The Certified Information Systems Security Professional (CISSP) rating is difficult to earn and rare in the marketplace, which means you're a valuable commodity if you've proven your skills by passing the exam. The CISSP Prep Guide, one of only a handful of books on its subject, does a good job of giving readers a feel for the scope of the test and the style of its questions. It's ideal for use either as a preliminary survey of the CISSP subject areas (the test's publisher and the authors of this book call them "domains") for relative newcomers to computer security, or as a pure study guide to help more experienced professionals zero in on the weak spots in their knowledge. Don't expect to do well on the CISSP exam having only read this book. You'll want to have some practical experience and some specialized reading under your belt.
Ronald Krutz and Russell Vines are good writers and fine teachers; they explain the wide-ranging CISSP domains (which have to do with everything from cryptographic algorithms to fire-suppression techniques to legal principles). They take care to explain potentially unfamiliar terms--there's a good glossary in the back of this book--and employ conceptual diagrams well. However, the answer keys for the sample questions that conclude each chapter aren't annotated and some readers will wish for more references to specialized sources. --David Wall
Topics covered: The subjects covered by the Certified Information Systems Security Professional (CISSP) exam published by the International Information Systems Security Certification Consortium, including cryptography, access control, security policy, legal matters, and the physical safety of information, equipment, and people.
With the growing threat of computer viruses and Internet security breaches, companies are fiercely headhunting for CISSP certified security professionals. The industry standard test on IT security, the Certified Information Systems Security Professionals (CISSP) exam is administered 16 times per year throughout the U.S. and Europe. This book serves both as a prep guide for IT professionals seeking to advance their careers through CISSP certification and as a reference for readers who need a fundamental end-to-end security reference book. Co-authored by Ronald Krutz, this handy guide explains the ten security domains covered by the exam, from security management to cryptography to disaster recovery planning to legal and ethical issues. Sample questions and answers are also included.