SSCP Study Books

Pecco

I apologize if this is a repeated post but I didn't find what I was looking for when I browsed all the topics.

I need to find some solid books about the SSCP. I've been looking around and have seen many bad reviews for the Sygress and Wiley books so, I'd like to avoid those if I can. Is there any good book for the SSCP. I understand ISC(2) will have a book coming out in Feb 2007 but that's a loooong time to wait. Any info you could provide would be great!!

Thanx

lightweight

The best book out there would be the Mike Meyers Passport for CISSP. Just leave out the chapters on the topics not covered. The Shon Harris All-in-one books for CISSP would be a great choice also. And do not forget the cccure.org site for test questions as well. This test is next for me as well. I have studied about 6 months for the CISSP and just decided to go for the SSCP instead. I plan on taking the exam Aug 12 when it comes to my city.

Webmaster

lightweight wrote:

The best book out there would be the Mike Meyers Passport for CISSP. Just leave out the chapters on the topics not covered. The Shon Harris All-in-one books for CISSP would be a great choice also.

Both are from Shon Harris, the All-in-One is just a lot more complete and is therefore better than the Passport. The latter is from a series which is similar to Exam Cram and is more suitable as an 'extra' guide. CISSP minus a the non-relevant domain is not SSCP. Even thought the domains are similar, and there is a lot of overlap between the two in regards to topics, there 'are' things in the SSCP that are not in the CISSP. I agree getting one of those Shon Harris book is very useful to prepare for SSCP, but considering the cost of the exam I suggest an additional SSCP guide as well. The bad reviews about the Syngress guide probably have a lot to do with people expecting to pass this exam by reading a single book.

Pecco

That’s great info...thank you. I was considering the Shon Harris book but wasn't sure if it would pin point all 7 domains in the SSCP. I've compared the CISSP 10 Domains with the 7 Domains in SSCP but they don't seem to line up (at least not all domains). Maybe I'm missing something.

CISSP® CBK® Domains
- Access Control Systems and Methodology
- Applications and Systems Development Security
- Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
- Cryptography
- Law, Investigation and Ethics
- Operations Security
- Physical Security
- Security Architecture and Models
- Security Management Practices
- Telecommunications and Network Security

SSCP® CBK® Domains
- Access Control
- Administration
- Audit and Monitoring
- Cryptography
- Data Communications
- Malicious Code / Malware
- Risk, Response and Recovery

Not to say I would waste my time studying the CISSP because it's all great knowledge to have but I'd rather just focus on what is needed. I'll probably get the Shon Harris All-in-One just to be safe but, if there are any SSCP specific books you can recommend I would appreciate it.

Thanks for your input!!!

keatron

As Johan pointed out, these are not the same. SSCP is for a practitioner, CISSP is more for a manager or consultant. Even with the matching domains , such as cryptography, the concepts may be similar but the level of applicability you're supposed to know is not very similar at all. Also I agree with Johan, if you don't have extensive experience, the passport alone WILL NOT be enough. As I've pointed out many times before, you should always prepare yourself to consult other resources instead of just depending on exam preps and study guides. For example, if cryptography is one of your weak points, read some cryptography books to fill in your knowledge gaps. I exercise this same technique when studying for any exam. If you look at any Microsoft official curriculum, you'll see subnotes at the end of each module suggesting further reading in KB articles and other books. I don't read these for every module, just the ones I'm a little shaky on. So the same goes for CISSP, and SSCP. You can find a list of suggested readings here and on ISC2 website.

JDMurray

I'm studying for the SSCP right now, and I'm also in the process of compiling a list of study resources for the SSCP exam. Both the Wiley and Syngress books can be found at discount booksellers for around $10US each (try searching at addall.com). Most of the "bad reviews" I've read on these books are by people who've mistakenly believed that reading only one or two books will allow you to pass the SSCP. As both keatron and Webmaster have pointed out, this is simply not true. Both of these books cover the breadth of the SSCP exam domains, but not the full depth and detail of the information you'll need to know. (Of these two I like the Wiley book the best.)

As you've noticed, the domains of the SSCP do not exactly match the domains of the CISSP; the information covered by an SSCP domain may not be obvious. For example, the SSCP does not have an explicit Physical Security domain, but physical security topics may exist in the SSCP's Access Control and Audit and Monitoring domains. The SSCP's Malicious Code and Malware domain is covered by two CISSP domains: Applications and Systems Development Security and Access Control Systems and Methodology. Information in the SSCP's Risk, Response and Recovery and Administration domains is also found spread across multiple CISSP domains.

