REVIEW: "Official (ISC)^2 Guide to the CISSP Exam", Susan Hansche/John Berti/Chris Hare

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Jul 30, 2004.

  1. BKOIGTCE.RVW 20040618

    "Official (ISC)^2 Guide to the CISSP Exam", Susan Hansche/John
    Berti/Chris Hare, 2004, 0-8493-1707-X, U$69.95/C$101.50
    %A Susan Hansche
    %A John Berti
    %A Chris Hare ,
    %C 920 Mercer Street, Windsor, ON N9A 7C2
    %D 2004
    %G 0-8493-1707-X
    %I Auerbach Publications
    %O U$69.95/C$101.50 800-950-1216
    %O http://www.amazon.com/exec/obidos/ASIN/084931707X/robsladesinterne
    http://www.amazon.co.uk/exec/obidos/ASIN/084931707X/robsladesinte-21
    %O http://www.amazon.ca/exec/obidos/ASIN/084931707X/robsladesin03-20
    %P 910 p. + CD-ROM
    %T "Official (ISC)^2 Guide to the CISSP Exam"

    Once again I have to state a bias in regard to this book. I've known
    about this book since its inception, I've known and advised the
    authors, I provided bits of the material, and even contributed one
    appendix. (The annotated bibliography and references--surprise,
    surprise.)

    I was asked to review the chapters while the book was in production.
    The reason was, of course, that I had reviewed all the other CISSP
    (Certified Information Systems Security Professional) guides.
    Specifically, the intent was to ensure that this manual, prepared and
    supported by (ISC)^2 (International Information Systems Security
    Certification Consortium) was "head and shoulders" above all the other
    published works. This volume is not perfect, by any means, but it is
    the best of the current bunch.

    Taking material from one source is copying, taking material from two
    sources is plagiarism, and taking material from many sources is
    research. This volume has not only research but direct input from a
    great many sources. Some are mentioned in the acknowledgements, a
    number of others are to be found on the title page, since sections of
    major articles from the venerable "Information Security Management
    Handbook" (cf. BKINSCMH.RVW) were included or used as the basis for
    parts of the guide. Even this doesn't exhaust the contributions,
    since much of the work is informed by the material in the (ISC)^2 CBK
    (Common Body of Knowledge) Review Seminar, and over a hundred
    individuals have had the chance to augment that content. The result
    is a breadth and currency of information that exceeds any other guide
    on the market.

    Sample questions and exams are eagerly sought by candidates for the
    CISSP exam. This guide has a significant advantage in this regard:
    not only do a number of the contributors produce questions for the
    exam itself (therefore being more than passingly familiar with the
    style and level of difficulty required), but the CISSP exam committee
    was also approached for advice and input. No source is able to
    provide "actual" CISSP exam questions, but the examples provided in
    this volume are very close in form, mix, degree of difficulty, and
    concept.

    The book is not without its faults. The sheer volume of the
    contributors ensured that topics were covered multiple times, and not
    all duplicated areas have been amalgamated. In addition, the variety
    of writing styles can make the text disjointed in places, as it moves
    from section to section and subject to subject. These factors can
    make the work difficult and demanding to read and follow.

    The CISSP exam, as the security field itself, is a changing target,
    and no book can expect to provide the "best" coverage of the topic
    indefinitely. As well, security is an immense discipline, and touches
    on an inordinate number of other areas. This work, however, has come
    closest to spanning the range of subject matter necessary to challenge
    the CISSP exam, and is currently the best of the guides.

    copyright Robert M. Slade, 2004 BKOIGTCE.RVW 20040618

    --
    ======================

    ============= for back issues:
    [Base URL] site http://victoria.tc.ca/techrev/
    or mirror http://sun.soci.niu.edu/~rslade/
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Partial/recent: http://groups.yahoo.com/group/techbooks/
    Security Educ.: http://groups.yahoo.com/group/comseced/
    Review mailing list: send mail to
    or
     
    Rob Slade, doting grandpa of Ryan and Trevor, Jul 30, 2004
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.