Eric Conrad's Book Enough?
Hey guys, I was wondering if anyone has passed the CISSP just using this book as a main source?
I do have the Official Study Guide, but I fee it's quite chatty and my attention seems to be slipping
A little about my background:
-Worked in infrastructure IT from 2009 a 2012. Worked with Active Directory permissions, firewalling, virtualisation, server maintenance and upgrades, etc
-2012 onwards worked as an intrusion/malware analyst for Symantec, UK government and a few other large investment banks
Educationally I have a bachelors in Computer Networking and a masters in information security ( heavy on crypto, AAA, BCP, Risk, security models, computer hardware security, etc). Im also GCIH and GCIA
Most of the CBK I have knowledge of except for physical and software security. There isn't too much that stands out as really foreign.
So I am wondering if I can get away with the Eric Conrad book and the ISC Practise Exam book?
Cheers!
I do have the Official Study Guide, but I fee it's quite chatty and my attention seems to be slipping
A little about my background:
-Worked in infrastructure IT from 2009 a 2012. Worked with Active Directory permissions, firewalling, virtualisation, server maintenance and upgrades, etc
-2012 onwards worked as an intrusion/malware analyst for Symantec, UK government and a few other large investment banks
Educationally I have a bachelors in Computer Networking and a masters in information security ( heavy on crypto, AAA, BCP, Risk, security models, computer hardware security, etc). Im also GCIH and GCIA
Most of the CBK I have knowledge of except for physical and software security. There isn't too much that stands out as really foreign.
So I am wondering if I can get away with the Eric Conrad book and the ISC Practise Exam book?
Cheers!
Comments
-
![[Deleted User]](https://us.v-cdn.net/6030959/uploads/defaultavatar/nE1RZK93BLG3K.jpg)
[Deleted User]
Senior Member Posts: 0 ■■□□□□□□□□
For CISSP, consider buying the Shon Harris book. It has a lot of good feedback here! -
SteveLavoie
Member Posts: 1,133 ■■■■■■■■■□
Conrad's book is not enough. You can take as a first reading, but if you have some experience, i would stick with the official book from Sybex. I would leave Shon Harris to a less experienced people who need a lot more background kn the material. -
Mike7
Member Posts: 1,114 ■■■■■□□□□□
I passed the CISSP with Eric Conrad as the main source and Shon Harris as a lookup reference for weaker domains. I had infra, app development and security policy management experience.I do have the Official Study Guide, but I fee it's quite chatty and my attention seems to be slipping
Most of the CBK I have knowledge of except for physical and software security. There isn't too much that stands out as really foreign.
So I am wondering if I can get away with the Eric Conrad book and the ISC Practise Exam book?
If you supplement your study by reading up more on your weaker areas, I believe you are able to do it. I look forward to your "I passed" exam review.
-
CryptoQue
Member Posts: 204 ■■■□□□□□□□
I would suggest Sybex in addition to Eric Conrad's book. Their official study guide comes with a test engine for each chapter, 1000 exam practice questions, and 500 flash cards. Good luck! -
chrisone
Member Posts: 2,278 ■■■■■■■■■□
This exam will require multiple sources for study.Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
higherho
Member Posts: 882
I only used Erics 3rd Edition book (main source) and his 11th hour book. I also used practice exams. Eric gets right to the point. No fluff and I think people over study for this exam (unless they lack experience). The content is better than the questions. The questions are very high level (a high percentage).
Granted my experience has been 6 years in the Department of Defense as a Systems Engineer so I had experience in a number of the domains. If you don't, then I can see some extra study material as reference material to compare to Eric's books. -
Malfie
Registered Users Posts: 1 ■□□□□□□□□□
Wrote the exam and passed on the first attempt! Could not be happier!
Study wise, this is what I did.
1) Read AIO front to back. Yes its wordy but its a great base. Listen to the audio on the walk to work to keep everything somewhat fresh. The book came with an exam prep cd which allows you to run exam simulations. It breaks down where you are weak and you can focus from there. Took 2 month, re read Network a couple times, and was busy with work.
2) I am not from a technical background(Finance and IA) so i knew this is where i would have to focus. I had the ability to sign up for SANS MGT 414 and went through the course(On Demand), Syngress, and 11th hour. For me, this course was a great knowledge base and add more comfort on the technical side of things(or at least as in depth as you need for CISSP). Did all practice questions in the book, the online content, and practice exams. I actually never really did well on these but i believe it was because i was rushing through and not treating them as an "exam". 2 more months.
3)Syngress book and 11th hour. I found them concise and very easy to read. Re read the Syngress book twice and did all the questions again.
4) 11th hour- read this 2-3 days before the exam(wish i did before as well). It summarized everything beautifully.
Pay attention to the steps withing IR/BCP/SDLC. I spent a lot of time on the networking domain and didnt spend enough time on the others.
Remember its a management exam
Good luck!!!
Ryan -
CryptoQue
Member Posts: 204 ■■■□□□□□□□
Wrote the exam and passed on the first attempt! Could not be happier!
Study wise, this is what I did.
1) Read AIO front to back. Yes its wordy but its a great base. Listen to the audio on the walk to work to keep everything somewhat fresh. The book came with an exam prep cd which allows you to run exam simulations. It breaks down where you are weak and you can focus from there. Took 2 month, re read Network a couple times, and was busy with work.
2) I am not from a technical background(Finance and IA) so i knew this is where i would have to focus. I had the ability to sign up for SANS MGT 414 and went through the course(On Demand), Syngress, and 11th hour. For me, this course was a great knowledge base and add more comfort on the technical side of things(or at least as in depth as you need for CISSP). Did all practice questions in the book, the online content, and practice exams. I actually never really did well on these but i believe it was because i was rushing through and not treating them as an "exam". 2 more months.
3)Syngress book and 11th hour. I found them concise and very easy to read. Re read the Syngress book twice and did all the questions again.
4) 11th hour- read this 2-3 days before the exam(wish i did before as well). It summarized everything beautifully.
Pay attention to the steps withing IR/BCP/SDLC. I spent a lot of time on the networking domain and didnt spend enough time on the others.
Remember its a management exam
Good luck!!!
Ryan
Congrats!!!