I too was lucky enough to get to take the review course with Hal & I agree,

"truly a knowledgeable professional". Further, he was nice enough to sign my copy of the books.

It is important to understand what the Information Security Management Handbooks are doing. First, it is not attempting to cover everything that could be on the exam. No book is big enough for that. Second, the books are aimed at keeping you current in all the domains, not teaching them. However, if you read the entire series I would expect you would be exposed to most of the material. Each new addition covers new material in each of the domains. To see the real value of the books requires looking at more than any one edition. For example, there are 2 volumes in the 4th edition. Between them there is only 1 article in the Physical Security domain & it is on Intrusion Detection. While a very good article, it is not everything you need to know about Physical security, not by a long shot. Only by reading prior editions can you even hope to cover all important areas.

That said, I think the books are as good as anything out there.

Michael Guard, JD, CISSP
MS Telecommunications Management
SecureMIS.com

Stacy M. Williams wrote:

>I would definitely have to disagree with the assessment of the Amazon
>reviewers. This is one of the few books that attempts to cover in
>some degree of detail all 10 domains within the security realm. I have
>also been fortunate enough to take the CISSP prep course taught by Hal
>Tipton, and he is truly a knowledgeable professional.
>
>I would question how many of the reviewers actually have obtained their
>CISSP. If they felt that this one book would be their magic bullet,
>then I'm sure they were disappointed, but if they wanted a reference that
>would provide a good base understanding of the 10 domains, then this book
>was definitely a good selection.
>
>Just my 2 cents.
>
>Stacy
>
>-----Original Message-----
>From: Mark Bell [mailto:mark.bell@digitaldefense.net]
>Sent: Wednesday, October 31, 2001 6:35 PM
>To: cisspstudy@lists.securityfocus.com
>Subject: RE: Information Security Mgmnt Handbook
>
>
>I used the Info Security Management Handbook (4th Edition) for my CISSP
>study preparation. I actually found it fairly useful...Some parts probabaly
>went a little more in depth than I'd like, while others didn't even really
>touch the subject matter of the domain (how they decided to discuss
>traditional Intrusion Detection in the Threats and Facility Requirements
>chapter (Physical Security - Domain 10) is beyond me.) Overall, I felt it
>helped me pass the test.
>
>However, there is no one book out there that will make you a CISSP. Heck,
>there's no five books out there that will make you a CISSP alone...at least
>50% of your knowledge had better come from on-the-job experience before you
>plunk down $450 for this test, or you're sunk (hence, the three year
>requirement!). The books should merely supplement you in your weak areas.
>If it comes to the point where, say, a security guard at a computer facility
>(with at least three years of experience in Physical Security!) can just
>pick up a book and pass the test, the CISSP will go the way the MCSE did
>under Windows NT - a paper certification.
>
>
>Mark
>
>Mark B. Bell, CISSP
>Director of Security Operations
>Digital Defense, Inc.
>1711 Citadel Plaza
>San Antonio, Texas 78209
>Phone: 888.273.1412
>Fax: 210.822.9216
>http://www.digitaldefense.net
>
>
>
>-----Original Message-----
>From: jkellerman@na.cokecce.com [mailto:jkellerman@na.cokecce.com]
>Sent: Wednesday, October 31, 2001 4:33 PM
>To: cisspstudy@lists.securityfocus.com
>Subject: Information Security Mgmnt Handbook
>
>
>Well I just parted with $60 for this book because it was recommended by the
>study group I am in. However, everyone at Amazon and other internet
>bookstores seemed to slam the book saying it was a waste of money. I, just
>like everyone else studying for the CISSP exam, dont have time to waste on
>reading resources which will not be beneficial to my studying time. These
>ratings were very low for all three volumes. The CISSP Prep book though
>seems to receive high marks as a resource for studying for the CISSP, even
>after just hitting the marketplace a couple of months ago. Does anyone
>else feel the same way about the Information Security Mgmnt Handbook. Did
>you find it to be useless in your study time for the CISSP?
>
>J. Kellerman
>
>
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]