Official Guide to CISSP CBK 3rd

TheProfezzor

Hey,

I was going through Shon Harris AIO and, I am finding it very verbose. When I try to read Eric Conrad 2nd, it seems too concise. I was wondering, since the examination covers topics taken from the Official guide, would it be good if I stick to it?. Any suggestions to lower the anxiety would be good. Thanks again.

philz1982

Eric Conrad's book and the PDF you shared in your other post worked fine for me. With your certs and experience you should fly through the CISSP. May want to make sure your networking is solid, as understanding the TCP and OSI models helped a bunch.

This is a business exam with technical aspects not a technical exam with business aspects. If you think how will this impact the business on each question you will do fine.

teancum144

TheProfezzor wrote: »

Hey,

I was going through Shon Harris AIO and, I am finding it very verbose. When I try to read Eric Conrad 2nd, it seems too concise. I was wondering, since the examination covers topics taken from the Official guide, would it be good if I stick to it?. Any suggestions to lower the anxiety would be good. Thanks again.

I haven't taken the exam yet, so take my comments with a grain of salt.

From reading the feedback in the forum and elsewhere, most people -- who know the material and yet fail -- get tripped up on the exam's language/wording. I've read 759 pages of the AIO book and about 200 pages of the OG. I've noticed that the terminology and definitions used in the two books differ enough to concern me. Successfully answering many of the questions may require us to recognize and place the proper meaning behind the particular wording used in the OG. As JDMurray points out:

Just realize that the OIG CISSP CBK is use as a primary reference for actually creating CISSP exam items while Harris' materials are not used at all. Look at the CISSP CIB for more references to "offical" study material for the CISSP.

Source: http://www.techexams.net/forums/isc-sscp-cissp/98795-shon-harris-aioli-5th-edition-too-old.html#post834488

I'm using the OG as my primary reference because I want to be familiar with the specific terminology used in the OG and understand how that terminology is defined in the OG. My hope is that by taking this approach, I will experience less confusion when interpreting questions and deciphering between multiple answers that might otherwise all appear correct.

As an example, question 15 on page 608 of the OG asks you to select the benefits of establishing clear security goals. A list of 16 benefits is provided on pages 480-481. I couldn't find anything similar in the AIO book. Also, I find many topics covered in the AIO book that are not mentioned at all in the OG.

In short, while I plan to read both, I'm using the OG as my primary reference.

philz1982

To piggy back on what you said. Use books outside the OG to build the concepts. Memorize the terms, I made a glossary for myself, and memorize the technical documents with the PDF at kila something or another website.

Read the SAN's articles on encryption, Kerberos, Security Policies, Due Diligence vs Due Care....

voodoo26

I moved to OG from Shon Harris AIO. I read couple of domains from OG and i could say that each line of this book has solid information and is not distracting the topic and providing all information you will need for CISSP exam. (This is what i am thinking). I will be continue with OG i guess. I suggest to make a study plan with CIB and with OG.

After failing first attempt i checked consistency of CIB and CISSP exam questions, and it perfectly matches. I strongly recommend to keep a copy of CIB and cover all topics in CIB and make your study parallel with OG (or any other study guides). I do not mean that you wont pass with any other CISSP study sources of course you can and there are a lot of members passed without OG. I just say keep OG in your study plan also. I am sure that will help you.

Good luck to everyone.