REVIEW: "CISSP Examination Textbooks", S. Rao Vallabhaneni
- BKCISPET.RVW 20011122
"CISSP Examination Textbooks", S. Rao Vallabhaneni, 2000, , U$213.00
%A S. Rao Vallabhaneni srvbooks@...
%C P.O. Box 681354, Schaumburg, IL 60168-1354
%I SRV Professional Publications
%O U$99.00 per volume 847-330-0126 www.srvbooks.com
%P ~500 p. per volume
%T "CISSP Examination Textbooks" (vol 1 Theory, vol 2 Practice)
These books will not help you study for or write the CISSP (Certified
Information Systems Security Professional) exam.
These books may, in fact, make your study more difficult, and your
chances of passing the exam more remote.
At the very best, the time you spend studying these books will be
wasted, when you could have been reviewing other, more useful
If I went back through the files I might be able to find one, but, off
the top of my head, I cannot recall a technical book with a poorer
structure, organization, or grasp of the titular material. Many
authors fail to do full research. A large number present the content
in a disorganized manner, forcing the reader to do more work. Some
have their own idiosyncratic definition of the topic, and may be
slightly misleading in what they deliver. Seldom do the confluences
of those aspects reach the depths of uselessness seen in these
While the (ISC)2 (International Information Systems Security
Certification Consortium) CBK (Common Body of Knowledge) domain
structure can be problematic, the "Theory" volume does not seem to
follow either the (ISC)2 study guide nor the CBK course outline.
Point or section numbering is inconsistent, making it difficult even
to follow the material. Tables and illustrations are unclear, and
either baldly repeat surrounding text, or have no relation to it.
(Tables are often carelessly broken between pages, making reading of
the charts and also surrrounding text extremely difficult.) There are
endless mistakes in spelling, grammar, and sentence or paragraph
structure. Non-standard terms are used, and not defined.
Occasionally small variations in phraseology seem to imply different
topics that further (and pointless) study reveals to be identical.
Major heading are sometimes simply printed, and are not explained or
introduced. Certain topics and phrases are heavily emphasized,
although not defined, and many of these are the most minor of issues
in terms both of security and of the CISSP exam. Much of the
technical material is confused, such as an analysis of the
correspondence between "ISDN and OSI networks," which is something
like comparing apples and juice extractors. The text contradicts
itself frequently: a simple list of firewalls on one page does not
relate to another three pages later. Some technologies have only one
aspect explained, others are touched on without mentioning inherent
dangers, others are so confused that closely related topics end up
being set in opposition to each other. (The malware definitions,
needless to say, are appalling.)
The "Practice" volume is a set of multiple choice questions supposedly
similar to those you would encounter on the CISSP exam itself. Only
those on the exam committee would be able to say, for certain, how
close these questions come to the real thing, but I can say that, in
terms of information security, a great many of these questions simply
make no sense. The quality of the second volume seems to approximate
that of the first.
I must say that, while the books and the Web site do carry a
disclaimer that the tomes are not endorsed by (ISC)2, I am slightly
appalled that (ISC)2 has not objected to the use of this particular
name. In fact, these books appear on the (ISC)2 resource list.
Which, itself, carries a disclaimer that such a listing does not imply
any endorsement. Even so, the simple association gives the work a
cachet that is wholly undeserved, and probably misleading.
At the risk of repeating myself, if you are studying for the CISSP:
Do not buy these books.
If you have bought these books, do not read them.
(If you have passed the CISSP, you can, of course, do whatever you
copyright Robert M. Slade, 2001 BKCISPET.RVW 20011122
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... rslade@... slade@... p1@...
This message contains not less than 70% post consumer electrons
and not less than 80% post harangue opinions. Please recycle.
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade