The CISSP Prep Guide: Gold Edition (Hardcover)

by Ronald L. Krutz (Author), Russell Dean Vines (Author) "In our first chapter, we enter the domain of Security Management..." (more)
Key Phrases: formal access approval, authorization limits permission, allowable maximum transmission distance, United States, Orange Book, Common Criteria (more...)

Editorial Reviews

Product Description
* The Gold Edition has been updated to include CISSP bonus questions never before published and advanced question and answer tutorial.
* The CD-ROM contains 660 questions of which 360 have never before been available electronically.
* All questions have been designed with Boson, the premier interactive test engine for technical books in the industry.
* Authors are experts in the security certification field and have particular expertise in the CISSP Exam.

From the Back Cover
An arsenal of inside information on CISSP and how to master the certification test!

More and more frequently, corporations are requiring that their employees provide professional certifications to prove that they possess the core competencies to do their technical jobs. The Certified Information Systems Security Professional examination (CISSP) is the industry standard test for IT security professionals administered by ISC2. CISSP-exam experts, Ronald Krutz and Russell Dean Vines, have updated and improved their bestselling The CISSP Prep Guide, complete with inside tips and information on how to master the CISSP certification test.

Packed with nearly 700 questions and answers, this all-in-one resource includes:

• 260 questions and answers from The CISSP Prep Guide, updated for each of the ten domains covered in the certification exam
• 100 new bonus questions and answers created for the Gold Edition
• More than 325 advanced questions and answers from the authors book, Advanced CISSP Prep Guide Q&A
• Coverage of the fundamental content of the CBK, focused to present only the information youll need to know for the CISSP examination

Test yourself using the interactive CD-ROM! This CD-ROM includes the Wiley test engine powered by Boson Software, which allows you to choose between randomly generated practice exams on the standard topics or advanced topics covered in the book.

See all Editorial Reviews

Product Details

• Hardcover: 976 pages
• Publisher: Wiley (October 31, 2002)
• Language: English
• ISBN-10: 047126802X
• ISBN-13: 978-0471268024
• Product Dimensions: 9.4 x 7.5 x 2.3 inches
• Shipping Weight: 3.6 pounds (View shipping rates and policies)
• Average Customer Review: 3.8 out of 5 stars See all reviews (27 customer reviews)
• Amazon.com Sales Rank: #527,683 in Books (See Bestsellers in Books)

  Popular in this category: (What's this?)

  #32 in

  Books > Computers & Internet > Certification Central > Exams > CISSP

Customer Reviews

Most Helpful Customer Reviews

20 of 20 people found the following review helpful:

5.0 out of 5 stars Passed CISSP Test by Using This Book and Boson Practice Test, February 26, 2003

By A Customer

I Passed CISSP Test by Using This Book and Boson Practice Test 3.
I had spent 4 weeks studying them while working full time.
I had not attended any CISSP training course.
I had not even looked at the ISC2 study guide.

The "Advanced Sample Questions" at the end of each chapter are very useful too.
Some questions are not covered in the textbook, but they are explained in detail in the "Answers to Advanced Sample Questions". This is one way to extend one's insight into new areanas quickly and systematically. If one does not study these questions and answers, one will end up having to go somewhere else to find something else to cover the same topics in longer time and from MULTIPLE sources, withOUT knowing the questions and answers.

Boson CISSP Practice Test 3 will also extend one's knowledge further by referring to related WEB sites. Be aware that Boson CISSP Practice Test 1 is based on Information Security Management Handbook, Fourth Edition by Harold F. Tipton, Micki Krause. Boson CISSP Practice Tests 2 and 3 are not based on any particular prep/text books.

Wish that the above review would help and encourage you somewhat.

18 of 18 people found the following review helpful:

5.0 out of 5 stars Great book - read warning below, December 11, 2002

By A Customer

I concur with the other reviews on this book that's a great book and perfect for the CISSP exam. However, I do have a warning for Amazon buyers. I purchased this book along with the Advanced Prep Quide Q&A by the same publisher as recommended by Amazon. As it turns out, the Advanced Guide is really a supplement to older editions or non-Gold editions. The Gold Edition includes all the material in the Advanced book - SO DON'T BUY BOTH. I wrote Amazon and asked them to correct this. They can feel free to edit/delete this if they have.

20 of 21 people found the following review helpful:

4.0 out of 5 stars Good information but not necessarily on-target, June 2, 2004

By	Fouzan M. Pal "messagevector" (Ashburn, VA) - See all my reviews (REAL NAME)

I studied for the CISSP exam using this book, parts of other books, and some online resources. I also took the seminar offered by ISC^2. A month after completing the seminar, I took the exam. And about a week or so after that, I was relieved to find out that I had passed. Based on my experience, here are some words to the wise about this book in reference to the actual exam.

A review of any preparatory book has to be done in comparison with other books that attempt to do the same. It is no use criticizing a particular book only to find out that no better resource exists. However, it is important to highlight how a particular book compares with the actual goal of preparing the student for the particular exam that has to be taken. With that in mind, I will state up front that IMHO this book is probably one of the better books out there when preparing for the CISSP exam. (I have not read the Shon Harris book so I can not comment on it. However, from what I've heard, it is better in its coverage of the not-so-technical domains of the CISSP exam like Security Models and Law/Ethics. Perhaps a combination of these two books would be most effective in terms of preparing for the exam -- along with other resources of course.)

Coverage of some of the technical topics in this book seems very good. I was particularly impressed with their coverage of the Cryptography chapter -- it is a difficult topic and the book seems to do a decent job of covering it. However, be aware that the coverage of this topic in the book is above and beyond the level required for CISSP. The authors go into significant details on certain algorithms etc. which is absolutely unnecessary for CISSP. On the other hand, the authors don't seem to explain (in a clear, comprehensive manner) how symmetric and asymmetric cryptography ties in together when carrying out a typical secure session over the internet -- including the exchange of asymmetric keys for securely exchanging symmetric keys which then can be used for data transfer as well as the authentication process using digital signatures. Another example of an area where the book seems to dwell too deep into topics which are only required at an inch-deep level for CISSP purposes is the section on Kerberos. However, one should keep in mind that a little extra knowlege never hurt anyone. (The only problem is that when studying for the exam, one may get the impression that a particular topic will indeed be covered in such detail -- which obviously is a false impression). In other areas, I found that the section on Security Models was not very well done and seemed disparate at times in its coverage. This was certainly one area where I found other sources to significantly add to my understanding of the topic.

Some people have stated that a number of questions presented in the Advanced Questions section of the book are not covered in the chapter reading and that this is a problem with the book. However, if one views these questions as further study/information material and not necessarily a test of one's understanding of the chapter, this problem goes away. The fact is that the authors provide independent, detailed explanation in answer to each question presented in the Advanced Questions section and these explanations serve to provide further information that was not present in the chapter reading. As such, I found this quite useful since it added to my knowledge rather than just testing on what I had read. For those who wish to test their understanding of the material, there is a good "testing" resource online at www.cccure.org.

Overall, the authors seem very knowledgeable about all of the domains and present the material in a clear manner. In fact, given the breadth of the material in CISSP domains, their depth in certain areas is quite impressive.

I have often heard people say that the CISSP exam tests your experience in the security field, and that is not something you can gain from a book. Don't take this statement lightly! Books such as this one can only give you the theory behind "common sense" decisions that a security personnel would make during his/her daily work. They provide a good foundation. When it comes to the exam, use many resources (including this book of course), don't get caught in the details, and think common sense -- but with a security perspective!