CISSP - Which book would you use?

I just got home from the bookstore. I purchased the 5th edition of the Shon Harris AIO CISSP. I see at amazon.com that the 6th edition of the book will be out in November. I wanted to get started with studying for my CISSP test this weekend and take my test by March 2013. Would you keep the 5th edition book or return it, buy the 6th edition book in November and loose a month (valuable time) of study time? Thanks.

techjones

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

spicy ahi

I'll first assume that you've taken a trip to the ISC2 website to peruse the changes made to the CISSP exam along with downloading the CIB to use as a study outline (hint) My honest take is that there isn't any big changes of consequence between the "old" version and the updates for 2012. So if you don't mind doing a little bit of extra work and comparing the CIB along with the changes to map out the chapters in the 5th ed., I'd say just keep it. Of course, you could also return it and order the 6th ed. book while picking up another book in the interim. Something easy to chew on in a month but enough that you're not wasting your time. I recommend the latest CISSP for dummies book for that, since there's an edition that just came out I guess about a month ago.

JDMurray

You won't be doing yourself much good if the 5th or 6th edition of AIO will be your only study resource. Go with what spicy said.

Here's the link to the CISSP Candidate Information Bulletin.

technologyjones

Thank you very much Spicy Ahi. I just downloaded the CIB and will take your advice.

technologyjones

Hello Mr. Murray,

The AIO book will not be my only resource, it is the only book I purchased tonight. I will take Spicy's advice. Here is my list of resources, let me know what you think.

MY STUDY MATERIALS:

Shon Harris AIO book
Shon Harris Practice Exams book
Eric Conrad CISSP Study Guide
Eric Conrad 11^th Hour book
Freepracticetests.org
Practice tests from each book
Practice tests from ISC2 for CISSP - studiscope
Practice tests on Shon Harris website

swild

I bought several books for my studies and really only used 2 sources: CCCURE.org and the Eric Conrad CISSP Study Guide. I really feel that the Conrad book went to the perfect depth of the topics while the AIO was overkill. After I finished the Conrad book, it did more than 1000 practice questions on the CCCURE test database and then googled each and every question that I missed. While I feel that there are a whole lot of questions on that site that are WAY too hard for that test, others say that the opposite.

AlexNguyen

technologyjones wrote: »

Here is my list of resources, let me know what you think.

I only used Shon Harris' AIO 5th Edition, Shon Harris' CISSP DVD, The CISSP and CAP Prep Guide, and CISSP for Dummies book. I did not know about ccecure when I prepared for the exam. I've read only the first 4 chapters of Shon Harris' AIO book and got bored. So I've only read the chapter's summary of the rest of the book and did answer to all the questions at the end of each chapter. I did view Shon Harris' DVD twice during one month. I took one week off before the exam to read the books and review the questions.

technologyjones

AlexNguyen,

From start to finish, how much time did you spend preparing for the CISSP exam? Did you take the exam this year or last year?

krupal_bhatt

So the question is how to use Shon Harris book ?

AlexNguyen

@technologyjones: I've spent about 6 weeks to prepare for the exam, 3 to 4 hours during weekdays and 10 to 12 hours during weekends. For the last week before the exam, I spent 12 to 14 hours per day. I've passed the exam 2 years ago. We have a senior security consultant working for us. He's a CISSP and needs CPE hours before the year end. So he proposed to teach us a free CISSP bootcamp class on site, 1 day per week during 5 weeks. He used to teach that class in one week. That was the first time I've heard about CISSP certification. I had over 20 years of experience in IT and never need to have a cert to get a job.

technologyjones

swild,

Thank you for the good info regarding the Eric Conrad book. My local bookstore does not have it (just the Shon Harris AIO and CISSP for Dummies books). I will order the Conrad book from Amazon.com.

technologyjones

Thank you. Hopefully I will be ready to take the test in 3 months, but I am certain I will be ready by March 2013.

millerstreet

A lot has changed in two years and a lot of the links on this page are non-existent or very outdated.

My take on this is that the Eric Conrad book is very good, and Shon Harris is highly overrated and way too in-depth. I also can't stand her blatant sexism and political jibes she tosses into her book. You can do way better. The Information Security Management Handbook 6th ed is good as well.

I did an online boot camp with an InfoSec company that I was very disappointed in. The instructor was too up on their own status, and the study guides were outdated as well - which for over $2,000 for the class was unforgivable. Unfortunately I can't suggest a better one unless you can go to the US Army one (in Georgia, I believe). If you're a member of any of the armed services, you can attend and the Gov't will pay the bill. It's just another school that is cross-service.

I also got my test results as soon as I walked out to the reception area (with about 15 people all looking at me to see if I passed. Very nerve-wracking. I wasn't nervous until I saw them looking at me

Then you just need to have a sponsor and validate your work credentials. Long process, but not too bad.

Good all - it's a lot of work.

vasyvasy

If you can return the AIO book, that would be a very good thing (and don't buy the 6th edition)
I would also recommend the Eric Conrad books: the CISSP Study Guide 2nd Ed and 11th hour... both are extremely useful and lack the boring parts of SH
In my opinion, it would be best to read the Eric Conrad books twice - and google/wiki the parts you don't understand - than to read through 1300+ pages of nonsense

Ah, also... the cccure tests are outdated but valuable in explaining the answers