CISSP Book advice for veteran IT Sec Engineer

Greetings everyone,

I would like to ask your help to make the correct decision on which book(s) to buy in order to take the CISSP exam (covering also the 2018 update).

To give you some context, I am a veteran IT Sec Engineer and my employeer asked to obtain the CISSP certification for a career opportunity.

What is your advice? I need something which won't start from the basics but jumps directly to the core of the topics, with a good writing style (I hate repetitions and flights of fancy). And ofcourse a resource with a super huge amount of tests to take.

Thanks a lot,
elgringo

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

SteveLavoie

My advice would be to go with Eric Conrad's book. He wrote 2... CISSP Study guide and 11th hour guide. Start with the CISSP study guide, it is one of the shorter complete guide. It is straight to the point and you will see what you need to cover in more depth. Peraps you will find that even as a veteran IS sec engineer you can have a complete domain unknown to you.

Then you can do an assessment test, it is one thing to know, but sometime it is different to answer question.

kabbra

This is a hard question to ask. I would recommend the ISC2 CBK book. This is the one I used to study and pass the exam. Yes it is brutal to read, but it is the closest thing when it comes to the exam questions, especially the questions at the end of each chapter.

FSF150

SteveLavoie wrote: »

My advice would be to go with Eric Conrad's book. He wrote 2... CISSP Study guide and 11th hour guide. Start with the CISSP study guide, it is one of the shorter complete guide. It is straight to the point and you will see what you need to cover in more depth. Peraps you will find that even as a veteran IS sec engineer you can have a complete domain unknown to you.

Then you can do an assessment test, it is one thing to know, but sometime it is different to answer question.

Seconded on Conrad. I recently passed CISSP and my technique was simple: use the ISC2 test/flashcard apps and Conrad's own practice exams, then research the "trouble questions" in-depth using his book and Google. I would always recommend that people read the full study guides cover-to-cover, but in practice I think few do. They aren't a quick read.

I bought the 11th hour book as well, but it is very high level. I'd actually start with that book and make note of the sections that make you think "I have never even heard of that before". That'll help with more targeted study.

Combining those resources as well as the numerous CISSP presentations available free online (I liked this one: "Fun with CISSP Questions: "The Absurd, The Drink the Kool-Aid, and The Ugly" http://www.sans.org/webcasts/99157) should keep you busy.

They have updated the test, but judging by my passing it the currently available resources are satisfactory.

beads

I throw in the following quiz book or something similar: https://www.amazon.com/CISSP-Practice-Questions-Answers-Explanations/dp/111810594X/ref=sr_1_1?ie=UTF8&qid=1532532748&sr=8-1&keywords=CISSP+RAO

Rao wrote a similar earlier edition. This appears that SYBEX bought the rights and slapped their logo and color scheme on it and called it good. I do well with quiz books as a study method as a form of gap analysis.

Took the exam many years ago but still say the exam is more experience based than anything to do with 'management'. You'll do fine.

Good luck with the studies.

YMMV

- b/eads