What do you think?
Rate this book
Official (ISC)2 Guide to the CISSP CBK
As a result of a rigorous, methodical process that (ISC)� follows to routinely update its credential exams, it has announced that enhancements will be made to both the Certified Information Systems Security Professional (CISSP) credential, beginning April 15, 2015. (ISC)� conducts this process on a regular basis to ensure that the examinations and subsequent training and continuing professional education requirements encompass the topic areas relevant to the roles and responsibilities of today's practicing information security professionals.
Refreshed technical content has been added to the official (ISC)� CISSP CBK to reflect the most current topics in the information security industry today. Some topics have been expanded (e.g., asset security, security assessment and testing), while other topics have been realigned under different domains. The result is an exam that most accurately reflects the technical and managerial competence required from an experienced information security professional to effectively design, engineer, implement and manage an organization's information security program within an ever-changing security landscape.
The domain names have been updated as follows:
CISSP Domains, Effective April 15, 2015
Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity) Asset Security (Protecting Security of Assets) Security Engineering (Engineering and Management of Security) Communications and Network Security (Designing and Protecting Network Security) Identity and Access Management (Controlling Access and Managing Identity) Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing) Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery) Software Development Security (Understanding, Applying, and Enforcing Software Security)
Some candidates may be wondering how these updates affect training materials for the CISSP credential. As part of the organization's comprehensive education strategy and certifying body best practices, (ISC)� training materials do not teach directly to its credential examinations. Rather, (ISC)� Education is focused on teaching the core competencies relevant to the roles and responsibilities of today's practicing information security professional. It is designed to refresh and enhance the knowledge of experienced industry professionals.
Refreshed technical content has been added to the official (ISC)� CISSP CBK to reflect the most current topics in the information security industry today. Some topics have been expanded (e.g., asset security, security assessment and testing), while other topics have been realigned under different domains. The result is an exam that most accurately reflects the technical and managerial competence required from an experienced information security professional to effectively design, engineer, implement and manage an organization's information security program within an ever-changing security landscape.
The domain names have been updated as follows:
CISSP Domains, Effective April 15, 2015
Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity) Asset Security (Protecting Security of Assets) Security Engineering (Engineering and Management of Security) Communications and Network Security (Designing and Protecting Network Security) Identity and Access Management (Controlling Access and Managing Identity) Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing) Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery) Software Development Security (Understanding, Applying, and Enforcing Software Security)
Some candidates may be wondering how these updates affect training materials for the CISSP credential. As part of the organization's comprehensive education strategy and certifying body best practices, (ISC)� training materials do not teach directly to its credential examinations. Rather, (ISC)� Education is focused on teaching the core competencies relevant to the roles and responsibilities of today's practicing information security professional. It is designed to refresh and enhance the knowledge of experienced industry professionals.
- GenresScience
1304 pages, Hardcover
First published November 1, 2014
38 people are currently reading
93 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 6 of 6 reviews
February 20, 2016
I read through this book cover-to-cover in preparation for the CISSP exam. The 4th edition contains the updated, newly organized The book uses many writers, sometimes multiple per domain which results in disjointed and often repeated (sometimes nearly verbatim) writing. Due to the "Official" nature of the book, it is very dryly written, analogously to a dictionary. Shon Harris (and her nearly entertaining writing style) will be sorely missed. I read her exam guide prior to this one and I now understand why her books were so highly rated. The ISC2 authors make no attempt to provide interesting material and it shows. Another, albeit minor, annoyance with this book is the very limited number of test questions provided. If you study with only this book, you will need to supplement with test questions through another source (once again another place where the Harris version was leaps and bounds ahead).
If you can use this book as a reference and utilize another book as one to read cover-to-cover, I would recommend doing so.
If you can use this book as a reference and utilize another book as one to read cover-to-cover, I would recommend doing so.
September 20, 2018
Stopped reading this book a third of the way through because I found it to be unorganized and poorly edited to the point that comments I penciled in the margins had more to do with these issues than what I needed to study. Buy it on sale or spend your hard earned dollare elsewhere.
December 5, 2016
This is the real stuff!
This CBK touches on almost every aspect of security, and the knowledge of these materials should be considered as a basic requirement for any security professional.
This CBK touches on almost every aspect of security, and the knowledge of these materials should be considered as a basic requirement for any security professional.
November 5, 2015
A lot of redundance and material that isn't in the test. The test is mostly about the management of thought process of the concepts within the text and not the nuances or technical errata.
Read
September 3, 2015Location: PTI IRC
Accession No: DL027494
Accession No: DL027494
July 26, 2016
Good info, not a lot of depth. A good supplement.
Displaying 1 - 6 of 6 reviews