Discrepancies between study guides / how "official" is the Official ISC Guide?

bigdummybigdummy Member Posts: 30 ■□□□□□□□□□
I'm using several study guides to study for the CISSP - All in One, Sybex, Eric Conrad, and the Official ISC Guide.

One of my biggest frustrations, is that there are numerous topics where the concepts, technologies, or models are explained slightly differently between the different books. For example, one book says a warm site has no computers at all, whereas another book says a warm site has computers but no data on them. One book says Electronic Vaulting is always done to a remote site, while another book says it can be done between systems at the same site. Or the steps to things like the BCP process are different in one book versus another. These are just three examples, but I've run into countless discrepancies like this...

From what I understand, the questions on the CISSP exam require you to truly understand the subtle nuanced differences between similar concepts. But how is that possible if the same concepts are explained differently in different study guides? I've also heard that you need to answer the questions the way the ISC wants you to answer them, as opposed to how you might answer them based on experience.

Does anyone know if the Official ISC Guide is truly the "official" source of info - meaning the questions on the CISSP exam are based on how things are explained in the official guide? If the answer is yes, then I guess that makes it easy, because we have an authoritative source of information, to clear up the discrepancies. But if not, then how do we really know which explanations are correct, as far as the exam is concerned.

I have read that the questions on the CISSP exam can come from a variety of sources. If you look at the Candidate Information Bulletin, there are dozens of different books listed in the "references" section. So does that mean the Official ISC Guide should not be trusted as the authoritative answer to discrepancies?

Am I crazy here, or have others noticed this too? Perhaps those who have taken the exam can weigh in? How do you know which explanation is right...

Comments

  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    I remember reading somewhere that the CBK is based on so many standards, frameworks, etc. that it is not possible to say that this or that guide is the definitive one. I am inclined to think that what you describe is human error on the author's end. Have you checked the errata for whoever says a warm site has no computers. That is obviously an error. Same applies for electronic vaulting; it implies offsite storage.
  • LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    Coming from how ISC2 introduce new graded questions into the exam, I would assure that you would not really had to worry about this. 25 of 250 questions is always ungraded, they are meant to serve to collect data before they are introduce as a graded question into the exam itself. And candidates who answered these question would had use various study guides as well, so if the questions are worded in a way that results in candidates picking two choices too closely, ISC2 would probably review the questions and adjust it until it reach an acceptable level. If in doubt, having the official CBK in hand is always good to clarify doubts.
  • JDMurrayJDMurray Admin Posts: 13,092 Admin
    The OIG books are a primary reference used by the people who write (ISC)2 exam questions. Also used are InfoSec industry standard books and publications listed in the CISSP CIB. I have heard that the exam writers specifically avoid using (ISC)2 exam prep books from other publishers as reference sources for (ISC)2 exam item information.
  • teancum144teancum144 Member Posts: 229 ■■■□□□□□□□
    bigdummy wrote: »
    I'm using several study guides to study for the CISSP - All in One, Sybex, Eric Conrad, and the Official ISC Guide.

    One of my biggest frustrations, is that there are numerous topics where the concepts, technologies, or models are explained slightly differently between the different books. For example, one book says a warm site has no computers at all, whereas another book says a warm site has computers but no data on them. One book says Electronic Vaulting is always done to a remote site, while another book says it can be done between systems at the same site. Or the steps to things like the BCP process are different in one book versus another. These are just three examples, but I've run into countless discrepancies like this...

    From what I understand, the questions on the CISSP exam require you to truly understand the subtle nuanced differences between similar concepts. But how is that possible if the same concepts are explained differently in different study guides? I've also heard that you need to answer the questions the way the ISC wants you to answer them, as opposed to how you might answer them based on experience.

    Does anyone know if the Official ISC Guide is truly the "official" source of info - meaning the questions on the CISSP exam are based on how things are explained in the official guide? If the answer is yes, then I guess that makes it easy, because we have an authoritative source of information, to clear up the discrepancies. But if not, then how do we really know which explanations are correct, as far as the exam is concerned.

    I have read that the questions on the CISSP exam can come from a variety of sources. If you look at the Candidate Information Bulletin, there are dozens of different books listed in the "references" section. So does that mean the Official ISC Guide should not be trusted as the authoritative answer to discrepancies?

    Am I crazy here, or have others noticed this too? Perhaps those who have taken the exam can weigh in? How do you know which explanation is right...
    I too am reading the ISC2 OG as my primary reference. I find the book very frustrating because of all the errors -- for example:
    Also, the quality of writing is very inconsistent. Some chapters are fairly well written, but some are poorly written, as follows:
    • Access Control: Writing quality is fair, but lots of errors
    • Telecommunications and Network Security: Poorly written and lots of errors
    • Information Governance ane Risk Management: Better, but still many errors.
    That is as far as I've read.

    I believe it is the authoritative source from which many test questions are written. Here are some thoughts on the OG vs other sources:
    If you like my comments or questions, you can show appreciation by clicking on the reputation badge/star icon near the lower left of my post. :D
  • bigdummybigdummy Member Posts: 30 ■□□□□□□□□□
    Thanks for your replies everyone. This sure is a frustrating test to study for!

    I noticed that the practice questions in the (ISC)2 Guide seem different than any other practice questions I've taken. Lots of ambiguous wording, with several seemingly correct and similar answers, yet only one "best" answer. I'm wondering if these practice questions are written in the same style as the actual exam?
  • LionelHutz32LionelHutz32 Member Posts: 11 ■■■□□□□□□□
    bigdummy wrote: »
    Thanks for your replies everyone. This sure is a frustrating test to study for!

    I noticed that the practice questions in the (ISC)2 Guide seem different than any other practice questions I've taken. Lots of ambiguous wording, with several seemingly correct and similar answers, yet only one "best" answer. I'm wondering if these practice questions are written in the same style as the actual exam?

    I was wondering the same thing, having gone through the end-of-chapter questions they are a tougher, more ambiguous style of question than all the other books. Is this pretty much the style that we have to expect in the exam? Is this what the GISP practice exam questions are like?
  • exspiravitexspiravit Member Posts: 44 ■■□□□□□□□□
    I just passed my CISSP on 6/28 first take.

    What I did was use the official ISC(2) CISSP book and augmented it with notes in the sidebars from the Shon Harris book. I also had the flash cards and a sample exam. I did also go Training Camp in Bushkills, PA. T/W/Th I studied the materials via updating the ISC(2) book as I mentioned before, and on Friday I studied the syntax of the sample questions in relation to the correct answer. You might have a simple sentence or a scenario question and of that the whole thing or just half a sentence is what matters.

    TC also has their sample and simulated tests. I took them a bunch of time to establish a trend of what domains that I was proficient and deficient in. The areas that I was deficient in is where I focused.
Sign In or Register to comment.