IT Employment

General discussion


CISSP Certification

By roger ·
HAs anybody recived this cert? I am interested in pursuing it, and have down loaded the study guide from ISC2, but was wondering if there are books that cover the 10 domains specifically in reference to the test. Thanks in advance for your help.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Source of Information

by robert.yanus In reply to CISSP Certification

A book covering the 10 domains does exist

Information Security Management Handbook
4th edition. Authors - Harold F. Tipton and Micki Kraus. PUblished by Auerbach Publications 1-800-272-7737. Available at ISBN-0849398290.

Collapse -

Try Shaun Harris

by bdoughman In reply to CISSP Certification

Shaun Harris is the official guide, but a better exam syle guide can be found at

Collapse -

Yeah, just become a paper cert

by WilliamK99 In reply to Try Shaun Harris

Why do people continually advertise known brain dumps, when they know it just waters down the c ertification, making it basically worthless.

If you are trying to be certified by going to braindumps, you are doing noone a favor because I guarantee you when your network has a security flaw, will not be there to save your ***.

Collapse -

Two Decent Books + Other CISSP Comments

by ExpatJohn In reply to CISSP Certification

This post is 5 1/2 years old. Maybe you have taken the test and the advice here is worthless, but for others who may stumble across it in the future, I'll put down my two cents.

I have been studying for two in preparation for a CISSP in August (2006). Two books I would highly recommend are:

> The Official (ISC)2 Guide to the CISSP Exam Hansche, Berti, Hare
ISBN: 0-8493-1707-X (ISC)2 Press

> The CISSP Prep Guide Krutz, Vines
ISBN: 0-471-41356-9 Wiley

Both are long and hard reads and it takes me several reviews of each section to fully take it in. Remember that the CISSP was not intended for IT pros going into security; it was designed for non-IT people (accountants, etc.) to insure they have a good working knowledge of what makes systems go. In other words, it was not originally intended to be an IT-specific cert.

But, being in IT is a good thing for this cert, of course. It certainly doesn't hurt.

Try hooking up with your local ISSA chapter, too. ( Folks there can give you some good advice.

I have to agree with WilliamK and his assessment. You can braindump MCSE exams and really learn the systems later, and that will probably be OK. But the CISSP is different...if you braindump that, you are just shortchanging yourself and others who have really taken the test. Managing a server is one thing, having a proactive vision for network security and a decent knowledge of legal and ethical issues is far and away another thing entirely.

Collapse -

Agreed... and there are experience requirements as well

I received this cert last year, and have done a lot to learn beyond this. I used Shon Harris' book, which I felt was starting to feel dated, but still provided enough for me to fill out areas I didn't know already.

I've found that people "like" the cert, but really rely on years of experience actively configuring networks, firewalls, implementing secure solutions and systems, with some wanting pen-testing experience as well.

While this cert may seem more like a "paper cert" for techies (mile wide-inch deep), the day is rapidly coming to a close where this cert carries your job. You're now expected to get in and get things done, which is a good thing.

Related Discussions

Related Forums