REVIEW: "CISSP Practice Questions Exam Cram 2", Michael C. Gregg

Discussion in 'Computer Security' started by Robert Michael Slade, Aug 22, 2005.

  1. BKCISPE2.RVW 20050614

    "CISSP Practice Questions Exam Cram 2", Michael C. Gregg, 2005,
    0-7897-3305-6, U$29.99/C$42.99/UK#21.99
    %A Michael C. Gregg
    %C 201 W. 103rd Street, Indianapolis, IN 46290
    %D 2005
    %G 0-7897-3305-6
    %I Macmillan Computer Publishing (MCP)
    %O U$29.99/C$42.99/UK#21.99 800-858-7674
    %O http://www.amazon.com/exec/obidos/ASIN/0789733056/robsladesinterne
    http://www.amazon.co.uk/exec/obidos/ASIN/0789733056/robsladesinte-21
    %O http://www.amazon.ca/exec/obidos/ASIN/0789733056/robsladesin03-20
    %O Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation)
    %P 202 p. + CD-ROM
    %T "CISSP Practice Questions Exam Cram 2"

    All CISSP (Certified Information Systems Security Professional)
    candidates want sample questions to practice on before they write the
    exam. This set is not the worst I've seen (that would have been the
    question volume of the "CISSP Examination Textbooks" [cf.
    BKCISPET.RVW]), but it comes close.

    As usual, the book is divided into chapters by the domains of the
    CISSP CBK (Common Body of Knowledge). The questions are on the
    simplest level of the questioning taxonomy; fact based; rather than
    occupying the analytical and critical thinking levels that most actual
    CISSP exam questions represent. (Krutz and Vines' "Advanced CISSP
    Prep Guide: Exam Q & A" [cf. BKADCIPG.RVW] is as simplistic, but also
    tends to veer off-topic.) Wording on the questions is careless: a
    question that asks about "effectiveness" probably really means
    efficiency, otherwise the answer given is incorrect. Gregg seems to
    have decided and doctrinaire opinions, probably based on a quick
    reading of one of the less accurate CISSP exam guides. There is an
    attempt to make many of these simplistic questions more "complex" by
    creating scenarios: generally the scenarios have nothing to do with
    the point of the question and are simply excess verbiage. Major
    concepts are left out: in access controls, for example, Gregg seems to
    have no idea of the difference between access controls and overall
    security control types, and there is nothing to address the major
    topics of identification, authentication, authorization, and
    accountability. The telecommunications chapter has almost no
    questions on basic data communications concepts. (And Ethernet is
    *not* synchronous communication: a frame can be transmitted at any
    time. I suspect Gregg thinks any block communication is synchronous,
    and it's been a long time since that was true.) Building construction
    and layered defence issues are missing from physical security. Lots
    of stuff is missing from the cryptography section, and there is a
    larger number of errors than in other domains. Astoundingly, the
    security management quiz has almost nothing on policy. Investigations
    are the primary concern in that domain, with very little relating to
    law (or ethics). Malware gets all of one question in application
    security.

    The majority of answers given are not wrong as such: a qualified
    security professional would probably get most of them right, albeit
    with much head-scratching. (In this, the book is similar to "The
    Total CISSP Exam Prep Book" [cf. BKTCIEPB.RVW].) However, this set of
    questions would not provide a good basis for assessing your chances of
    passing the CISSP exam.

    copyright Robert M. Slade, 2005 BKCISPE2.RVW 20050614


    --

    Find virus, book info http://victoria.tc.ca/techrev/rms.htm
    Mirrored at http://sun.soci.niu.edu/~rslade/rms.htm
    Review mailing list: send mail to
    "Robert Slade's Guide to Computer Viruses" 0-387-94663-2
    "Viruses Revealed" 0-07-213090-3
    "Software Forensics" 0-07-142804-6
    Robert Michael Slade, Aug 22, 2005
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Desktop Witness", Michael A. Caloyannides

    Rob Slade, doting grandpa of Ryan and Trevor, Sep 9, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    647
    Rob Slade, doting grandpa of Ryan and Trevor
    Sep 9, 2003
  2. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Biometrics", Samir Nanavati/Michael Thieme/Raj Nanavati

    Rob Slade, doting grandpa of Ryan and Trevor, Nov 26, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    828
    Rob Slade, doting grandpa of Ryan and Trevor
    Nov 26, 2003
  3. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "The SSCP Prep Guide", Debra S. Isaac/Michael J. Isaac

    Rob Slade, doting grandpa of Ryan and Trevor, Dec 12, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    546
    Rob Slade, doting grandpa of Ryan and Trevor
    Dec 12, 2003
  4. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Security+ Study Guide", Michael Pastore

    Rob Slade, doting grandpa of Ryan and Trevor, Feb 13, 2004, in forum: Computer Security
    Replies:
    0
    Views:
    644
    Rob Slade, doting grandpa of Ryan and Trevor
    Feb 13, 2004
  5. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Principles of Information Security", Michael E. Whitman/Herbert J. Mattord

    Rob Slade, doting grandpa of Ryan and Trevor, Jun 30, 2004, in forum: Computer Security
    Replies:
    0
    Views:
    1,346
    Rob Slade, doting grandpa of Ryan and Trevor
    Jun 30, 2004
Loading...

Share This Page