The Virtual Bookcase for browsing and sharing reviews of books. New to this site? Read the welcome page first.

The Virtual Bookcase Home
Recent reviews
Collected book news
Welcome to this site
Add your own book

Book details of 'CISSP All-in-One Exam Guide'

Cover of CISSP All-in-One Exam Guide
TitleCISSP All-in-One Exam Guide
Author(s)Shon Harris
ISBN0072193530
LanguageEnglish
PublishedDecember 2001
PublisherMcGraw-Hill Osborne Media
Web links for this book
Search at Bookcrossing.com
Wikipedia booksources
Shop for this book
At Amazon.com
At Amazon.co.uk

Back to shelf Computer security
Amazon.com info for CISSP All-in-One Exam Guide

Score:

Vote for this book

The Virtual Bookcase Reviews of 'CISSP All-in-One Exam Guide':

Reviewer Rob Slade wrote:
Chapter one is a very reasonable review of the CISSP (Certified Information Systems Security Professional) credential, and the (ISC)^2 (International Information Systems Security Certification Consortium) exam process, including recertification. As with most of the chapters in the book, it has a set of sample questions, and while I could quibble with some, they cover a decent range of topics and a representative extent of difficulty. There are resources listed in this and other chapters, mostly Web sites. Web sites are, of course, most easily accessible, but they also die on a regular basis, and it might have been an idea to include references to other books on specific topics. It is difficult to see the point of chapter two--an opinion-piece level overview of various security related topics. Chapter three begins the first of the ten domains of the Common Body of Knowledge (CBK) with security management practices. It is obvious that the material has been structured and based on the (ISC)^2 CBK review course, even to the use of specific tables and diagrams, but the material is, at least, enhanced and extended by narrative discussion. Access control is explained clearly (and sometimes amusingly) in chapter four (although biometrics is generally considered to be a form of authentication, not identification). In general, the coverage of security architecture and models in chapter five is quite useful. However, there is too much emphasis on the old "Orange Book" TCSEC (Trusted Computer System Evaluation Criteria) and not enough on the newer Common Criteria. (The inclusion of a section on computer hardware is also a bit odd.) Chapter six has many of the blind spots about physical security common to most computer security types (including some erroneous information about Halon from the old CBK course). The telecommunications and networking material, in chapter seven, presents the underlying concepts well, but for some reason fails to address many of the security technologies. The explanations of cryptography, in chapter eight, are problematic. Fortunately, the content is not necessarily wrong. The author obviously is not familiar with this area, and the text in such areas as DES (Data Encryption Standard) modes and one way encryption doesn't make sense, although it does not necessarily misinform the reader. Chapter nine, dealing with business continuity and disaster recovery, is reasonable, but not as detailed as other sections. Law, Investigation, and ethics is pretty good, although some old crimes and the insistence on the salami scam myth are some notable flaws in chapter ten. Chapter eleven, applications development, contains the basic information but does not always make the connections to security. Operations security gets a sensible review in chapter twelve. The material is much more reliable and better structured than the SRV Press books , and much more reliable and complete than the Andress work (see reviews). Like the Krutz and Vines volume (see reviews) it is quite obvious that the content and organization is copied from the old CBK course (sometimes slavishly), although Harris does put more explanatory and narrative substance into the text. (Interestingly, there are some indications that this is based on an even older version of the course than Krutz and Vines used.) Even considering the noted weak areas in this book, it should provide a reasonable basis as a study guide for the CISSP exam, although those who use only this work should not expect to get a particularly high mark. copyright Robert M. Slade, 2002
Add my review for CISSP All-in-One Exam Guide

Book description:

All-in-One is all you need! This authoritative reference offers complete coverage of all material on the Certified Information Systems Security Practitioner (CISSP) exam. You'll find exam objectives at the beginning of each chapter, helpful exam tips, end-of-chapter practice questions, and photographs and illustrations. The bonus CD-ROM contains practice tests and hundreds of questions. This comprehensive guide not only helps you pass this challenging certification exam, but will also serve as an invaluable on-the-job reference.

Search The Virtual Bookcase

Enter a title word, author name or ISBN.

The shelves in The Virtual Bookcase

Arts and architecture (25)
Biography (24)
Business and Management (119)
Cars and driving (53)
Cartoons (45)
Children's books (179)
Computer (475)
Computer history/fun (111)
Computer networks (382)
Computer programming (215)
Computer security (269)
Cook books (89)
Fantasy (154)
Fiction (446)
Health and body (70)
History (135)
Hobby (37)
Horror (65)
Humorous books (52)
Literature (57)
Operating systems (94)
Outdoor camping (162)
Outdoors (236)
Politics (83)
Privacy (61)
Psychology (55)
Religion (17)
Science (113)
Science Fiction (156)
Self-help books (55)
Technology (12)
Travel guides (307)
War and weapons (29)
World Wide Web (211)
Zen (5)
Other books (88)
Mailing list
Subscribe to booktalk, the discussion list about books at The Virtual Bookcase.
Enter your e-mail address to subscribe (you will receive an e-mail to confirm your subscription):
The Virtual Bookcase is created and maintained by Koos van den Hout. Contact e-mail webmaster@virtualbookcase.com.
Site credits
Copyright © 2000-2008 Koos van den Hout / The Virtual Bookcase Copyright and privacy statement