Information Security is all about staying informed. And the CISSP is no exception. If you’re not reading then you’re falling behind. When you take the CISSP Boot Camp course from InfoSec you will receive a copy of Shon Harris’s CISSP All-in-One Exam Guide, Fifth Edition – Hardcover (Jan. 15, 2010). There are also a few other books which I have on my bookshelf and you should consider for your own personal library. Information Security Management Handbook, Sixth Edition ((ISC)² Press) – Hardcover (May 14, 2007) by Harold F. Tipton and Micki Krause, Information Security Management Handbook, Sixth Edition, Volume 2 – Hardcover (Mar. 17, 2008) by Harold F. Tipton and Micki Krause, and Information Security Management Handbook, Sixth Edition, Volume 3 – Hardcover (June 24, 2009) by Harold F. Tipton and Micki Krause.
Yes, I know some of these are expensive, but here’s my rationale. The annual (ISC)² Harold F. Tipton Award recognizes an individuals life-long contributions to the improvement of the information security profession. The award’s namesake is a security industry pioneer and (ISC)² co-founder and Certified Information Systems Security Professional (CISSP) education director. So if he is responsible for CISSP education it makes sense that the information you need to be successful in information security and to pass the CISSP exam will come from his books. So go buy volume 1 and start reading. And yes, I know there are over 3,000 pages in volume 1. So read 50 a day and you’ll be done in 2 months. Then you can move on to Volume 2.
InfoSec Institute's proprietary CISSP certification courseware materials are always up to date and synchronized with the latest ISC2 exam objectives. Our industry leading course curriculum combined with our award-winning CISSP training provided by expert instructors delivers the platform you need in order to pass the CISSP exam with flying colors. You will leave the InfoSec Institute CISSP Boot Camp with the knowledge and domain expertise to successfully pass the CISSP exam the first time you take it. Some benefits of the CISSP Boot Camp are:
- Dual Certification - CISSP and ISSEP/ISSMP/ISSAP
- We have cultivated a strong reputation for getting at the secrets of the CISSP certification exam
- Our materials are always updated with the latest information on the exam objectives: This is NOT a Common Body of Knowledge review-it is intense, successful preparation for CISSP certification.
- We focus on preparing you for the CISSP certification exam through drill sessions, review of the entire Common Body of Knowledge, and practical question and answer scenarios, all following a high-energy seminar approach.
In the coming weeks, I will be looking at each individual Domain within CISSP and will be sharing some additional reading material with you.
Can you add my email address to your list when you do your domain reviews.
smithml@state.gov (Maurice Smith)
Thanks so much.
Maurice,
All of the domains are listed here with links to the appropriate articles.
http://resources.infosecinstitute.com/the-cissp-domains-an-overview/
Happy reading,
Terrence
Is th reading material available in IPOD format?
Mike,
Both the Shon Harris book and the Official Guide to the CISSP CBK are available from Amazon as Kindle e-books. I have not seen the Harold Tipton “Information Security Management Handbook, Sixth Edition” in e-book format.
J Kenneth Magee
B&N sales the Tipton Handbook on CDROM for $135. It includes updated volumes 1 through 4. Volume 5 comes out Sept-2011, but it will take a while to get through 1-4.
Here is URL: http://search.barnesandnoble.com/Information-Security-Management-Handbook-2011-CD-ROM-Edition/Harold-F-Tipton/e/9781439853207?box=1439853207&pos=-1&ugrp=2
Kenneth: Compared to the CISM, the CISSP seems on the technical end of the spectrum and the CISM on the process/operational management end of the spectrum (without including any Cisco Certs in this comparison). Based on your reviews, those 2 seem to complement each other well and together would provide a well-rounded ITSec knowledge base.
From both a professional improvement and career standpoint, which of those 2 would you feel you derive the most value from?
Emric,
You are correct in your analylsis that the CISSP provides a more technical aspect to the security information knowledge spectrum. I would not attempt to choose between the CISM and the CISSP as an either/or situation, rather, I would suggest that a serious professional would want to have both and more. You will note in the article “CISSP – Reading is Required” that in addition to the certifications a serious security professional is also an avid reader. The series on Information Security Management by Tipton is one that I have on my shelf, in the same regards ISACA is publishing a lot of article on “Metrics” which you will find constitutes a significant number of questions on the CISM exam. In speaking of wanting to have both and more, I would suggest that in addition to the CISSP and CISM that you strive to achieve additional more specific certifications. CRISC from ISACA if your focus is or might be on Risk Management and the ISSEP concentration from ISC2 if you are more technically focused. Information Security and in particular Risk Management is a rapidly expanding field. I look forward to seeing you in one of InfoSec’s boot camps in the near future.
Kenneth
With all of the changes forthcoming for the exam, will these books still be a solid resource or will new editions be forthcoming? I could use the money I save for the cost of the exam!