The Official (ISC)2 Guide to the CISSP CBK Reference Hardcover – 7 June 2019
|New from||Used from|
Frequently bought together
From the Back Cover
"The opportunity has never been greater for dedicated men and women to carve out a meaningful career and make a difference in their organizations. The CISSP CBK will be your constant companion in protecting and securing the critical data assets of your organization that will serve you for years to come." - David Shearer, CISSP, CEO of (ISC)2
Information security professionals play a pivotal role in protecting the essential fabric of business, finance, communications, and virtually all aspects of 21st century daily life. This all-new, authoritative Common Body of Knowledge (CBK(R)) from (ISC)2 provides a resource for IT professionals who are designing, engineering, implementing, and managing information security programs to protect their organizations from increasingly sophisticated attacks.
With exhaustive coverage of all eight domains of CISSP, this book provides a comprehensive guide to applying these principles in everyday practice. The 300+ CISSP objectives and sub-objectives are covered in a format that supplies common practices for each, a common lexicon with definitions, and appropriate references to both widely accepted computing standards and case studies that highlight successful approaches to problems. Written and reviewed by a team of highly knowledgeable CISSPs representing a variety of organizations and roles, it explains and defines all things related to CISSP.
Explored in depth are Security and Risk Management, Asset Security, Security Engineering, Communications and Network Security, Identity and Asset Management, Security Assessment and Testing, Security Operations, and Software Development Security. From understanding essential security concepts to the exercise of due care, legal compliance, professional ethics, and practical defense against an ever-growing variety of attacks, this book constitutes a vital reference that will serve you well throughout your career.
About the Author
Review this product
2 customer reviews
Most helpful customer reviews on Amazon.com
I had high hopes for this book, but after finished 3 domains I'm at my wits end on how just completely unnecessary the book chooses to write sentences as well as using over the top vocabulary. It's just not needed. Studying for the CISSP using this book is fighting a two-front war. You're trying to understand the material WHILE trying to decipher the damn sentences as well.
This book WILL slow your studying down. I wish I never spent the $60.
Vocabulary example: "Overwrought process and bureaucracy are a pernicious drain on the viability and quality of a software project."
Headache example: "Relating data among tables in this fashion also reduces data duplication because the relation allows for each of the data elements represented in tables throughout the schema to be associated and meaningfully referenced with other data without necessarily having to duplicate the data to make these connections."
It seems that some materials are typos or misplacements. e.g., the official risk definition from ISC2 (I'd replace the "likelihood" with "magnitude") and the “FIGURE 3.4 Brewer-Nash security model” on page 236 (I believe it should be the Clark-Wilson model).
This book is good but still not good enough, but I would suggest CISSPs and CISSP aspirants put one on your bookshelf, as it stands for the official viewpoint of the CISSP CBK (Common Body of Knowledge), and the only official source available.
The following is my evaluation for your reference:
- Matching the CISSP exam outline to the first level of topics in each domain
- Trending materials
- Smaller in size
- No review questions
- No appendix for supplement materials or document templates
- No glossary
- No suggested references