Best companion book to study
Whats the better secondary resource to prepare for the CISSP (with Shon Harris' All in One being the primary book): Is it the CISSP for Dummies or the ExamCram 2? The Examcram 2 was published in 2005 so I'm worried it may be a little outdated. Thoughts?
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Ben Franklin
"The internet is a great way to get on the net." --Bob Dole
"The internet is a great way to get on the net." --Bob Dole
Comments
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□I wouldn't spend my time with either of those. Dummies might be a nice quick overview, but there's no way it's going to fill in any gaps from the AIO.
You should definitely pick up the official guide: http://www.amazon.com/Official-ISC-Guide-CISSP-Press/dp/0849382319/ref=pd_bbs_sr_2?ie=UTF8&s=books&qid=1215114620&sr=1-2
And I see this one highly recommended as well: http://www.amazon.com/Information-Security-Management-Handbook-Sixth/dp/0849374952/ref=wl_it_dp?ie=UTF8&coliid=I1N3F05FGL5MCY&colid=BQRJ4R1QKAS2 -
RTmarc Member Posts: 1,082 ■■■□□□□□□□I'm going to be completely honest, the only thing I used in preparation for the CISSP exam was the AIO 4th Edition, the MP3s and DVDs for the book, and the Free Practice Exam site.
-
JDMurray Admin Posts: 13,099 AdminFor the CISSP exam, I'm pretty much sticking with the AIO 3rd ed, (ISC)2 CISSP Gold Book, selected readings from the InfoSec manual 6th ed., and freepracticetests.org. The study material you use will also depend on how much InfoSec knowledge and experience you already have. If not a lot, there's several relevant NIST Special Publications (SP 800-12, SP 800-14, SP 800-30, SP 800-34, etc.) and ISO 27001 you should read through as well.
Correction: It's ISO 27002--not 27001--that's significant to the CISSP exam. -
LarryDaMan Member Posts: 797JD, have you set a target date for the CISSP?
I enjoyed reading about your SSCP experience, but I was suprised to learn that there are only around 500 SSCPs in the U.S in comparison to 38,000 CISSPs. Do you think that gap will shrink as the SSCP becomes better known?
Although I am 3 months from taking the CISSP ( CISSP on 10/19..I sit for Security+ on Monday 7/7), I am developing an unhealthy obesession with everything CISSP. I think I have more study materials than I will ever have time to read/watch. -
JDMurray Admin Posts: 13,099 Adminlarrydaman wrote:JD, have you set a target date for the CISSP?larrydaman wrote:I enjoyed reading about your SSCP experience, but I was suprised to learn that there are only around 500 SSCPs in the U.S in comparison to 38,000 CISSPs. Do you think that gap will shrink as the SSCP becomes better known?larrydaman wrote:Although I am 3 months from taking the CISSP ( CISSP on 10/19..I sit for Security+ on Monday 7/7), I am developing an unhealthy obesession with everything CISSP. I think I have more study materials than I will ever have time to read/watch.
-
LarryDaMan Member Posts: 797I saw this credential headcount link from ISC2, its says it is accurate as of June 2008, but it may be old...
https://www.isc2.org/cgi-bin/content.cgi?page=11399 -
JDMurray Admin Posts: 13,099 Adminlarrydaman wrote:I saw this credential headcount link from ISC2, its says it is accurate as of June 2008, but it may be old...
https://www.isc2.org/cgi-bin/content.cgi?page=11399 -
RTmarc Member Posts: 1,082 ■■■□□□□□□□JDMurray wrote:For the CISSP exam, I'm pretty much sticking with the AIO 3rd ed, (ISC)2 CISSP Gold Book, selected readings from the InfoSec manual 6th ed., and freepracticetests.org. The study material you use will also depend on how much InfoSec knowledge and experience you already have. If not a lot, there's several relevant NIST Special Publications (SP 800-12, SP 800-14, SP 800-30, SP 800-34, etc.) and ISO 27001 you should read through as well.
Correction: It's ISO 27002--not 27001--that's significant to the CISSP exam. -
JDMurray Admin Posts: 13,099 AdminRTmarc wrote:27001:2005 is still important to know and is what people will probably be tested on. ISO 27002 has not yet made it into this version of the CISSP exam.
-
RTmarc Member Posts: 1,082 ■■■□□□□□□□JDMurray wrote:RTmarc wrote:27001:2005 is still important to know and is what people will probably be tested on. ISO 27002 has not yet made it into this version of the CISSP exam.
-
JDMurray Admin Posts: 13,099 AdminRTmarc wrote:17799 has been renamed 27001. You are correct in everything you have said. I was just making the comment that the changes have not been made in the CISSP material as of yet. Most likely, this will change with the next revision.
-
RTmarc Member Posts: 1,082 ■■■□□□□□□□I've heard nothing as of yet, but when-if I do, I'll let you know.