REVIEW: "The SSCP Prep Guide", Debra S. Isaac/Michael J. Isaac

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Dec 12, 2003.

  1. BKSSCPPG.RVW 2003107

    "The SSCP Prep Guide", Debra S. Isaac/Michael J. Isaac, 2003,
    0-471-27351-1, U$60.00/C$92.95/UK#41.95
    %A Debra S. Isaac
    %A Michael J. Isaac
    %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
    %D 2003
    %G 0-471-27351-1
    %I John Wiley & Sons, Inc.
    %O U$60.00/C$92.95/UK#41.95 416-236-4433 fax: 416-236-4448
    %P 508 p. + CD-ROM
    %T "The SSCP Prep Guide"

    Chapter one is a supposed overview of security, although it is rather
    vague and iconoclastic. Access control, in chapter two, provides an
    unstructured list of related terms. At the end of the chapter we get
    the expected list of sample questions, but these are either
    simplistic, idiosyncratic, or both. Chapter three, ostensibly about
    administration, is a completely mixed bag of security management,
    security architecture, operations security, and networking topics.
    The information on auditing given in chapter four concentrates
    primarily on networking, has way too many screenshots of Windows
    tools, and far too little content on forensics. A surprisingly good
    section on risk, advice on incident response that starts well but ends
    abruptly, and a short but standard piece on business continuity
    planning is in chapter five. Cryptography, in chapter six, has a list
    of terms, poor explanations of the important concepts, and an
    unimportant overview of the history of cryptography, padded out with
    annoyingly fuzzy photographs. Most of chapter seven is a list of
    communications terms. There is a disproportionate emphasis on
    penetration testing, and a very odd reiteration of material on the
    system development life cycle. (Possibly the authors got confused
    with the *other* SDLC: Synchronous Data Link Control?) The material
    on malware, in chapter eight, has been very carelessly put together.
    There are two separate descriptions of macro viruses almost adjacent
    to each other, and a level three header section on trojan horses
    immediately followed by a level four header on trojan horses, which
    starts out saying "Trojan horses are another threat ..." There is a
    recommendation to use "false data directories" to trap polymorphic
    viruses. (No mention is made of how this technobabble might work.)
    The authors should take note that a multipartite virus is *not* the
    same thing as a companion virus, and that worms *do* replicate.

    There is very little useful material in this book.

    copyright Robert M. Slade, 2003 BKSSCPPG.RVW 2003107


    "If you do buy a computer, don't turn it on." - Richards' 2nd Law
    ============= for back issues:
    [Base URL] site
    or mirror
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Security Educ.:
    Review mailing list: send mail to
    Rob Slade, doting grandpa of Ryan and Trevor, Dec 12, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.