- Visit the McGraw-Hill Technical Store for resources to learn more and do more.
CISSP All-in-One Exam Guide, Third Edition Hardcover – Sep 15 2005
Special Offers and Product Promotions
Customers Who Bought This Item Also Bought
No Kindle device required. Download one of the Free Kindle apps to start reading Kindle books on your smartphone, tablet, and computer.
Getting the download link through email is temporarily not available. Please check back later.
To get the free app, enter your mobile phone number.
From the Back Cover
Prepare to pass…the CISSP certification exam
Get complete up-to-date coverage of all the material on the Certified Information Systems Security Professional (CISSP) exam inside this all-inclusive resource. With full treatment of all the 10 exam domains, as developed by the International Information Systems Security Certification Consortium (ISC)², this definitive tool contains learning objectives at the beginning of each chapter, sidebars with in-depth technical explanations, practice questions, and real-world scenarios. Detailed and authoritative, this dual-purpose volume serves as both a comprehensive certification study guide and a fundamental on-the-job reference.
Get full details on all 10 subject areas covered on the exam:
- Access control systems and methodology
- Applications and systems development security
- Business continuity planning and disaster recovery planning
- Law, investigation, and ethics
- Operations security
- Physical security
- Security models and architecture
- Security management practices
- Telecommunications and network security
Included on the CD-ROM
- Simulated exam with practice questions and answers
- Complete electronic book
- Cryptography CBT demo
About the Author
Shon Harris, CISSP, MCSE, is the president of Logical Security, a security consultant, and a former engineer in the Air Force’s Information Warfare unit. She has taught computer and information security to a wide range of clients, including RSA, the Department of Defense, the National Security Agency (NSA), Bank of America, and others. Shon was recognized as one of the top 25 women in the Information Security field by Information Security Magazine.
Top Customer Reviews
Writing style is unbelievably poor and appropriate for girl's magazines, but not for a serious IT or technical book. The book is so irritating that I spent twice as much time reading it as I would have with another book on similar subject. Although all domains are somewhat covered in the book, they are not exact match for the requirements described in CBK. Some concepts described in official ISC2 course are not mentioned at all, while other, which are irrelevant to the exam contents are described in fine details on tens of pages.
Definitions in the book are fairly accurate since they are taken from other documents, but examples given to visualize them are amusing, to be polite. It appears that author has never actually performed any real work, but spent all her life teaching something she read from the books. Thus you can read that application level protocols are HTTP, FTP and WWW, or that DLL interprets voltages. In each chapter there are at least few amusements.
CD is nothing to write home about, if you need good questions go for Krutz&Russel editions.
All in all, don't waste your time over this book. If you have ever been on a course where instructor does not know what he is talking about, you'll know how I felt after reading this book.
The book covered areas of which I was both familiar and unfamiliar. The sections on the Orange Book and Common Criteria were entirely new to me. The sections on the OSI model and cryptography were not. Faithfully, I took each practice exam at the end of each chapter and scored an average of 92% throughout the book.
Come exam day, I was pleasantly surprised to find that there were virtually no questions that the book did not cover. Yes the exam asked more questions in some areas than others, but the book did cover the material.
I completed the exam in half the allotted time and walked out confident that I had passed (and easily). A few weeks later my suspicions were confirmed when I received my notification that I had passed.
So what's it mean to you? To me, it means this book is capable of getting you a passing score on the CISSP exam. So, buy this book and read it cover to cover. If you find there are areas that you just don't get or can't absorb, then sure, find another source to fill in the blanks for you. Otherwise, go confidently into the exam room knowing you've done an appropriate amount of preparation and enjoy the experience!
I've just got a confirmation that I passed the test, and I used only this book for studying. So that books is definitly not a joke and can get you through.
Why the reviews are so different?
First, the author's style. It's more like recorded lectures then a reference. The author included some jokes and funny examples. They are perfectly correct, not abusive, they add some spice to a highly proffesional text and I personally love them because they make reading that huge book not so boring, but looks like the fact the style is different drives some people mad.
Second, the nature of the exam. The covered area is very wide and includes more topic then most people normally know and use. So many readers think the topics they know the best could be written better. The problem is because of so wide coverage you can not go deeper then a certain level. The book is almost 1000 pages long and I personally think it's well balanced and provides adequate knowledge for the test. Yes, some chapters could be extended but then you'd be overwhelmed by the volume and I doubt it would improve your passing score significantly.
Some people complained about mistakes. Well, it's true, there are some. But, it's the same idea here. They are not crucial and don't really affect your score much.
It's like if you need to get to the airport and you friend offers help you don't really care what car he has. But if you go to dealership to buy a car every minor option gets so important. Same idea here. If your goal is to pass the test, the book can be used as the only training material and provides adequate up-to-date information in a resonable volume for a pretty cheap price. The book does it's job and does it well. It also has some personality so you may love or hate it, but it's just your emotional perception. The knowledge is there.
Did I pass the test? Yes - no problem. Did this book help? Somewhat, but not nearly as much as other tools I used. Here's why:
- Tone and length. I have to agree with some of the other reviewers that the tone of this book is unbearably chatty. One thing that appealed to me about this book was its size - I figured I was getting a ton of information from such a large book. As it turns out, the size has more to do with the author's inability to be concise, not the unusual volume of information. The author also tends to go into detail in areas where it isn't entirely relevant. For example, in the Operations chapter, several pages are spent on how email works. Although securing email is a relevant operations function, and people should know generally how email works, it is largely outside the scope of the CISSP exam.
- Level. Some of the analogies in this book are so basic as to be condescending. For example, in the Security Management chapter, the author likens a poor security structure to a house with a weak foundation, and actually includes a sketch of a house that has crumpled inward. Nevertheless, to sit for the exam, CISSP candidates have to be adults with a minimum of 3 years of industry experience. Although I think it's important to make the point that a sound security structure is vital to an organization, I don't think anyone really needs a picture of a crumbling house to get it.
- Chapter study questions. At the end of each chapter is a set of study questions. Answers are given, but no explanation, so if you don't know why you got a question wrong, you're out of luck.Read more ›
Most recent customer reviews
very good product, CISSP All-in-One Exam Guide is a very complete preparation with somme interesting exercices
service and shipping are very quit... Read more
This book is a good reference and study material for the CISSP exam. Although it is a thick book, it is very easy to read. The content of the book is not dry. Read morePublished on Feb. 1 2009 by Jenner Budakoglu
I successfully wrote the CISSP exam almost one and a half year ago and I have been meaning to write a review about this text. Read morePublished on June 15 2006 by Horace McPherson
Good reference for CISSP. Easily comprehensible material.
BTW, curious to know, has anybody taken CISSP exam, and not passed?
I read this book and almost memorized it. I found it to be way to detailed for the CISSP. The CISSP poses questions that are vague and open to interpretation. Read morePublished on July 10 2004
I'm now a CISSP certified and I can easily say that over 90% was because of Shon's book, I read all the major ones that they have in the market and the key diference was not only... Read morePublished on June 3 2004 by Neokanobi
Very very well written! I loved this book and I passed the exam last week. Bravo Shon Harris.Published on May 26 2004 by Fergus
I have several CISSP books, including this one and the just released "CISSP Prep Guide: Mastering the CISSP and ISSEP Exams". Read morePublished on May 4 2004
I wrote the CISSP exam recently and at least 40% of the exam was not covered or not covered in enough detail by this book. Not sure if the exam questions recently changed. Read morePublished on April 27 2004
Look for similar items by category
- Books > Computers & Technology > Certification Central > Exams > CISSP
- Books > Computers & Technology > Certification Central > Publisher > Osborne-McGraw-Hill
- Books > Computers & Technology > Hardware
- Books > Computers & Technology > Networking & Cloud Computing > Network Security
- Books > Deals in Books
- Books > Education & Reference > Schools & Teaching
- Books > Qualifying Textbooks - Fall 2007 > Computers & Internet
- Books > Qualifying Textbooks - Fall 2007 > Education