CISSP Certification All-in-One Exam Guide, Fourth Edition,   ISBN:9780071497879

Customer Rating: 

I passed the exam on my first try on 9/26/2009. Reading this book was my only prep. I needed to draw on years of experience working in the bizz to pass the exam. This book alone would not have done it. I'm not alone in this belief either. Lots of folks talk about having to read 4-5 different books to prepare for this exam.

Customer Rating: 

I bought this book to attend the CISSP bootcamp and found it to be extremely useful.

Customer Rating: 

For the few of you who don't know, the CISSP is a test that quizzes your knowledge of many broad topics related to information security. For the 75% of us in security...but who aren't security gurus in EVERYTHING, completing Shon's 4th edition will be like choosing to take the 'red pill' instead of the blue. (The Matrix). This book does a great job of keeping your attention span through the 10 'domains' necessary for the test. These domains will range from very interesting to boring, depending on your experience. Shon does a good job explaining the history of each domain, a good overview required for the test and a road map of newer technologies coming out in the field.

Q: Can I pass the test by using this book and skipping the classes?
A: Yes. But don't even think of doing this unless you have at least 5yrs. of hard experience in a minimum of 2-3 of the domains. I passed the 1st time, but still used multiple resources.

Q: Is the time and money spent on this 1100 pg. monster worth it?
A: Yes. It's super simple math...cost of good book ($) vs. cost of good classes ($$$).

Q: Am I guaranteed a raise, new job offers and endless treasures once I become certified?
A: No. I've found some employers could care less, while others demand it. Regardless, you've got to love learning new things and want to do it for yourself FIRST to finish this book and successfully pass the test. It was worth it to me and hopefully will be for you.

Customer Rating: 

I'm going to follow my own advice and not use 1000 words for the review, when fewer than half that will do. The book is effective for what it's designed to do, and does this by tossing a lot of information at a relatively high level (low detail) at the reader. The CISSP covers ten domains of knowledge and is oft referred to as "a mile wide, but an inch deep". This is an accurate statement, and this edition of the book more than covers the general information covered on the exam.

However, it is wordy, and at least 30% of the book is merely fluff. This might be for the reader's benefit (if they don't have experience in the particular domain, I can see how her writing style might be useful), or maybe it's just the writer's innate style. I do not know, but more often than not I put this book down, not because of the amount of material I was ingesting, but because I was too tired to deal with six pages that were written just for the sake of writing them.

If you can deal with that, then it's a great resource. If you can't, then get it for the CD and summary pages at the end of each chapter (both the questions/practice exams and the end of chapter summaries were very useful to me).

FWIW: I took and passed the CISSP on my first attempt, completing the exam in approximately 90 minutes. Much of that is due to previous experience related to the domains of knowledge on the exam (particularly my crypto and telecomm background), but this book and the ISC2 workbook got me through enough questions on the exam that I consider both to be more than worth the money paid.

Customer Rating: 

I have read through the Shon Harris book (4th ed), the Official book, and this Sybex book (4th ed.). The Sybex book is definitely the best of the three. The AIO book gets too cute, too verbose, and too irrelevant in some parts. Shon Harris likes to expound upon subjects that have no relevance to the exam. A CISSP book should focus on what matters to pass the exam and that's it. More in depth information should be gleamed from other places. Extraneous information only serves to obfuscate the information that really matters. Then there is the official CBK book from ISC2. That book should be promptly burned in a bonfire. It's too difficult and dry to read to be of any use.

Shon Harris seems like a great researcher but I'm not sure if she's an expert at the topic she's writing about. The writers for the Sybex book seem to be more knowledgeable and able to explain the topics better. For example, Shon Harris throws multiple definitions out there without explaining the relations among them. Some times it felt more like a definition book than anything. Read my review on the Sybex 4th ed for the full comparison of the two books. This book is good, but the Sybex one is better.