|
 |
|
 |
 |
The CISSP Prep Guide: Mastering the Ten Domains of Computer Security
|
by Ronald L. Krutz, Russell Dean Vines, and Edward M. Stroz
Sales Rank: 231203
|
Discount: 23 %
List Price: $85.00
$68.00
At Amazon
|
|
Hardcover: 528 pages
Publisher: Wiley; 1 edition August 24, 2001
Language: English
ISBN-10: 0471413569
ISBN-13: 978-0471413561
Product Dimensions:
9.5 x 7.8 x 1.4 inches
Shipping Weight: 2.6 pounds
Product Review
The Certified Information Systems Security Professional (CISSP) rating is difficult to earn and rare in the marketplace, which means you're a valuable commodity if you've proven your skills by passing the exam. The CISSP Prep Guide, one of only a handful of books on its subject, does a good job of giving readers a feel for the scope of the test and the style of its questions. It's ideal for use either as a preliminary survey of the CISSP subject areas (the test's publisher and the authors of this book call them "domains") for relative newcomers to computer security, or as a pure study guide to help more experienced professionals zero in on the weak spots in their knowledge. Don't expect to do well on the CISSP exam having only read this book. You'll want to have some practical experience and some specialized reading under your belt.
Ronald Krutz and Russell Vines are good writers and fine teachers; they explain the wide-ranging CISSP domains (which have to do with everything from cryptographic algorithms to fire-suppression techniques to legal principles). They take care to explain potentially unfamiliar terms--there's a good glossary in the back of this book--and employ conceptual diagrams well. However, the answer keys for the sample questions that conclude each chapter aren't annotated and some readers will wish for more references to specialized sources. --David Wall
Topics covered: The subjects covered by the Certified Information Systems Security Professional (CISSP) exam published by the International Information Systems Security Certification Consortium, including cryptography, access control, security policy, legal matters, and the physical safety of information, equipment, and people.
Product Review
"fulfils its purpose well and forms a good introduction to the concepts and jargon used in all areas of IT securityworth having as a reference dictionary" (Computer Bulletin, September 2002)
Customer Reviews & Comments
I am a senior engineer for network security operations. I read "The CISSP Prep Guide" (TCPG) as a study aid for the CISSP exam, which I completed yesterday. CISSP candidates are not allowed to discuss the contents of the test, but I can comment on the quality of TCPG's text. If you tear out chapter 3 (Telecommunications and Network Security), the remaining content is informative and applicable. If you rely on chapter 3 to learn about network security, you'll be sorely disappointed. By performing network security monitoring, I am intimately familiar with defensive tools and tactics, and adequately informed of offensive operations. I observe network defense and offense on a daily basis. Unfortunately, chapter 3 of TCPG demonstrates almost no understanding of these important concepts. The authors do not correctly explain network attacks. ("Ping of death" is the most common buffer overflow?) Their firewall deployment strategies are wrong, and their examples of "protocols" at each OSI layer are false. (Since when is SQL a session layer protocol?) The authors should have consulted someone with real knowledge of network security before publishing this poor material. Thankfully, beyond chapter 3, the majority of the book is helpful and reliable. The authors cover each domain of the Common Body of Knowledge, and present information in a humorless but well-organized manner. TCPG introduced me to management concepts I hadn't formally studied elsewhere, such as risk management, risk assessment, business continuity planning, and disaster recovery planning. TCPG also offered helpful quizzes at the end of each chapter. The appendices, covering the RAINBOW series, HIPPA, NSA assessments, and the Common Criteria, were also enlightening. Reading TCPG is not sufficient preparation for the CISSP exam. I also read Coriolis' "CISSP Exam Cram," and reviewed a CBK outline on the Internet. Still, my experience in the field proved better preparation than these references. Use books like TCPG to fill the gaps in your experience (probably security management), and be sure to discount material you know is incorrect. (Disclaimer: I received a free review copy from the publisher.)
Comment | Permalink |
(Report this)
|
The CISSP Prep Guide: Mastering the Ten Domains of Computer Security
List Price: $85.00
Discount: 23 %
Available from Amazon
Price: $68.00
| |
|
|
|
|
