RE: studying guide/book for CISSP

[jayson () bombardier com]

Mark,

Most of the general 'study' and 'prep' books will serve you well and the
training session should fill in whatever gaps remain, so don't stress too
much about which book(s) to read.  One set you definitely need to have in
your personal library are the 'Information Security Management Handbook'
(both volumes) by Tipton & Krause.  If you're working in an environment
where you may have to do mainframe work, then you should try to get your
hands on the original 'Information Security Management Handbook'.  It is
one volume has a grey cover and was printed in 1993.  I managed to get one
at a used book sale a couple of years ago.

Keep in mind that the CISSP exam is geared to test your knowledge, not what
you have remembered.  There are some questions that are clear giveaways,
others clearly have two correct answers, and this is where the real test
lies.  You have to figure out which is the 'most' correct, the best way to
do this is to read each question carefully, underline the key words.  Some
questions will use double negatives.

If you have been working in computer/networking/security for several years
and read many of the regular trade rags you should do well enough to pass.

Good luck!

Jayson Agagnier, CISSP, CISA, CIFI
Bombardier Aerospace

> From: Mark W. Webb [mailto:mark () dolphtech com]
> Sent: Mon 11/22/2004 10:15 AM
> To: security-basics () securityfocus com
> Subject: studying guide/book for CISSP
>
>
>
> I just found out that I will be attending a CISSP training session next
> month, and also taking the CISSP test thanks to my employer.  I would
> like to pick up a book that I can start reading that will help me in
> advance to study for the course and test.  Can anyone who has been in
> this situation help me out.  No flame wars please :-)




E-mail disclaimer:
This message contains information, which is intended for the sole
use of the recipient or authorized representative. Any person who
receives this e-mail by mistake shall immediately notify the
sender and destroy it. E-mail transmissions cannot be guaranteed
to be error-free as information could be intercepted, altered, or
contain viruses. The sender therefore does not accept any
liability for damages caused by the fraudulent alteration of this
message including, without limitations, damages caused by any
virus transmitted by it.

Ce message contient de l'information destinée au seul usage du
destinataire ou de son représentant autorisé. Toute personne qui
reçoit ce courriel par erreur doit en aviser immédiatement
l"expéditeur et détruire le courriel. Les transmissions de
courriels ne peuvent être garanties exemptes d'erreurs puisque
l'information peut être interceptée, modifiée ou contenir des
virus.  L'expéditeur ne peut donc accepter de responsabilité
quant aux dommages causés par une modification frauduleuse du
message, y compris, sans s'y limiter, tout dommage occasionné par
un virus qu'il aurait transmis.