Eric Conrad's Book Enough?
Hey guys, I was wondering if anyone has passed the CISSP just using this book as a main source?
I do have the Official Study Guide, but I fee it's quite chatty and my attention seems to be slipping
A little about my background:
-Worked in infrastructure IT from 2009 a 2012. Worked with Active Directory permissions, firewalling, virtualisation, server maintenance and upgrades, etc
-2012 onwards worked as an intrusion/malware analyst for Symantec, UK government and a few other large investment banks
Educationally I have a bachelors in Computer Networking and a masters in information security ( heavy on crypto, AAA, BCP, Risk, security models, computer hardware security, etc). Im also GCIH and GCIA
Most of the CBK I have knowledge of except for physical and software security. There isn't too much that stands out as really foreign.
So I am wondering if I can get away with the Eric Conrad book and the ISC Practise Exam book?
Cheers!
I do have the Official Study Guide, but I fee it's quite chatty and my attention seems to be slipping
A little about my background:
-Worked in infrastructure IT from 2009 a 2012. Worked with Active Directory permissions, firewalling, virtualisation, server maintenance and upgrades, etc
-2012 onwards worked as an intrusion/malware analyst for Symantec, UK government and a few other large investment banks
Educationally I have a bachelors in Computer Networking and a masters in information security ( heavy on crypto, AAA, BCP, Risk, security models, computer hardware security, etc). Im also GCIH and GCIA
Most of the CBK I have knowledge of except for physical and software security. There isn't too much that stands out as really foreign.
So I am wondering if I can get away with the Eric Conrad book and the ISC Practise Exam book?
Cheers!
Comments
If you supplement your study by reading up more on your weaker areas, I believe you are able to do it. I look forward to your "I passed" exam review.
2023 Cert Goals: SC-100, eCPTX
Granted my experience has been 6 years in the Department of Defense as a Systems Engineer so I had experience in a number of the domains. If you don't, then I can see some extra study material as reference material to compare to Eric's books.
Study wise, this is what I did.
1) Read AIO front to back. Yes its wordy but its a great base. Listen to the audio on the walk to work to keep everything somewhat fresh. The book came with an exam prep cd which allows you to run exam simulations. It breaks down where you are weak and you can focus from there. Took 2 month, re read Network a couple times, and was busy with work.
2) I am not from a technical background(Finance and IA) so i knew this is where i would have to focus. I had the ability to sign up for SANS MGT 414 and went through the course(On Demand), Syngress, and 11th hour. For me, this course was a great knowledge base and add more comfort on the technical side of things(or at least as in depth as you need for CISSP). Did all practice questions in the book, the online content, and practice exams. I actually never really did well on these but i believe it was because i was rushing through and not treating them as an "exam". 2 more months.
3)Syngress book and 11th hour. I found them concise and very easy to read. Re read the Syngress book twice and did all the questions again.
4) 11th hour- read this 2-3 days before the exam(wish i did before as well). It summarized everything beautifully.
Pay attention to the steps withing IR/BCP/SDLC. I spent a lot of time on the networking domain and didnt spend enough time on the others.
Remember its a management exam
Good luck!!!
Ryan
Congrats!!!