Official (ISC)2 Guide to the CISSP Exam

I would strongly suggest the Shon Harris book for future CISSP

Rating:
Summary: official ISC2 gide to the CISSP Exam
Review: As a future CISSP, I found this book very incomplete and difficult to read. I was given this book in a course, however I would not buy it. I expect a 2nd edition to come out next year.

I would strongly suggest the Shon Harris book for future CISSP

Rating:
Summary: Good book to have
Review: Guys,

I finally took the CISSP exam, and passed *not* using this book alone. I ordered this book 1 month before the CISSP exam, because someone recommended me to buy it and also said that it's an advantage to have it prior the exam. While this generally true, some are not.

The book was written by 3 authors, and reviewed by Hal Tipton (a very well respected and knowledgeable security professional) therefore the contents in the book is superior. And it was written by 3 authors, it also means you will experience 3 different writing styles throughout the book. The format of the whole book is consistent but tough luck, the writing style is so inconsistent.

I found some chapters are easy to digest with, and some are not (because of the 3 authors thing). The book doesn't present the CBK material in a good way for your to memorize, it acts more like a reference book. I have read All-in-One and Prep Guide Gold Edition, and those 2 books are GREAT to start with. I do like the Official (ISC)2 Guide because it covers material that the other books DON'T. Especially the Physcial Security and Operations Security domain. After reading the Physical Security domain I had a feeling like "I know how to pick a lock now ;)". This book also tells you what you need for the CISSP exam and what you don't, which is really good. It clearly states that "this information is not needed for the CISSP exam... it's being included here for your reference" and I find that's very helpful, saving me from memorizing superfluous information.

The Physcial Security domain also covers the CCTV camera, very nice materials indeed. You should expect to see some CCTV questions on the exam. If you don't really want to buy the book, you can easily search for the material on the net. But yeah the material is worth it.

The book also comes with a CD that has 204 questions in it, but beware that those questions ain't something that you might be able to see on the exam. I haven't found any practice tests useful, if at all (not even cccure.org). Don't buy practice tests, just concentrate on the CBK then you'll be fine. Don't expect similar questions or anything like that from the practice tests.

All in all, the materials in the book are great for reference but not memorizing. If you really want something to start with, please start with All-in-one, I wouldn't go for Krutz book because he has tons of SUPERFLUOUS information (you do Krutz). So, before, the CISSP's choice was All-in-One + Prep Guide, but now it should be All-in-One + Official (ISC)2 Guide. You guys should never start preparing for the CISSP exam without All-in-One, the CBK materials are presented to you in a very CONCISE and UNDERSTANDABLE manner althought Shon Harris does love chatting, but it's a great book to start with, and Official (ISC)2 Guide is a great "reference" book to keep.

Sorry, I'm too tired to go back to review what I have typed earlier so I end here ;). I don't give this book 5 stars because of the inconsistency in writing otherwise this book is great. You guys should buy it.

Rating:
Summary: Great book so far. Errors? What errors?
Review: I always read the negative reviews to get a better handle on the quality of the book. I become suspicious of negative reviews when people mention errors (which seems to happen to every cert book) but then don't give any examples of them. I'm not finished with the book yet but what I've read so far seems accurate and pretty straight forward. I'm not saying there aren't errors but just that I haven't found any yet. Like any test, you shouldn't rely on just one book to pass it but this book should definitely be on the list of those you read.

Rating:
Summary: Absolute HOG.
Review: I blindly purchased this book thinking, "its the official guide it should be decent" and boy was I surprised. The book is absolutely terrible. It's as if the three authors independently just threw their own thoughts into each chapter without even consulting each other.

The first chapter is absolutely shocking, you cant tell which paragraph belongs to which section making it impossible to learn the material. The authors use about 6 different types of heading styles without any form of numbering so you cant tell what belongs where. The concepts in the first chapter are all muddled up and spread out throughout the entire chapter making it very difficult to link or make any common sense out of the material. Maybe to someone who has already learnt the material from another source like the well organized Shon Harris Book "All in one CISSP Certification" you can THINK about reading this hog but even then I would save myself the 60 bucks.
I am sure the authors have a great knowledge of the subject pity they have no idea about writing a book or at least laying one out in a manner that is useful to others.


