Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "CISSP Examination Textbooks", S. Rao Vallabhaneni

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKCISPET.RVW 20011122 CISSP Examination Textbooks , S. Rao Vallabhaneni, 2000, , U$213.00 %A S. Rao Vallabhaneni srvbooks@aol.com %C P.O. Box 681354,
    Message 1 of 1 , Feb 5, 2002
      BKCISPET.RVW 20011122

      "CISSP Examination Textbooks", S. Rao Vallabhaneni, 2000, , U$213.00
      %A S. Rao Vallabhaneni srvbooks@...
      %C P.O. Box 681354, Schaumburg, IL 60168-1354
      %D 2000
      %I SRV Professional Publications
      %O U$99.00 per volume 847-330-0126 www.srvbooks.com
      %P ~500 p. per volume
      %T "CISSP Examination Textbooks" (vol 1 Theory, vol 2 Practice)

      These books will not help you study for or write the CISSP (Certified
      Information Systems Security Professional) exam.

      These books may, in fact, make your study more difficult, and your
      chances of passing the exam more remote.

      At the very best, the time you spend studying these books will be
      wasted, when you could have been reviewing other, more useful

      If I went back through the files I might be able to find one, but, off
      the top of my head, I cannot recall a technical book with a poorer
      structure, organization, or grasp of the titular material. Many
      authors fail to do full research. A large number present the content
      in a disorganized manner, forcing the reader to do more work. Some
      have their own idiosyncratic definition of the topic, and may be
      slightly misleading in what they deliver. Seldom do the confluences
      of those aspects reach the depths of uselessness seen in these

      While the (ISC)2 (International Information Systems Security
      Certification Consortium) CBK (Common Body of Knowledge) domain
      structure can be problematic, the "Theory" volume does not seem to
      follow either the (ISC)2 study guide nor the CBK course outline.
      Point or section numbering is inconsistent, making it difficult even
      to follow the material. Tables and illustrations are unclear, and
      either baldly repeat surrounding text, or have no relation to it.
      (Tables are often carelessly broken between pages, making reading of
      the charts and also surrrounding text extremely difficult.) There are
      endless mistakes in spelling, grammar, and sentence or paragraph
      structure. Non-standard terms are used, and not defined.
      Occasionally small variations in phraseology seem to imply different
      topics that further (and pointless) study reveals to be identical.
      Major heading are sometimes simply printed, and are not explained or
      introduced. Certain topics and phrases are heavily emphasized,
      although not defined, and many of these are the most minor of issues
      in terms both of security and of the CISSP exam. Much of the
      technical material is confused, such as an analysis of the
      correspondence between "ISDN and OSI networks," which is something
      like comparing apples and juice extractors. The text contradicts
      itself frequently: a simple list of firewalls on one page does not
      relate to another three pages later. Some technologies have only one
      aspect explained, others are touched on without mentioning inherent
      dangers, others are so confused that closely related topics end up
      being set in opposition to each other. (The malware definitions,
      needless to say, are appalling.)

      The "Practice" volume is a set of multiple choice questions supposedly
      similar to those you would encounter on the CISSP exam itself. Only
      those on the exam committee would be able to say, for certain, how
      close these questions come to the real thing, but I can say that, in
      terms of information security, a great many of these questions simply
      make no sense. The quality of the second volume seems to approximate
      that of the first.

      I must say that, while the books and the Web site do carry a
      disclaimer that the tomes are not endorsed by (ISC)2, I am slightly
      appalled that (ISC)2 has not objected to the use of this particular
      name. In fact, these books appear on the (ISC)2 resource list.
      Which, itself, carries a disclaimer that such a listing does not imply
      any endorsement. Even so, the simple association gives the work a
      cachet that is wholly undeserved, and probably misleading.

      At the risk of repeating myself, if you are studying for the CISSP:

      Do not buy these books.

      If you have bought these books, do not read them.

      (If you have passed the CISSP, you can, of course, do whatever you

      copyright Robert M. Slade, 2001 BKCISPET.RVW 20011122

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... rslade@... slade@... p1@...
      This message contains not less than 70% post consumer electrons
      and not less than 80% post harangue opinions. Please recycle.
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.