CISSP Preparation – Books

Are you getting ready to take the CISSP exam?  Are you wondering where to start?  Are you wondering how you will know when you are really ready to take the exam?  I have some tips that I have found are very useful through my six years of teaching CISSP for (ISC)2.

Lets start with books.

I classify books available for preparing for this exam  into three categories.

Category 1 = Cliff Notes

Category 2 = Full prep guides

Category 3 = Expert books

Category 1 includes CISSP for Dummies and the Passport by Mike Myers.   The passport is currently out of print as I write but perhaps you can borrow one.  I recommend either of these books.  The basic difference between them is a style of writing.  The CISSP for Dummies book is entertaining to boot, but if you are going to be aggravated by funny quips such as the different hash algorithms being compared to the Jackson family then go with the Passport book.

I would recommend using these books as you start your studying, through to the last week before you take the exam.  When you first pick up this book I would take a walk through to start to identify the topics you are familiar with and those that you are not familiar with.  As you identify areas that you need to work on you can then migrate to a book out of Category 2.

Category 2 books include the Official guide from (ISC)2, the All-in-One Exam Guide by Shon Harris, as well as many others.  I recommend that you pick a book here that matches your reading style.  For example the Official guide is a bit long winded on topics and that works great for some people, but not for others.  Most people seem to work well with the All-in-One exam guide.

As you go through the list of topics in your Category 1 book and find things that you are less familiar with or not familiar with at all I would then recommend that you move to your Category 2 book to read more on that topic.  Some people do read their Category 2 book from cover to cover, a couple of times even, although most do not.  I find it to be most useful as a research aide.

Category 3 books include all of the real books out there on security.  These are the books that are written by a subject matter expert on their topic of knowledge.  If you are still left confused by Category 1 or 2 books, this is the place to turn for more detailed, or possibly, more accurate information.  ISC2 has a list of books that falls into this category.  My favorite cryptography books can be found here.

In general these books are too detailed for getting ready for the exam, although they could be very useful when you are looking for that additional information or clarification information for a specific project.

One other note regarding buying books, is that you don’t necessarily have to.  There is free information available on the web.  Just buyer beware you usually get what you pay for.  One place that many turn to is CCCure.  There are several study guides that people have put together and posted on this site. For the most part these are nice study guides and can save you some money.

Good luck 😉 and study hard.

More coming on CISSP practice questions.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: