CISSP All-In-One Exam Guide (3rd Edition)

"All-In-One is All You Need"

The CISSP (certified information systems security professional) is generally regarded as the primary certification for I.T. security professionals to acquire. The 10 domains of the CBK (common body of knowledge) covered by the CISSP exam encompass a wide range of information, and the 6-hour test can be grueling. Those who wish to achieve the CISSP certification need an effective means of learning and retaining the information to pass the exam.

About The Book

At first glance, the book seems almost more overwhelming than the exam it is written to prepare you for. At 1000 pages, the hard-covered book is 2-1/2 inches thick and it doesn't use a very large font for the print. Bottom line: there is a lot of information in this book.

After opening with a couple of chapters regarding the process of becoming CISSP certified, and trends in the information security industry, Harris dives into covering the 10 domains of the CBK (core body of knowledge) outlined by (ISC)2, the organization that created and awards the CISSP certification.

Each of the 10 domain chapters averages just under 90 pages. Telecommunications and Networking Security (Chapter 7) comes in as the champion at 172 pages long, while Operations Security (Chapter 12) comes in on the low end at 46 pages.

The book ends with an appendix detailing the contents of the included CDROM, another appendix listing various notable organizations in the security field, such as the NSA, and a glossary of terms.

My Review

I have to admit that I am somewhat biased in favor of this book. But, that is only because it worked for me. Shon Harris' CISSP All-In-One Exam Guide (2nd Edition) is pretty much the only resource I used to study for the CISSP exam and I passed on the first try.

I did not read the book cover to cover for studying purposes. While it may seem that 1000 pages is enough to teach you everything, its not. The CISSP is designed to demonstrate a tremendous breadth of knowledge across the security arena, not an expertise in any single area. Yes, the book is thick. But each one of the domains are enough to fill a book on their own (and then some).

I did read the chapter Summary and Quick Tips in each chapter and answered the review Questions. Mainly though, I was able to take the practice exam on the included CDROM and identify the areas I was weak in, then use that information to focus my attention on the chapters I needed to review to strengthen those areas. I also read through the glossary to ensure I was familiar with the terms.

The information is presented in a way that is easy to understand and retain. Harris does an excellent job preparing readers to pass the CISSP exam and I highly recommend this book to anyone taking the exam.