CISSP All-in-One Exam Guide, Fifth Edition (Anglais) Relié – 1 février 2010
Les clients ayant consulté cet article ont également regardé
Descriptions du produit
Présentation de l'éditeur
COVERS ALL 10 CISSP DOMAINS:
- Information security and risk management
- Access control
- Security architecture and design
- Physical and environmental security
- Telecommunications and network security
- Business continuity and disaster recovery planning
- Legal regulations, compliance, and investigations
- Application security
- Operations security
THE CD-ROM FEATURES:
- Hundreds of practice exam questions
- Video training excerpt from the author
Shon Harris, CISSP, is a security consultant, a former member of the Information Warfare unit in the Air Force, and a contributing writer to Information Security Magazine and Windows 2000 Magazine. She is the author of the previous editions of this book.
Biographie de l'auteur
Shon Harris, MCSE, CISSP, is a security consultant, a former member of the Information Warfare unit in the Air Force, and a contributing writer to Information Security Magazine and Windows 2000 Magazine. She is the author of the previous editions of this book.
Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.
Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.
Détails sur le produit
En savoir plus sur l'auteur
Dans ce livre(En savoir plus)
Quels sont les autres articles que les clients achètent après avoir regardé cet article?
Commentaires en ligne
Meilleurs commentaires des clients
Commentaires client les plus utiles sur Amazon.com (beta)
I spent 60+ hours in preparation for the exam... that's 60+ hours of DEDICATED individual study using this book and CD, not 60+ hours spent web surfing during lunch hours or commercial breaks. My recent background is in middle management, with 20 years experience in network architecture and data security, so I already had a firm technical foundation for the test areas dealing with protocols and encryption variations. I also have an MS in Computer Science. Nonetheless, the exam was so broad, with topics covering general principles and concepts, that I could have prepared twice as long and still left the exam with questions about the outcome.
My personal opinion is that formal classroom instruction, through one of the many organizations offering CISSP preparation courses, is a worthwhile companion to Shon Harris' book. A study group is also a good idea. You will not obtain CISSP certification if you take the exam without preparation. This book (fifth edition) was sufficient, but not 100% comprehensive, to prepare me for passing the CISSP test.
Note: Some reviewers do not appreciate Shon's frequent analogies and humor. Most of her analogies helped me internalize the complex topics, but that's my personal learning style. The efforts at humor were generally awful, but every once in a while she was subtle and brilliant enough to make me laugh out loud. Working through Shon's unique writing style was not a problem for me... I actually found it refreshing.
However, do not expect this book to provide technical details or even technical language consistently. There's a lot of verbiage, needless attempts at humor - which really degrades the overall standing of the book - and just the right amount of information, but no more.
Also, do not make this book the sole resource for preparation. You *may* pass the exam but will be none the wiser for most of what the book covers.
Given that this is a technical examination after all, I would have much appreciated if the author did not try and frame the same statement in multiple ways in the same paragraph, stuck to using consistent technical language and provided more links to resources for additional information. It would also have been nicer if the key technical points, definitions, important values were better highlighted - or even repeated in a prominent tip - after every section so that a second reading becomes a lot less demanding. The exam is challenging in itself and the book and author can do a lot more to make preparation a less demanding experience.
It is difficult to come across books that are worthy of technical appreciation and I am afraid the above points make this a middle of the road effort.
I have no particular affinity to either the author or publication but would recommend giving the Mike Chapple book a shot. You will be a lot less frustrated reading technical matter for a technical examination than with the narrative-style of the Shon Harris book.
Just a few points when you take the exam. I took the exam on September 18, 2010 in Wayne PA. I received email notification that I passed on October 20, 2010. I submitted the additional information for job history and endorsement on October 25, 2010. On November 16, 2010 I received another email saying I am now a CISSP and my docs will be mailed to me within six weeks. A of Thanksgiving Day (Today) I do not have a certificate. So, as you can see, it can up to 90 days to actually provide proof that you have an in hand certificate.
There are also a couple of mistakes that I have taken note of:
(1) On page 12, the question "Which item is not part of a Kerberos authentication implementation?" has no answer because the given answer "A message authentication code" is wrong -- RFC 4120 clearly shows the application of HMAC. Even without the RFC, authentication using symmetric-key crypto clearly requires a MAC.
(2) IPSec is more commonly written as IPsec. The second paragraph on page 760 is outdated, as ISAKMP is integrated into IKE since RFC 5996.
(3) In Table 6-3, page 443, not all Halon substitutes work by interfering with, or more precisely, inhibiting the chemical reaction. Inergen and Argonite for example work by displacing oxygen.
(4) On page 936-937, the definitions of DCL, DDL and DML are not really consistent with the database literature. For example, instead of "defining the internal organization of the database" (which sounds very vague), DCL is really for "controlling access to the data and to the database". On page 942, the definition of savepoint is also not precise. Savepoint is really a point where you can roll back a transaction to. See "Oracle Database 10g: The Complete Reference".
(5) On page 948, the definition of durability is not precise. This statement from Haerder and Reuter's 1983 ACM Computing Surveys paper is better: "Once a transaction has been completed and has committed its results to the database, the system must guarantee that these results survive any subsequent malfunctions."
(6) On page 1087, the phrase "As in RAID 1 striping" is wrong, as RAID 1 is for mirroring or duplexing, not striping.
Rechercher des articles similaires par rubrique
- Livres anglais et étrangers > Computers & Internet > Certification Central
- Livres anglais et étrangers > Computers & Internet > Computer Science > Software Engineering
- Livres anglais et étrangers > Computers & Internet > Networking > Network Security
- Livres anglais et étrangers > Computers & Internet > Networking > Networks, Protocols & APIs
- Livres anglais et étrangers > Computers & Internet > Security & Encryption
- Livres anglais et étrangers > Reference > Education
- Livres anglais et étrangers > Reference > Study Guides