So as you can see, it's not easy to figure out what information in the CISSP books to study for the SSCP. It seems like only the law and ethics information isn't covered at all by the SSCP. Otherwise, information in all of the CISSP CBK's domains can be touched upon, at least in small ways, by the SSCP.

I'm basically using the two SSCP books I mentioned, the Harris CISSP all-in-one book, and the (ISC)2's CISSP official study guide. I'll supplement this with the on-line practice tests and study material at cccure.org, and maybe try the same from PrepLogic. Of course, I'll need to do other reading in non-exam prep books. To get an idea of what other books map to SSCP and CISSP domains, Ron Slade's list at http://victoria.tc.ca/int-grps/books/techrev/mnbksccd.htm seems to be very good.

Did I forget anything?

Webmaster

Excellent, I'm sure this will be useful as there isn't that much SSCP study material yet I'm sure many people will buy the popular CISSP guides.

jdmurray wrote:

Did I forget anything?

www.techexams.net/isc2/exams/start.php?exam=sscp

How would you rate the Syngress guide? I hear mostly only very good things about their Security+ guide, so I would expect that would do a good job at the SSCP guide as well.

JDMurray

I'm comparing the Syngress and Wiley books now. The Syngress book is definitely less detailed and an easier read than the Wiley book, which has more depth and theory. One interesting comparison is what information the two books show for each SSCP domain. For example, the Wiley book considers access control to cover both logical and physical security topics, while the Syngress book covers only logical access controls. Also, Wiley puts the topic of computer forensics in the Auditing and Monitoring domain, while Syngress describes this topic under the Risk, Response, and Recovery domain.

Large parts of the Wiley book seem on par with the Shon Harris CISSP All-in-One book. The descriptions, tables, and charts seem influenced by it and other InfoSec publications. The Syngress book is less information-dense, is therefore less intimidating and, as I said, and easier read.

Although the Wiley book seems clearly better than the Syngress book in most ways, the DVD in the Syngress book is far more useful than the CD in the book from Wiley. The Syngress DVD is a an SSCP video training seminar similar to the material from Learnkey and CBT Nuggets. There are nine chapter of material nicely presented by Jeffrey Posluns, the technical editor of the book. This DVD is actually like a second book, and is excellent for people who prefer to hear lectures rather than read text books.

The Wiley CD contains a Boson sample SSCP practice test, some NIST manuals, and other author-created documentation--most of which is already available on the Web. While this supplemental information is good to have, the Syngress DVD is a genuine and useful value-added advantage to its book while the Wiley CD is not (IMHO).

Which book is better for studying for the SSCP? I won't really know until after I've taken the exam. I can both see where the Syngress book doesn't have enough detail to be used alone, and how the Wiley book may have more detail than necessary for passing only the SSCP. I haven't notice any errors in either book (yet), and the sentence structure in parts of the Syngress book could use another round of editing. Both books are so inexpensive from the discount book sellers on half.com that anyone studying for the SSCP should just buy them both.

sprkymrk

jdmurray
Keep me updated on your progress on the SSCP. I am currently about a week away from taking my Sec+ (should have taken it 3 years ago ) and then my CCNA expires in November, so I need to gear up for that next. However, I have already begun to dabble into the SSCP certification, so I'll be curious about your progress and perspective. Thanks!

JDMurray

Will do. I'm hoping to take it in Dec or Jan.

sprkymrk

jdmurray wrote:

Will do. I'm hoping to take it in Dec or Jan.

Good luck!
Oh, and of course by February you'll have some nice "Tech Notes" ready and posted for me, right?

JDMurray

sprkymrk wrote:

jdmurray wrote:

Will do. I'm hoping to take it in Dec or Jan.

Good luck!
Oh, and of course by February you'll have some nice "Tech Notes" ready and posted for me, right?

I have looked over many of the domain topics of the SSCP with an eye to writing technotes, but I really don't see how I could possibly improve upon what's in Harris' CISSP book. Many of the complaints with cert study guides is that they don't go into enough detail to cover what information might be on an exam. I doubt that my technotes could provide more useful details than the SSCP and CISSP books already so.

Maybe as I'm studying for the SSCP I"ll have an idea of a set of technotes that might prove useful. We'll see.

JLL

jdmurray,

Thanks for providing the addall.com URL. I just purchased both the Syngress and Wiley books for about $15.00 including shipping!

JLuna

JDMurray

Glad you found that site useful. I use it all the time. And I'm glad you picked up both books at a good price.