CISSP All-in-One Exam Guide, Fifth Edition and over one million other books are available for Amazon Kindle. Learn more
  • List Price: CDN$ 84.95
  • You Save: CDN$ 16.44 (19%)
Only 1 left in stock.
Ships from and sold by
Gift-wrap available.
CISSP All-in-One Exam Gui... has been added to your Cart
+ CDN$ 6.49 shipping
Used: Good | Details
Sold by Daily-Deal-
Condition: Used: Good
Comment: This Book is in Good Condition. Used Copy With Light Amount of Wear. 100% Guaranteed.
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

CISSP All-in-One Exam Guide, Fifth Edition Hardcover – Jan 15 2010

See all 3 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle Edition
"Please retry"
"Please retry"
CDN$ 68.51
CDN$ 28.99 CDN$ 9.46
"Please retry"
CDN$ 21.47

There is a newer edition of this item:

Unlimited FREE Two-Day Shipping for Six Months When You Join Amazon Student

Product Details

  • Hardcover: 1216 pages
  • Publisher: McGraw-Hill Osborne Media; 5 edition (Jan. 15 2010)
  • Language: English
  • ISBN-10: 0071602178
  • ISBN-13: 978-0071602174
  • Product Dimensions: 19.6 x 6.4 x 23.9 cm
  • Shipping Weight: 2.2 Kg
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (4 customer reviews)
  • Amazon Bestsellers Rank: #246,736 in Books (See Top 100 in Books)
  • See Complete Table of Contents

Product Description

About the Author

Shon Harris, CISSP, is a security consultant, a former member of the is the founder and CEO of Logical Security LLC, an information security consultant, a former engineer in the Air Force’s Information Warfare unit, an instructor, and an author. She has authored several international bestselling books on information security published by McGraw-Hill Education and Pearson which have sold over a million copies and have been translated into six languages. Ms. Harris authors academic textbooks, security articles for publication, and is a technical editor for Information Security Magazine. Ms. Harris has consulted for a large number of organizations in every business sector (financial, medical, retail, entertainment, utility) and several U.S. government agencies over the last 18 years. Ms. Harris provides high-end, advanced, and specialized consulting for organizations globally. She also works directly with law firms as a technical and expert witness on cases that range from patent infringement, criminal investigations, civil lawsuits and she specializes in cryptographic technologies. Ms. Harris has taught information security to a wide range of clients over the last 18 years, some of which have included; West Point, Microsoft, DHS, DoD, DoE, NSA, FBI, NASA, CDC, PWC, DISA, RSA, Visa, Intel, Cisco, Oracle, HP, Boeing, Northrop Grumman, Shell, Verizon, Citi, BoA, HSBC, Morgan Stanley, Symantec, Warner Brothers, Bridgestone, American Express, etc. Ms. Harris was recognized as one of the top 25 women in the Information Security field by Information Security Magazine.

Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index
Search inside this book:

What Other Items Do Customers Buy After Viewing This Item?

Customer Reviews

4.5 out of 5 stars
5 star
4 star
3 star
2 star
1 star
See all 4 customer reviews
Share your thoughts with other customers

Most helpful customer reviews

Format: Hardcover
This book is well laid-out according to the CBK Knowledge Domains. The way it is laid out reinforces your knowledge of the preceeding chapters, and is organized in such a way that you build up the necessary background of the previous domains before you get into more complex chapters. For example, access control is covered before security architecture, by the time you are at architecture, you already have a good understanding of the basic access control models being used.

Shon Harris presents the material in a very clear and concise manner. For many CBK domains, due to the depth of knowledge required and the amount of material, normally this would get tedious very quickly and hard to absorb. However, Shon presents this information in a way that is engaging and not dry and boring. She uses humor at certain points, and makes light reading of abstract and difficult topics to understand. Not only does she write in a very smooth and easy to understand manner, she covers essential content - i.e. - she doesn't write "fluff". She also has a very amazing style of writing in that she manages to bring back topics constantly throughout the chapter that you covered earlier, and makes it relevant to what you are reading now - by referring to previous concepts. Sometimes you've covered a topic and then by the time you start thinking out logical questions, Shon Harris answers them and ties everything together smoothly and seamlessly.

