CISSP in 21 Days from Packt Publishing
by, 03-25-2009 at 01:18 PM (8849 Views)
CISSP in 21 Days by M. L. Srinivasan and from Packt Publishing is a new entry into the universe of study aides for the (ISC)˛ CISSP exam. This book approaches studying for the CISSP exam by breaking up the domains of the CISSP CBK (Common Body of Knowledge) into twenty-one chapters, each to be completed by the reader in a day's time. The book also includes a mock exam with items derived from the CISSP CBK.
The writing style of the book is clear and brief. Each topic is written in short sections that are easy to digest, which makes the material read quite quickly. There are numerous tables, charts, and diagrams, and the layout of the content material is logical and flows well. Each chapter concludes with a short quiz that tests the reader's factual understanding of the material in each chapter. The quiz items are in format similar to the CompTIA Security+ exam.
A sample chapter in PDF format is available to get an idea of the book's writing and presentation style.
The information presented in the book is quite factual and technical. The material contains definitions and descriptions of CISSP CBK topics and presents them in a way that is easy to memorize. The information is a bit thin in spots, and lacks discussion of many conceptual, non-technical aspects of the CISSP CBK. In fact, the book's material reminded me more of the technical SSCP exam rather than the more business-oriented CISSP exam.
To determine how comprehensive the book's coverage of the CISSP CBK is, I compared its contents to the (ISC)˛ CISSP Candidate Information Bulletin for 2009. This bulletin is the guide for what areas of knowledge every CISSP candidate should study prior to taking the CISSP exam. Therefore, the content for any new CISSP study guide should follow this bulletin closely. Unfortunately, CISSP in 21 Days came up a little off-target.
One thing that stuck me is the lack is the detail of some rather important areas of the CISSP CBK typically covered by every CISSP exam. These areas include security architecture models (Bell-LaPadula, Biba, Clark-Wilson, etc.), access control (policies, logging), and the inter-relationships of operational controls. The book also lacks sections for some of the newer topics rumored to be added to the CISSP exam in 2009, such as VoIP security and quantum cryptography.
Still, there are good things to report. A feature most CISSP candidates will like is an entire chapter containing a 250-item practice exam packed with CISSP CBK information that is good to know for the CISSP exam. Many CISSP books include an electronic practice exam on the book's CD, which is not how the actual CISSP exam is administered. Although the book's paper practice exam is much simpler than the CISSP exam itself, it is a good test of the candidate's factual understanding of the information in the book. Taking the entire exam at once will also give you a some idea of how much mental stamina is required to think yourself through the real CISSP exam.
There is no single book that covers the entire length and breadth of the CISSP CBK, and CISSP in 21 Days is no exception. Due to the lack of detailed information about the “softer” side of the CISSP CBK, I cannot recommend this book as a primary study source for the CISSP exam. However, for those exam candidates who find the more massive and detailed CISSP study references to be overwhelming, this book might be a good introduction to the more technical topics covered by the CISSP exam. For this reason, CISSP in 21 Days is definitely worth a look.
About the Book's Author: M. L. Srinivasan , CISSP, is an Information Technology and Information Security professional and has about 18 years experience in various domains of IT such as Software Programming, Hardware Troubleshooting, Networking Technologies, Systems Administration, Security Administration; Information Security-related consulting, audit and training.
Total Trackbacks 0