The Virtual Bookcase for browsing and sharing reviews of books. New to this site? Read the welcome page first.

The Virtual Bookcase Home
Recent reviews
Collected book news
Welcome to this site

Book details of 'CISSP Training Guide'

Cover of CISSP Training Guide
TitleCISSP Training Guide
Author(s)Roberta Bragg
PublishedNovember 2002
Web links for this book
Search at
Wikipedia booksources
Shop for this book
As an Amazon Associate I earn from qualifying purchases

Back to shelf Computer networks

Score: score: 2.0 **---  Vote for this book

The Virtual Bookcase Reviews of 'CISSP Training Guide':

Reviewer Rob Slade wrote:
The introduction and frontmatter appear to be much more concerned with the structure of the book (and this particular series of books) than the CISSP (Certified Information Systems Security Professional) exam. The initial list of topics covered by the domains has notable gaps and some oddities in organization. Part one is entitled "Exam Preparation," and is divided into the ten standard domains of the CBK (Common Body of Knowledge). Chapter one, on access control, shows problems right away. The first paragraph tries to distinguish between access control and authentication, but doesn't really outline the relationship between the two concepts, let alone dealing with the broader and more usual interrelated ideas of identification, authentication, authorization, and accountability. When discussing access models, the lattice content touches on advanced outcomes of the model, but not the basic principles. The biometric material is simply inadequate. There are sample questions at the end of the chapter, and this first set, at least, do appear to be crafted in order to avoid the usual "reading check" level of simplicity, but the wording is extremely poor and many answers are either flatly wrong or highly misleading. Similar problems are evident with telecommunications and networking, in chapter two, which has excessive space given to topics like cabling characteristics, poor explanation of the relationship between tunnelling and virtual private networks, an overview of intrusion detection that contradicts the material in chapter one, and some completely idiosyncratic terminology. The answers to sample question are more correct, but only because the questions themselves are overly simplistic. The rudimentary factors of security management are discussed in chapter three, but in a confused fashion, not assisted by the fact that topics are repeated and sections from other domains are introduced for no apparent reason. The central material is very brief, despite the sixty pages devoted to the topic, and entire sections, such as the various evaluation criteria, are missing. Applications development, in chapter four, does possibly provide enough information to deal with the CISSP exam on this subject, but lists lots of problems without many solutions, and has a great deal of extraneous material such as lists of different types of memory (fast page mode [FPM] versus extended data out [EDO] dynamic random access memory, for example). I thought the introduction to cryptography, in chapter five, wasn't all that bad (absent details such as the key in a one time pad having to be no shorter than the message being sent). That is, until I realized that it was the entire chapter, and details about any form of encryption, digital signatures, and the requirements for certification and a public key infrastructure were completely missing. Chapter six does cover the elemental points of security architecture, but in a disorganized manner, and has no material at all dealing with computer architecture. Operations security is discussed in terms of details like specific logs in Windows 2000 and updating antiviral scanners, and chapter seven misses more general concepts and operating principles. Business continuity and disaster recovery planning, in chapter eight, does provide most necessary information about the process, except for the recovery phase. Law, in chapter nine, concentrates too heavily on US legislation, and the investigative process fails to address incident response, interviewing, and relations with outside agencies. Chapter ten again covers physical security with specific details rather than underlying concepts. Part two is a review. About half of the "Fast Facts" are useful and the rest aren't: it would be hard for an exam candidate to know which is which. The study and exam prep tips are generic, and probably not much help. The practice exam questions are, like most of the sample questions in the book, far too simplistic and particular to properly prepare candidates for the actual CISSP exam. Despite the size of this volume, it does not contain as much information as, say, Harris' "CISSP All-in-One Certification Exam Guide" (see reviews), nor is it organized as well as the Krutz and Vines work (see reviews). It is closer to the Endorf (see reviews), Miller/Gregory (see reviews), or the second Harris (see reviews) works, and therefore its utility as preparation for the CISSP exam is questionable. copyright, Robert M. Slade, 2003 BKCISPTG.RVW 20030127

Add my review for CISSP Training Guide

Book description:

The CISSP (Certified Information Systems Security Professionals) exam is a six-hour, monitored paper-based exam covering 10 domains of information system security knowledge, each representing a specific area of expertise. The CISSP examination consists of 250 multiple choice questions, covering topics such as Access Control Systems, Cryptography, and Security Management Practices, and is administered by the International Information Systems Security Certification Consortium or (ISC)2. (ISC)2 promotes the CISSP exam as an aid to evaluating personnel performing information security functions. Candidates for this exam are typically network security professionals and system administrators with at least 3 years of direct work experience in one or more of the 10 test domains. This book maps to the exam objectives and offers numerous features such as exam tips, case studies, and practice exams. In addition, the CD includes PrepLogic Practice Tests, Preview Edition, making it the ultimate guide for those studying for the CISSP exam.

Search The Virtual Bookcase

Enter a title word, author name or ISBN.

The shelves in The Virtual Bookcase

Arts and architecture (25)
Biography (24)
Business and Management (120)
Cars and driving (53)
Cartoons (45)
Children's books (180)
Computer (475)
Computer history/fun (113)
Computer networks (382)
Computer programming (215)
Computer security (272)
Cook books (89)
Fantasy (154)
Fiction (446)
Health and body (71)
History (138)
Hobby (37)
Horror (65)
Humorous books (52)
Literature (57)
Operating systems (94)
Outdoor camping (162)
Outdoors (236)
Politics (85)
Privacy (61)
Psychology (55)
Religion (17)
Science (113)
Science Fiction (156)
Self-help books (56)
Technology (14)
Travel guides (308)
War and weapons (29)
World Wide Web (213)
Zen (5)
Other books (89)

The Virtual Bookcase is created and maintained by Koos van den Hout. Contact e-mail
Site credits
Copyright © 2000-2022 Koos van den Hout / The Virtual Bookcase Copyright and privacy statement