Product Description

A comprehensive, up-to-date revision of the market-leading CISSP training resource

Written by the bestselling author and a respected IT security trainer, this exam guide offers complete coverage of all the material on the Certified Information Systems Security Professional (CISSP) exam.With full treatment of all the 10 exam domains, as developed by the International Information Systems Security Certification Consortium (ISC2), this definitive tool contains learning objectives at the beginning of each chapter, sidebars with in-depth technical explanations, practice questions, and real-world scenarios.

Detailed and authoritative, CISSP All-in-One Exam Guide, Fourth Edition serves as both a comprehensive certification study guide and a fundamental on-the-job reference. The CD-ROM includes more than 250 simulated practice questions in a Windows-based test engine, an electronic book, and video training from the author.

Product Details

• Amazon Sales Rank: #111986 in Books
• Published on: 2007-12-01
• Original language: English
• Number of items: 1
• Binding: Hardcover
• 1145 pages

From the Back Cover

All-in-One is All You Need

Fully revised for the latest exam release, this authoritative volume offers thorough coverage of all the material on the Certified Information Systems Security Professional (CISSP) exam. Written by a renowned security expert and CISSP, this guide features complete details on all 10 exam domains developed by the International Information Systems Security Certification Consortium (ISC²). Inside, you'll find learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations. CISSP All-in-One Exam Guide, Fourth Edition will not only help you pass the test, but also be your essential on-the-job reference.

Covers all 10 subject areas on the exam:

• Access control
• Application security
• Business continuity and disaster recovery planning
• Cryptography
• Information security and risk management
• Legal, regulations, compliance, and investigations
• Operations security
• Physical (environmental) security
• Security architecture and design
• Telecommunications and network security

The CD-ROM features:

• Simulated exam with practice questions and answers
• Video training from the author
• Complete electronic book

About the Author

Shon Harris, CISSP, MCSE, is the president of Logical Security, an IT security consulting and training company. She is a former engineer in the Air Force's Information Warfare unit, an instructor, and the bestselling author of the previous three editions of this book. Shon has taught computer and information security to a wide range of clients, including RSA, the Department of Defense, the Department of Energy, the National Security Agency (NSA), and many more.

Customer Reviews

Comprehensive, but a slightly disappointing update
I bought this book having passed CISSP 3 years ago using the second edition as my main reference. The fourth edition is significantly thicker, and has clearly been updated with a good amount of new material.

Some niggles I had with it though:
- the practice questions do not seem to have been updated, which means that the new material has not made it into the practice questions, and they don't reflect any changes in the exam (e.g. the new 'scenario based' questions). In my opinion the questions form a very important part of the book since they are key to preparing for the exam and measuring progress in understanding the topics.
- there are some annoying errata in the new material. For example BS7799 is referred to as BS7700 in one place, and the error is repeated in the Quick Tips at the end of the chapter. The same section refers to the "future" renaming of ISO 17799 to 27002. This happened mid-2007 and the book was published in 2008.

Having said that, this book still contains a massively comprehensive coverage of the CISSP course in a style which is never too dry and always very readable. Which in itself is an impressive achievement with such a range of technical subjects. As well as the new technical material many of the 'real world' discussions have also been brought up to date in light of recent events.

In summary I think that this book is going to do the job again as my main reference for the CISSP exam and I would not hesitate to recommend it to anyone preparing for the CISSP exam. I just wish it had some new questions for me to try.

Useful but not enough on its own
I bought this and the official book as preparation for the exam (passed0. I also went on a course.

Everyone on the course who expressed an opinion said that the "official" book was unreadable and that the Shon Harris book was much better. On the other hand, I read the entire official book and thought that the Shon Harris book was incomprehensible at times - maybe most of the attendees were "techies". There was stuff in the official book that wasn't in the Shon Harris book. On the other hand there was also stuff in the Shon Harris book that wasn't in the official book. Both books had a lot more material than was in the course notes.

I thought that the official book was easier to read (different from all the views expressed on the course and on Amazon) but that the Shon Harris book had better section summaries and practice questions. But then I bought both together (a small discount on Amazon).


Neither of the books have "scenario" type practice questions which now feature in the actual exam.

So I would recommend it as a buy, but it isn't enough on its own.

Poor structure and style
The book is fairly comprehensive, but I found the structure of the section headings made it very difficult to read. In contrast to the Exam Cram and Sybex books, there is little "this is really important" highlighting critical areas. The CD questions accompanying the book are good. The jokey style becomes annoying after your 4th re-read during revision. As it is a huge hardback, carrying it around is a real pain. I eventually purchased the Sybex / Stewart CISSP book and found that a better learning tool, although at a much higher price.