Rating:
Summary: Good... could be better
Review: I used this book and passed the test. However, I think I would have choosen the all in one if I would have to do it all over again (God, I hope that day never comes!) But the authors provide a pretty much complete summary for what is on the test. But I would not have done that great on the test if I did not take the review course.

Rating:
Summary: Riddled with errors!!
Review: I was so excited to review this book and am so unbelievably disgusted and saddened. It has so many errors, I am not sure how 3 authors could not have caught them.

I pray that the actually CISSP exam does not have so many errors embedded into it if this is the official study guide.

I am afraid that people who are not security professionals will learn the wrong information if they study this book.

Rating:
Summary: Difficult read
Review: I've recently begun studying for the CISSP. I figured the best book to start with would be the ISC2 guide as it was developed by the test authors. I also thought it would be best to start with the most difficult subject for me, telecomm, since my enthusiasm tends to be high and then wanes. Therefore, I started reading this book from the middle and reserved judgement until I finished at least one chapter - the biggest chapter. What follows is my review of the telecomm chapter.

I found it extremely difficult to follow the topics presented in the book. There was poor flow to the information, jumping from one topic to another and not knowing how they tied together. The text was not well outlined (every page seemed to have a bold or bold & italic heading but did not tie together) and the table of contents was not detailed enough - specifically it did not layout those bold headings.

I also found it extremely difficult to understand what level of detail I needed to know cold for the exam. I filled up an entire notepad with notes from reading that one chapter. When I got to the end of the chapter there was a nice list of "knowledge areas" you need to know. I wish the authors had tied these knowledge areas into the beginning of the chapter or the outline. Worse yet, I found some of the items listed in the knowledge areas were not discussed in the chapter text (i.e., e-mail security).

When I attended a CISSP review clinic, multiple people told me they found ISC2 book very dry and a difficult read. I had not looked at any other CISSP prep books but they recommended Krutz as an easier read. The CISSP prep instructor made a good point that what's most important about a prep book is to find one that you will actually enjoy reading, otherwise you won't learn from it.

This ISC2 guide might be helpful as a reference book, but it's not something you can curl up next to the fire with and enjoy. Even after reading the telecomm section of ISC2, I'm going to read Krutz's CISSP prep book as well as Pfleeger's Security in Computing book. Krutz's book is much more precise and focuses on the required CISSP knowledge. Pfleeger's book is a good example of a security book that's easy to read and you learn a lot from.


Rating:
Summary: Post-Exam Review
Review: In preparing for the exam I read CISSP All-in-One, CISSP Prep Guide Gold Edition, and CISSP for Dummies, but none of them were as helpful as the official guide in actually passing the exam (which I did). Although all of the domains are well-covered in this book, the chapters on information security management, physical security, telecommunications security, and business continuity planning were exceptionally good. As far as errors go, the official guide probably had the least out of all the books I read. The practice questions in this book are very good indicators of the kinds of questions you will see on the actual exam.

Although I wouldn't recommend that anyone use this book as their sole study source, I do consider it a "must read." In my opinion, the Shon Harris "CISSP All-in-One" compliments this book very well with its different writing style and additional practice questions.

Kudos to the authors on a job well-done! I look forward to getting Susan Hansche's official ISSEP guide when it finally comes out next year.

Rating:
Summary: From the author Susan Hansche
Review: The authors made many efforts to assure that there were not errors in the "The Official (ISC)2 Guide to the CISSP Exam," most notably having every chapter reviewed by subject matter experts in the field. It was our goal to provide a comprehensive study guide and reference tool for the CISSP Common Body of Knowledge. If there are errors, we want to know about them and make corrections.

In order for us to ensure that the book is responsive to the information system security community, we would like to hear your specific comments - both positive and constructive criticism. If you would like to send comments to us, especially an error that you find in the material, please send an email to cisspbook@cox.net. Please include the location in the book (i.e., page number and paragraph/line number) with your comment. If you are reporting an error, please indicate how you think it should be corrected and any appropriate reference material that verifies the correction.

P.S. For those wondering why I rated my own book, this system will not be let me leave the star rating as blank.