 | Summaries and Customer Reviews are supplied by Amazon.com | The urgency for a global standard of excellence for those who protect the networked world has never been greater. (ISC)2 created the information security industry’s first and only CBK®, a global compendium of information security topics. Continually updated to incorporate rapidly changing technologies and threats, the CBK continues to serve as the basis for (ISC)2’s education and certification programs.
Unique and exceptionally thorough, the Official (ISC)2® Guide to the CISSP®CBK®provides a better understanding of the CISSP CBK — a collection of topics relevant to information security professionals around the world. Although the book still contains the ten domains of the CISSP, some of the domain titles have been revised to reflect evolving terminology and changing emphasis in the security professional’s day-to-day environment. The ten domains include information security and risk management, access control, cryptography, physical (environmental) security, security architecture and design, business continuity (BCP) and disaster recovery planning (DRP), telecommunications and network security, application security, operations security, legal, regulations, and compliance and investigations.
Endorsed by the (ISC)2, this valuable resource follows the newly revised CISSP CBK, providing reliable, current, and thorough information. Moreover, the Official (ISC)2® Guide to the CISSP® CBK® helps information security professionals gain awareness of the requirements of their profession and acquire knowledge validated by the CISSP certification.
The book is packaged with a CD that is an invaluable tool for those seeking certification. It includes sample exams that simulate the actual exam, providing the same number and types of questions with the same allotment of time allowed. It even grades the exam, provides correct answers, and identifies areas where more study is needed. |
Average Customer Rating:    Mediocre This review is based on the chapter devoted to Domain 7 ( Alec Bass, CISSP and Peter Berlich, CISSP-ISSMP; pp. 407-535)
First and foremost: very poor editorial work.
Headings/titles are of mixed font weights/sizes: heavier/bigger font does not signify the supremacy of the item. To aggravate the situation, headings/titles are not numbered, making establishment of the hierarchy an almost impossible task.
Now, "the meat": many unsubstantiated statements with unclear origination (available upon request, should one become interested).
"Servers and mainframes are repositories of information" might deem appropriate during "Meet Your Server!" presentation at a nursing home.
For more advanced audience "... a failure of an application could increase the risk to other applications on the same host, multiple applications should not run on the same physical or virtual machine. For instance, a compromise of low-risk application (which may not be rigorously protected) could allow an intruder access to a high-risk application on the same server." Just accept it as a fact, since no reasonable explanation is provided.
Resume: personally, won't use it for preparation.
Good luck on the exam! Good Read First off, this is a CBK and not a study guide. It can easily serve as a desk reference manual since it explains all the domains in great detail. A little dry in some areas ;> but definitely complete. I recommend this for anyone who wants to know more than "just the answer" for the CISSP exam. Oh yeah, I have degrees in both IS & IA and this book serves as my SME. CISSP Candidates: Get something else. Anything else. As a candidate for the CISSP exam (two weeks, wish me luck!), I have to say this is the WORST book on the subject on the planet. Probably in the galaxy.
It manages to combine meaningless buzzwords, incoherent dense prose, self-contradiction, and total unreadability to the point that your time will not only be completely wasted, you will wind up knowing less about any given subject than when you started. It is impossible to express how useless and counter-productive this book is without resorting to language not in keeping with reasonable Amazon guidelines. As useful preparation, you would be much better off reading PJ O'Rourke's political satire.
If you are studying for CISSP, look at the "for Dummies" book, Shon Harris' most recent revision, or the new Stewart/Tittle/Chapple Study Guide, all of which are useful and reasonably well-written. Avoid this book like the plague. I have given it one star only because zero is not an option.
PS -- I passed! My views on this book remain unchanged: a grossly overpriced doorstop. Some reviewers have called it "academic prose"; if so, the standards of academia have deteriorated substantially in the decades since I was a college teacher. PLEASE NOTE THE COPYRIGHT DATE Remember that ISC2 rewrote the exam in 2007/2008 - I'm not sure that this book is the most up-to-date version of their exam guide. Do your homework, which I can see you've already started by reading these reviews.
New changes to the test are also forthcoming - do a google search or check out the Shon Harris blog on Amazon.
Best of luck in achieving your certification! CISSP study guide I bought this book on the recommendation of current certified CISSP that I work with. As an aid they also recommended Shon Harris book too. I will update this review when I pass the exam. |  |
Select button not working? 
