I've never reviewed a book before, but it seems especially helpful to review an exam preparation book because, after taking the exam, you can objectively say whether or not the book worked. Bottom line: this book and the accompanying practice exam questions were my primary resources, and I passed easily with a 93%.
I also went through a class with the official EC-Council material, and the class didn't teach me anything useful that wasn't in the book. You'll drown in the 1,500+ slides that comprise the official material while this book focuses on the items that matter and presents them more clearly. The practice exam questions were very similar to the real exam questions I got. The practice exam questions were actually of higher quality and more challenging.
I like that the book presents both sides of the issues where EC-Council seems to be wrong or omitting something important, so you'll learn what you need for the exam while also learning about real-world security and penetration testing.
My first criticism is that the book has too much fluff in it. The author wastes a number pages talking about irrelevant things like his childhood in Alabama, his daughters, and movie plots, but then says elsewhere that he doesn't have enough pages to further explain some technical point. I just skipped the first couple pages of a few chapters.
Secondly, some statements and explanations are "not quite right" or at least incomplete. I have a pretty strong background in certain areas, and the book made me cringe when it talked about those areas. Maybe this is just the nature of certification exams; they are all "a mile wide and an inch deep," so you get just a few sentences about lots of related topics. The problem is that it's hard to accurately reduce technical things to a just a few sentences. You'd learn a lot more by treating the book as a list of things to study and then reading the Wikipedia pages for each of those things.
New Year, New You
Ideas to start the year
Shop now