Official (ISC)2 Guide to CISSP book

groundskeeperwillygroundskeeperwilly Registered Users Posts: 1 ■□□□□□□□□□

Basically, I'm looking for someone who has experience in reading the Official (ISC)2 Guide to the CISSP 3rd Edition and then went on to do the exam.

I've started going through the guide, beginning at the Telecoms & Network Security CBK as that's where my experience is, so I want to get it out the way before moving onto the CBKs I do not know as I get closer to my exam date. That way, the new stuff is fresh in my head.
However, as I’m going through the guide, I’m concerned with the technical errors I’ve come across. Some of which go against every other piece of resource I’ve read or known for several years.
e.g. Telnet and FTP reside at layer 6 of the OSI model.

As a result of these errors, I have few questions which I would appreciate some input on from those of you who have read the guide and taken the exam.
  1. Am I right to be concerned that these errors may be found in the exam? After all, the (ISC)2 wrote the book and created the questions for the exam.
  2. For those who have read the book from cover to cover (admittedly I haven’t, but then again, I wouldn’t notice technical errors on subjects I do not know much about) did you see any technical errors?
  3. Should I carry on reading the guide? I have purchased several other resources and there is a plethora of information out there on the internet.
  4. When I see contradictions between what I read in the guide and other resources – which do I trust?
  5. Lastly, should I stop whinging, and just get on with it?


  • Options
    dustervoicedustervoice Member Posts: 877 ■■■■□□□□□□
    Continuing reading the book and ignore those errors for now... The test is about high level concepts and how you apply knowledge not about memorization as everyone on the forum have said. I would also recommend you use more than one source. Eric conrad or shon harris book along with the official book you are currently using. The questions in the back of the official book are great practice. read the "passed" threads on this forum they will provide you all the guidance you need.good luck
  • Options
    dctgibsondctgibson Member Posts: 38 ■■□□□□□□□□
    I will say that, although filled with grammatical errors, the ISC book helped me overall. As dustervoice stated, you should definitely utilize other resources along with this book. Getting accustomed to the layout, wording, and flow of the ISC guide should help you with the exam. So, continue reading the guide, mix in some other resources (i.e. Conrad's books and Shon Harris' AIO practice exams) and get on with it. You'll be fine....I wish you the best.
  • Options
    dou2bledou2ble Member Posts: 160
    I went through it during class and found it helpful. Our ISC2 instructor who also writes some of the questions said that if you find something in the official book that contradicts other books to go with the official book. It's not always about the "right way", but the ISC2 way.
    2015 Goals: Masters in Cyber Security
  • Options
    itsgonnahappenitsgonnahappen Member Posts: 95 ■■■□□□□□□□
    What he said. ^ Regardless of it's accuracy, go with the is2 CBK way. That's what you're tested against.
  • Options
    Spin LockSpin Lock Member Posts: 142
    I am reading the OG as part of my preparation, along with Conrad, AIO and Sybex. My experience has been that the quality of writing and technical coverage varies depending on the domain being discussed. So having multiple reference books really helps. For example, one of the most important domains is BCP/DR. Wait until you get to that section in the OG - IT IS AWFUL (in my opinion). Conrad, AIO and Sybex do a much, much better job. This isn't a case of technical errors as much as it is, laying out the information in manner that flows and is easy to follow.

    The routine I basically follow is to use the Conrad book as my primary source. I structure my notes and outlines based on how that book lays out each domain. But if a concept isn't making sense, I'll check the OG, Sybex or AIO, especially if I want more detail. This approach worked well for domains I'm not as familiar with like BCP and SDLC. For domains I know, like Telecom, I just read Conrad and moved on.

    So to echo what others have already told you - use multiple books. If one doesn't float your boat, refer to the other.
Sign In or Register to comment.