:		(5)
3 star:		(5)
2 star:		(4)
1 star:		(5)

 

 

I passed the test with a 836. This is midway between the passing cutoff (764) and the maximum score (900).

Context for this review: I have no background in InfoSec. However I have been a network engineer since 1996 and have earned the following certs: CNE, MCSE, ASE (Compaq Proliant servers), CCNA, CCDA, A+, and two from 3Com (wireless and IP Telephony). Your background is likely to be different so please read my comments with that in mind.

This book is on CompTIA's Authorized Quality Curriculum list for this test and I think it deserves to be. However, because there were several questions on the test that the book did not cover I rate this book 4 stars.

If you are new to InfoSec you may want to use the training strategy that has worked for me now, and before, to learn and certify into a field new to me: Read a good introductory hands-on book, then read a certification study guide, finally read a quick review book. This strategy gives me three points of view and heavily reinforces the learning. Remember, it's not just about passing a test. It's about being competent in the field.

If this strategy appeals to you a good intro book is Matthew Strebe's "Network Security JumpStart" published by Sybex in 2002, ISBN 0-7821-4120-X. This is not a hands-on book but Security+ does not test for hands-on abilities (it's conceptual). The quick review book I used is "Security+ FastPass" published by Sybex in 2004. ISBN 0-7821-4359-8. Caution: The FastPass book gets asymmetric cryptology and public/private keys wrong (the Study Guide gets it right; also goto rsalabs.com and click Crypto FAQ).

I hope you find these comments useful.

Dennis Duffy, MBA and Network Engineer

It is clear that Mr. Pastore has done his homework. What I liked about it was that it addressed a wide range of issues at just the right level of detail to make it compelling as well as understandable. The illustrations were straightforward and clear, the narrative tracked well with the illustrations and topics were nicely organized. Another feature I liked was that many of the chapters are readable on their own, so that the reader can pick the topics of interest without struggling throught a lot of peripheral information. Mr. Pastore's style is direct and clear - rare attributes in competing computing security books - and invites the reader to stay engaged. I highly recommend this book, not only for computing professionals, but also any computer users, at home or at work.

I recently passed the Security+ exam and the Sybex Security+ guide Second Edition was one of my core books. I thought overall it was an excellent read but gave it four stars because it is lacking coverage on a few areas. In particular ipsec [AH & ESP], various scan methods [half scan, etc], and it could have used a little more info on token type logons such as synchronous dynamic password. 802.1X was not covered but I did not have any questions on the exam though my other books did cover 802.1X. If the book covered those areas better with maybe ten more pages of length I would give it five stars.

Other than that the explainations were mostly excellent along with a lot of helpful illustrations for the less advanced student. The end of chapter summaries and exam essentials were helpful in that they are good for reviewing. The sample questions [150] at the end of each chapter were not unlike those on the exam and the answer pages included good explainations. The end of the book contained a 38 page glossary of all the terms you should be familiar with and a brief but helpful explaination.

The exam itself had very short one or two sentence questions. I just want to comment that there seems to be a lot of book bashing going on with certification exam books. First off I never rely on a single book for an exam and this exam assumes you have knowledge of a Network+ certification and about a year experience with networking. There were some questions on the exam that I did not see clearly answered in any book but the topics were covered and you have to understand the jist of what they were getting at. A part of the Security+ exam is on topics that do not have cut and dry answers such as operational/organizational security and rely on some common sense or experience such as policies, BCP, people issues, and security awareness. Having said that the Sybex Security+ book is well worth reading for the Security+ exam as long as you also supplement your studies to cover the few areas that it is lacking on.

I just took the exam and passed it. I used this book and it was a big help. The content was really easy to understand and straight forward.

I highly recommend this book for studying. He did a really nice job of breaking down the sections of the exam and most of them were right on track. Get this book, it rocks!

Thank you in advance for reading my review: I hope it would be helpful for your decision either to buy this book or look for another.

There is no doubt there are many different readers with many different expectations. However, if you expect from the book:

1. Very good coverage of current eSecurity topics,

2. Full Compatibility with Comptia's Security+ objectives,

3. Lots of questions (more than 400) with easy recalling tools (flash cards and nice glossary)

4. Easy to read and easy to understand explanations.

THIS BOOK IS FOR YOU. It is ideal for people who would like to learn first, then pass the exam. However, if your main focus is to pass the ASAP with minimum effort, save your money and time: try other book.

Well... you may wonder why 4 stars instead of 5. Simply: the questions seems easy - actually quite easy!! You might mistakenly believe: all of a sudden you became a eSecurity guru after reading just a book and know everyhing about the subject. - believe me this is not possible: as professional working on this field since 1997, I still have occasional nightmares a 15 year old geek challenge my sytem with some tools I never heard about :) - If you dont want to meet with the sad truth at the real exam: use other resources as well to be prepared: some of the alternatives are Boson software, Prelogic and Transcender.

Also, before taking the exam visit cramsession web site and read the comments of different people to learn what real people think about the exam and questions.

I wish you every success for the exam...

regards

I have to say that in the end I was disappointed by this book. It is definitely not one of the better Sybex books. I made the critical mistake of using only this book for the exam and I failed! Not unlike one of the other reviewers, this is the first cert exam I have ever failed (I have 5 other cert exams under my belt).

As several of the other reviewers correctly pointed out, many of the critical topics covered by the book simply do not go into enough detail and there are numerous key concepts that are missed completely (don't believe me - try looking up information on an FTP Bounce Attack, a Callback or a Virus Life Cycle in this book just to name a few, they aren't covered). This book is too verbose when considering how much of the necessary core data for the Security+ exam is not covered in the book. I know this now because I have since bought a different book (Security+ Prep Guide by Wiley Publishing) to re-prepare for the exam and I am amazed at how much the Sybex book left out. Also, there are several typos and wrong answers to test questions found throughout the book, but this is a First Edition, so that's to be expected.

Based on my previous statements you might think that I hated the book, on the contrary, I did actually enjoy reading it and found that the information it did cover was explained in fairly simple terms. Unfortunately, I would say that unless you had previous experience in IT Security, which I have had a limited amount of, you will definitely need to supplement this book with other resources in order to pass the exam. It hits the target......but is no where near a bull's eye!

Highly recommended

A friend recommended this book two days before I was scheduled to take the exam. The Exam Cram 2 book I'd been using was terrible, and I needed an intelligible, technical and reliable reference to augment my study. Sybex delivered.

I found the book to be concise, well written and technically accurate. It covered in depth matters of physical and operational security that I hadn't seen elsewhere and were very much on the exam itself. Also, the test exams on the included CD had more questions and were of better quality than those from PrepLogic.

All in all, a very decent book.

Sybex used in combination with Exam Cram and Preplogic practice tests from the preplogic website did the trick. By itself, the book was a little short on some topics, but it covered items that the other two I previously mentioned did not.

This was the only book that I read prior to taking the test and I passed with flying colors! The descriptions were informative and overall, this was a great book to study from. It does have some errors, but I've never read a computer book that dosen't(even some of the ones written by Microsoft) so I'm not going to change my rating because of that. Overall, this was a great book and I'd highly recommend it to anyone looking to take the security+ test.

I read this book along with a couple of the others to study for the exam, and I don't think this book is of the same quality as many other Sybex study guides, which I usually like very much. The book doesn't stink, it's just not that good. A lot of the explanations of important topics are too cursory. They aren't necessarily wrong, they just aren't enough.