I would highly recommend this book. I think that it is the style of writing and clarity which makes it so useful and valuable compared to other books which just seem to "assemble" bits of information from various sources and clump it all together. When you read Shon's book, you actually come away understanding the chapter and domain.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Hardcover
Studying for the CISSP exam? Then you've likely already heard of this book. It is thick. Lots of information in there. I found much of it too technical to take in and study, but if you're going for the CISSP, I do recommend at least browsing though it. There are some easier books to wade through, notably the one edited by Harold Tipton.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Hardcover
This book is excellent, better than the previous version, I have the two. The language is clear and very easy to understand.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Hardcover
Great book!
in fact, it is as good as can be !
great reference book well presented
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.

Most Helpful Customer Reviews on (beta) 100 reviews
45 of 46 people found the following review helpful
I passed the CISSP using only this book and a TON of preparation May 30 2010
By S. L. Fulton - Published on
Format: Hardcover
There is no simple formula to prepare for the CISSP certification, and no single resource which can guarantee success on the certification exam since every applicant's background is unique. However, this book (fifth edition) was my only resource in preparing for the exam and I passed on my first attempt (April 24, 2010).

I spent 60+ hours in preparation for the exam... that's 60+ hours of DEDICATED individual study using this book and CD, not 60+ hours spent web surfing during lunch hours or commercial breaks. My recent background is in middle management, with 20 years experience in network architecture and data security, so I already had a firm technical foundation for the test areas dealing with protocols and encryption variations. I also have an MS in Computer Science. Nonetheless, the exam was so broad, with topics covering general principles and concepts, that I could have prepared twice as long and still left the exam with questions about the outcome.

My personal opinion is that formal classroom instruction, through one of the many organizations offering CISSP preparation courses, is a worthwhile companion to Shon Harris' book. A study group is also a good idea. You will not obtain CISSP certification if you take the exam without preparation. This book (fifth edition) was sufficient, but not 100% comprehensive, to prepare me for passing the CISSP test.

Note: Some reviewers do not appreciate Shon's frequent analogies and humor. Most of her analogies helped me internalize the complex topics, but that's my personal learning style. The efforts at humor were generally awful, but every once in a while she was subtle and brilliant enough to make me laugh out loud. Working through Shon's unique writing style was not a problem for me... I actually found it refreshing.
28 of 33 people found the following review helpful
Useful, but hardly a technical book March 26 2010
By Chiradeep Chhaya - Published on
Format: Hardcover Verified Purchase
From a perspective of preparation for the CISSP examination this book is one of the standard places to start from. In that respect, I would give it a 4-start simply because it follows the core notion of the exam itself in that it is a mile wide and an inch deep.

However, do not expect this book to provide technical details or even technical language consistently. There's a lot of verbiage, needless attempts at humor - which really degrades the overall standing of the book - and just the right amount of information, but no more.

Also, do not make this book the sole resource for preparation. You *may* pass the exam but will be none the wiser for most of what the book covers.

Given that this is a technical examination after all, I would have much appreciated if the author did not try and frame the same statement in multiple ways in the same paragraph, stuck to using consistent technical language and provided more links to resources for additional information. It would also have been nicer if the key technical points, definitions, important values were better highlighted - or even repeated in a prominent tip - after every section so that a second reading becomes a lot less demanding. The exam is challenging in itself and the book and author can do a lot more to make preparation a less demanding experience.

It is difficult to come across books that are worthy of technical appreciation and I am afraid the above points make this a middle of the road effort.

I have no particular affinity to either the author or publication but would recommend giving the Mike Chapple book a shot. You will be a lot less frustrated reading technical matter for a technical examination than with the narrative-style of the Shon Harris book.
35 of 43 people found the following review helpful
Edition comparison Feb. 24 2010
By Old Timer - Published on
Format: Hardcover
I bought the third edition of this book in October 2009 to prepare for the exam. The reason for buying that instead of this fifth edition is obvious. It cost me only $2.95 plus $4.00 shipping. I was a little worry at the beginning because of the new material that was added since 2005. However, I though I can supplement with material in the internet. At the end, I don't have the time because the exam was on January 16, 2010 which gave me less than 4 months. During the exam, I did not see anything that I have not seen in the third edition. If you know something about the exam, you know they are not going to ask you directly about a concept or technology. So, you really have to understand the material. Since CISSP is more about principle and concept and less about specific technology, using a third or fifth edition is not going to make a big different. I passed the exam in one shot. Don't get me wrong. Getting the latest and the greatest is always good and I will consider getting the fifth in the near future when I need to brush up the knowledge. But if you want to save a little of money, consider getting the fourth or the third.
7 of 7 people found the following review helpful
BEST EXAM GUIDE!! Buy only if you want to pass. Nov. 25 2010
By GOP - Published on
Format: Hardcover Verified Purchase
First and foremost I passed the CISSP exam on the first try using this book. Please read the rest of this review carefully if you are thinking of purchasing this book. Read the title of the book "CISSP All-in-One Exam Guide, Fifth Edition" - This is not a tech manual, it is a study guide as clearly outlined in the title. If you are looking for a book to keep on your shelf that you want to lookup real word security issues, then this is NOT it. However, if you want to pass the CISSP exam using a "get to the point Exam Guide", then this is the one you want. I tried reading the ISC2 CBK 2nd and I could not do it. It wondered off of to topics that are not on the CISSP exam. Case in point, it is a "Body of Knowledge" and not a to the point "Exam Guide". Shon Harris has broken the material up in small enough sections so if you have a problem area then you can concentrate on your problem area in the book. Use this book and CCCure's CISSP quizzes ($40 for 90 days access) and you can identify your weak areas, fix them and pass the test. I passed the test using CCCure's questions (EXCELLENT) to test my knowledge and this book to improve my weak areas and I PASSED.
Just a few points when you take the exam. I took the exam on September 18, 2010 in Wayne PA. I received email notification that I passed on October 20, 2010. I submitted the additional information for job history and endorsement on October 25, 2010. On November 16, 2010 I received another email saying I am now a CISSP and my docs will be mailed to me within six weeks. A of Thanksgiving Day (Today) I do not have a certificate. So, as you can see, it can up to 90 days to actually provide proof that you have an in hand certificate.
6 of 6 people found the following review helpful
Comprehensive but not precise and not up-to-date May 23 2011
By Y. W. Law - Published on
Format: Hardcover
Like many who have commented before me, Ms Harris' attempt at humor tends to get in the way of reading. Time is the essence; crisp, concise and clear is the way to go.

There are also a couple of mistakes that I have taken note of:

(1) On page 12, the question "Which item is not part of a Kerberos authentication implementation?" has no answer because the given answer "A message authentication code" is wrong -- RFC 4120 clearly shows the application of HMAC. Even without the RFC, authentication using symmetric-key crypto clearly requires a MAC.

(2) IPSec is more commonly written as IPsec. The second paragraph on page 760 is outdated, as ISAKMP is integrated into IKE since RFC 5996.

(3) In Table 6-3, page 443, not all Halon substitutes work by interfering with, or more precisely, inhibiting the chemical reaction. Inergen and Argonite for example work by displacing oxygen.

(4) On page 936-937, the definitions of DCL, DDL and DML are not really consistent with the database literature. For example, instead of "defining the internal organization of the database" (which sounds very vague), DCL is really for "controlling access to the data and to the database". On page 942, the definition of savepoint is also not precise. Savepoint is really a point where you can roll back a transaction to. See "Oracle Database 10g: The Complete Reference".

(5) On page 948, the definition of durability is not precise. This statement from Haerder and Reuter's 1983 ACM Computing Surveys paper is better: "Once a transaction has been completed and has committed its results to the database, the system must guarantee that these results survive any subsequent malfunctions."

(6) On page 1087, the phrase "As in RAID 1 striping" is wrong, as RAID 1 is for mirroring or duplexing, not striping.