The Certified Information Systems Security Professional (CISSP) rating is difficult to earn and rare in the marketplace, which means you're a valuable commodity if you've proven your skills by passing the exam. The CISSP Prep Guide, one of only a handful of books on its subject, does a good job of giving readers a feel for the scope of the test and the style of its questions. It's ideal for use either as a preliminary survey of the CISSP subject areas (the test's publisher and the authors of this book call them "domains") for relative newcomers to computer security, or as a pure study guide to help more experienced professionals zero in on the weak spots in their knowledge. Don't expect to do well on the CISSP exam having only read this book. You'll want to have some practical experience and some specialized reading under your belt.

Ronald Krutz and Russell Vines are good writers and fine teachers; they explain the wide-ranging CISSP domains (which have to do with everything from cryptographic algorithms to fire-suppression techniques to legal principles). They take care to explain potentially unfamiliar terms--there's a good glossary in the back of this book--and employ conceptual diagrams well. However, the answer keys for the sample questions that conclude each chapter aren't annotated and some readers will wish for more references to specialized sources. --David Wall

Topics covered: The subjects covered by the Certified Information Systems Security Professional (CISSP) exam published by the International Information Systems Security Certification Consortium, including cryptography, access control, security policy, legal matters, and the physical safety of information, equipment, and people.


From Book News, Inc.
Helping to prepare for the Certified Information System Security Professionals exam, this book covers the common body of knowledge as defined by the International Information Systems Security Certification Consortium. Chapters address security management practices, access control systems, telecommunications and network security, cryptography, security architecture and models, operations security, applications and systems development, business continuity and disaster recovery planning, law and ethics, and physical security. Krutz is a CISSP instructor. Vines is a security consultant.Copyright © 2004 Book News, Inc., Portland, OR


Review
"...fulfils its purpose well and forms a good introduction to the concepts and jargon used in all areas of IT security...worth having as a reference dictionary..." (Computer Bulletin, September 2002)


Review
"...fulfils its purpose well and forms a good introduction to the concepts and jargon used in all areas of IT security...worth having as a reference dictionary..." (Computer Bulletin, September 2002)


Book Description
With the growing threat of computer viruses and Internet security breaches, companies are fiercely headhunting for CISSP certified security professionals. The industry standard test on IT security, the Certified Information Systems Security Professionals (CISSP) exam is administered 16 times per year throughout the U.S. and Europe. This book serves both as a prep guide for IT professionals seeking to advance their careers through CISSP certification and as a reference for readers who need a fundamental end-to-end security reference book. Co-authored by Ronald Krutz, this handy guide explains the ten security domains covered by the exam, from security management to cryptography to disaster recovery planning to legal and ethical issues. Sample questions and answers are also included.


Book Info
Serves as a prep guide for IT professionals seeking to advance their careers through CISSP certification and as a reference for readers who need a fundamental end to end security.


From the Back Cover
A one-stop source of information covering everything you’ll need to know in order to pass the CISSP examination The CISSP Prep Guide From stolen intellectual proprietary and denial of service attacks to unauthorized use of critical resources and computer viruses, e-business companies face numerous threats each day that can cost millions of dollars. The need for these companies to protect their networks and information systems has, in turn, created an unprecedented demand for information systems security professionals. In fact, today’s companies are fiercely headhunting for Certified Information Systems Security Professionals (CISSP). Based on the extensive test experience of the authors, this book serves as both a prep guide for IT professionals seeking to advance their careers through CISSP certification and as a reference on fundamental and emerging information security knowledge. It focuses on the common body of knowledge (CBK) as defined by the International Information Systems Security Certification Consortium (IS C)2. The ten domains of the CBK are covered in detail, including security management, cryptography, disaster recovery planning, and telecommunications security. Each domain of the CBK is then followed by a series of sample practice questions that are similar to those that you’ll encounter on the CISSP examination, helping you better prepare for and pass the exam. This comprehensive book: Covers the fundamental content of the CBK in a way that is independent of the breakdown or possible merger of the domains Provides questions on each CBK domain along with explanations of the answers Reflects the most recent advances in the information security field Avoids the extraneous mathematical derivations, presenting only the information you’ll need to know for the CISSP examination Includes valuable reference material and explores advanced topics in the appendices Wiley Computer Publishing Timely. Practical. Reliable. Visit our Web site at www.wiley.com/compbooks/


About the Author
RONALD L. KRUTZ is a lead instructor for the CISSP CBK review seminars. He spent twenty-four years at Carnegie Mellon University as a faculty member and then as an R&D Director at the Carnegie Mellon University Research Institute. Dr. Krutz is a Senior Information Security Consultant for Corbett Technologies, specializing in information assurance appraisal methodologies. He holds a PhD in Computer Engineering, is a registered Professional Engineer, and is a CISSP. He is the author of two previous Wiley books, Microprocessors and Logic Design and Microcomputer Interfacing. RUSSELL DEAN VINES is President of the RDVGroup, a NYC-based security consulting services firm, and has been involved in computer security for nearly twenty years. He is a frequent speaker on security methodology, wireless security, and best practices in the information industry, and is also an instructor for the CISSP CBK review seminars. He has helped design and build the security architecture for Fortune 1000 Companies worldwide. He is a CISSP, CCNA, MCSE, MCNE, and a National Security Agency/IAM professional. Mr. Vines is also an accomplished jazz composer, performer, and educator.

FROM THE PUBLISHER

A one-stop source of information covering everything you'll need to know in order to pass the CISSP examination

The CISSP Prep Guide

From stolen intellectual proprietary and denial of service attacks to unauthorized use of critical resources and computer viruses, e-business companies face numerous threats each day that can cost millions of dollars. The need for these companies to protect their networks and information systems has, in turn, created an unprecedented demand for information systems security professionals. In fact, today's companies are fiercely headhunting for Certified Information Systems Security Professionals (CISSP). Based on the extensive test experience of the authors, this book serves as both a prep guide for IT professionals seeking to advance their careers through CISSP certification and as a reference on fundamental and emerging information security knowledge. It focuses on the common body of knowledge (CBK) as defined by the International Information Systems Security Certification Consortium (IS C)2. The ten domains of the CBK are covered in detail, including security management, cryptography, disaster recovery planning, and telecommunications security. Each domain of the CBK is then followed by a series of sample practice questions that are similar to those that you'll encounter on the CISSP examination, helping you better prepare for and pass the exam.

This comprehensive book:Covers the fundamental content of the CBK in a way that is independent of the breakdown or possible merger of the domainsProvides questions on each CBK domain along with explanations of the answersReflects the most recent advances in the information security fieldAvoids the extraneous mathematical derivations, presenting only the information you'll need to know for the CISSP examinationIncludes valuable reference material and explores advanced topics in the appendices

SYNOPSIS

Provides a one-stop, self-paced preparation guidance on the ten security domains covered by the CISSP exam, from security management practices to cryptography to business continuity and disaster recovery planning. Includes sample questions, answers, references, and an extensive glossary. Ronald Krutz is a longtime CISSP examiner and former R&D Director at Carnegie Mellon University, which is home to the major reporting and worldwide alert center for Internet security problems. Clearly ties each of the chapters together for greater applicability to the workplace. Useful both as a prep guide for IT professionals seeking to advance their careers through CISSP certification and as a reference for readers who need a fundamental end-to-end security reference book.

FROM THE CRITICS

Booknews