The CISSP Prep Guide: Mastering the Ten Domains of Computer Security [Hardcover]

The Certified Information Systems Security Professional (CISSP) rating is difficult to earn and rare in the marketplace, which means you're a valuable commodity if you've proven your skills by passing the exam. The CISSP Prep Guide is one of only a handful of books on its eponymous subject, and does a good job of giving its readers a feel for the scope of the test and the style of its questions. It's ideal for use either as a preliminary survey of the CISSP subject areas--the test's publisher and the authors of this book call them "domains"--for relative newcomers to computer security, or as a pure study guide to help more experienced professionals zero in on the weak spots in their knowledge. Don't expect to do well on the CISSP exam having only read this book. You'll want to have some practical experience and some specialised reading under your belt.

Ronald Krutz and Russell Vines are good writers and fine teachers; they explain the wide-ranging CISSP domains (which have to do with everything from cryptographic algorithms to fire-suppression techniques to legal principles). They take care to explain potentially unfamiliar terms--there's a good glossary in the back of this book--and employ conceptual diagrams well. However, the answer keys for the sample questions that conclude each chapter aren't annotated and some readers will wish for more references to specialised sources. --David Wall

Topics covered: The subjects covered by the Certified Information Systems Security Professional (CISSP) exam, published by the International Information Systems Security Certification Consortium, including cryptography, access control, security policy, legal matters, and physical safety of information, equipment, and people.

"...fulfils its purpose well and forms a good introduction to the concepts and jargon used in all areas of IT security...worth having as a reference dictionary..." (Computer Bulletin, September 2002)

With the growing threat of computer viruses and Internet security breaches, companies are fiercely headhunting for CISSP certified security professionals. The industry standard test on IT security, the Certified Information Systems Security Professionals (CISSP) exam is administered 16 times per year throughout the U.S. and Europe. This book serves both as a prep guide for IT professionals seeking to advance their careers through CISSP certification and as a reference for readers who need a fundamental end-to-end security reference book. Co-authored by Ronald Krutz, this handy guide explains the ten security domains covered by the exam, from security management to cryptography to disaster recovery planning to legal and ethical issues. Sample questions and answers are also included.

A one-stop source of information covering everything you'll need to know in order to pass the CISSP examination

The CISSP Prep Guide

From stolen intellectual proprietary and denial of service attacks to unauthorized use of critical resources and computer viruses, e-business companies face numerous threats each day that can cost millions of dollars. The need for these companies to protect their networks and information systems has, in turn, created an unprecedented demand for information systems security professionals. In fact, today's companies are fiercely headhunting for Certified Information Systems Security Professionals (CISSP). Based on the extensive test experience of the authors, this book serves as both a prep guide for IT professionals seeking to advance their careers through CISSP certification and as a reference on fundamental and emerging information security knowledge. It focuses on the common body of knowledge (CBK) as defined by the International Information Systems Security Certification Consortium (IS C)2. The ten domains of the CBK are covered in detail, including security management, cryptography, disaster recovery planning, and telecommunications security. Each domain of the CBK is then followed by a series of sample practice questions that are similar to those that you'll encounter on the CISSP examination, helping you better prepare for and pass the exam.

This comprehensive book:
* Covers the fundamental content of the CBK in a way that is independent of the breakdown or possible merger of the domains
* Provides questions on each CBK domain along with explanations of the answers
* Reflects the most recent advances in the information security field
* Avoids the extraneous mathematical derivations, presenting only the information you'll need to know for the CISSP examination
* Includes valuable reference material and explores advanced topics in the appendices

Wiley Computer Publishing
Timely. Practical. Reliable.
Visit our Web site at www.wiley.com/compbooks/

RONALD L. KRUTZ is a lead instructor for the CISSP CBK review seminars. He spent twenty-four years at Carnegie Mellon University as a faculty member and then as an R&D Director at the Carnegie Mellon University Research Institute. Dr. Krutz is a Senior Information Security Consultant for Corbett Technologies, specializing in information assurance appraisal methodologies. He holds a PhD in Computer Engineering, is a registered Professional Engineer, and is a CISSP. He is the author of two previous Wiley books, Microprocessors and Logic Design and Microcomputer Interfacing.
RUSSELL DEAN VINES is President of the RDVGroup, a NYC-based security consulting services firm, and has been involved in computer security for nearly twenty years. He is a frequent speaker on security methodology, wireless security, and best practices in the information industry, and is also an instructor for the CISSP CBK review seminars. He has helped design and build the security architecture for Fortune 1000 Companies worldwide. He is a CISSP, CCNA, MCSE, MCNE, and a National Security Agency/IAM professional. Mr. Vines is also an accomplished jazz composer, performer, and educator.