CISSP Certification All-in-One Exam Guide by Shon Harris

From Barnes & Noble

The Barnes & Noble Review
Statistics can be misleading, but last year, security professionals who earned (ISC)2’s CISSP certification reported earning an average $7,140 raise as a result. That’s the second highest payback of 37 credentials studied by Certification magazine, and it reflects a first-year ROI of 7.9 to 1.

Over the past two years, CISSP has clearly emerged as the industry’s No. 1 security certification. For instance, when the U.S. National Security Agency sought to establish its own elite infosecurity certification, it partnered with (ISC)2 to build that certification on top of CISSP. If that’s not an endorsement, what is?

To earn your CISSP, you need to pass one brutally tough exam. It’s six hours long, with 250 questions covering all ten domains of the CISSP “Common Body of Knowledge. That means you’ll need a deep understanding of everything from networking to operations, cryptography to law, access control to disaster recovery. Fortunately, there’s an equally systematic study tool: CISSP All-in-One Certification Exam Guide, Second Edition by Shon Harris.

Harris is a member of the U.S. Air Force’s Information Warfare unit, as well as contributing writer to Information Security magazine. (She contributed some of the toughest scenarios in the recent bestseller Hacker’s Challenge.)

She’s also “starred” as instructor in a series of weeklong CISSP bootcamps, earning raves from attendees who paid several thousand dollars apiece to participate. As one put it recently, “Shon lives and breathes the 10 Domains. A more qualified and capable CISSP instructor you could not find.”

She’s just updated her study guide to fully reflect the just-released version of the CISSP exam, with new coverage of the latest topics -- from wireless LAN security to penetration testing, asynchronous attacks to transborder information flow.

The new coverage is woven into clear and careful discussions of every exam objective. To name just a few: authentication, passwords, monitoring, firewalls, security models, physical security, protecting software applications, network security up and down the ISO stack, PKI, attacks and countermeasures, and incident investigation.

Harris is especially strong when it comes to day-to-day, “non-sexy” security management practices that systematically reduce the risk of attack or compromise.

Here, she addresses everything from risk management to policies and procedures, security baselining to information classification, security organization to internal training and awareness programs. You’ll especially appreciate her detailed walk-throughs of qualitative and quantitative risk analyses, and her list of 19 factors to take into account when evaluating safeguards.

CISSP All-in-One Certification Exam Guide, Second Edition is replete with practical examples and scenarios. Best of all, Shon Harris brings exceptional real-world insight to information security. Pros. Cons. Limitations. Trade-offs. And if you like sample questions, this book is a bonanza. You’ll find more than 1,000, including hundreds on CD-ROM.

That disk also contains live video training from Shon Harris -- so you can see for yourself what top security professionals gladly paid thousands of dollars for. Bill Camarda

Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks for Dummies, Second Edition.

From the Publisher

All-in-One is All You Need

Fully revised for the latest exam release, this authoritative volume offers thorough coverage of all the material on the Certified Information Systems Security Professional (CISSP) exam. Written by a renowned security expert and CISSP, this guide features complete details on all 10 exam domains developed by the International Information Systems Security Certification Consortium (ISC²). Inside, you'll find learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations. CISSP All-in-One Exam Guide, Fourth Edition will not only help you pass the test, but also be your essential on-the-job reference.

Covers all 10 subject areas on the exam:

• Access control
• Application security
• Business continuity and disaster recovery planning
• Cryptography
• Information security and risk management
• Legal, regulations, compliance, and investigations
• Operations security
• Physical (environmental) security
• Security architecture and design
• Telecommunications and network security

The CD-ROM features:

• Simulated exam with practice questions and answers
• Video training from the author
• Complete electronic book

Shon Harris, CISSP, MCSE, is the president of Logical Security, an IT security consulting and training company. She is a former engineer in the Air Force's Information Warfare unit, an instructor, and the bestselling author of the previous three editions of this book. Shon has taught computer and information security to a wide rangeof clients, including RSA, the Department of Defense, the Department of Energy, the National Security Agency (NSA), and many more.

Product Details

• Table of Contents

Table of Contents