Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "The Total CISSP Exam Prep Book", Thomas R. Peltier/Patrick D. Howard

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKTCIEPB.RVW 20020823 The Total CISSP Exam Prep Book , Thomas R. Peltier/Patrick D. Howard, 2002, 0-8493-1350-3, U$59.95 %A Thomas R. Peltier %A Patrick
    Message 1 of 1 , Nov 6, 2002
      BKTCIEPB.RVW 20020823

      "The Total CISSP Exam Prep Book", Thomas R. Peltier/Patrick D. Howard,
      2002, 0-8493-1350-3, U$59.95
      %A Thomas R. Peltier
      %A Patrick D. Howard
      %C 920 Mercer Street, Windsor, ON N9A 7C2
      %D 2002
      %G 0-8493-1350-3
      %I Auerbach Publications
      %O U$59.95 800-950-1216 auerbach@... orders@...
      %P 287 p.
      %T "The Total CISSP Exam Prep Book: Practice Questions, Answers, and
      Test Taking Tips and Techniques"

      Both the preface and the back cover copy stress the assertion that
      "until now, [CISSP (Certified Information Systems Security
      Professional) candidates] were not afforded the luxury of studying a
      single, easy-to-use manual." Despite the reservations that I may have
      about the quality of their works, this statement must surely be a
      shock to Shon Harris (cf. BKCISPA1.RVW), Mandy Andress (cf.
      BKCISPEC.RVW), S. Rao Vallabhaneni (cf. BKCISPET.RVW), and Ronald
      Krutz and Russell Vines (cf. BKCISPPG.RVW) and Carl Endorf (wait for
      it). (Well, I suppose that, technically, Vallabhaneni's is *two*
      books ...)

      It would be difficult to say that you could use this volume for study,
      either. It doesn't actually have any tutorial material, other than
      some advice on how to write the exam. Some of the tips are outdated,
      and most of the rest of the content is rather generic, such as the
      suggestion to eat a hearty breakfast before you go. (I'd suggest that
      you go easy on the recommendation to drink lots of coffee before you
      head off: some of the proctors can be pretty sticky about letting you
      go to the washroom.)

      What it does have is ten chapters (one for each of the CBK [Common
      Body of Knowledge] domains) of twenty five "exam" questions each.
      That's twenty five questions for physical security (the smallest
      domain) and twenty five questions for telecommunications (the
      largest). The questions in the chapters have explanations of which
      answers are right and which are wrong. Then there is a sample "exam,"
      and then the same exam with the answers.

      Sample exams are highly sought after: it makes sense to know the type
      and style of questions that you may encounter on the exam. There is
      only one problem: (ISC)^2 doesn't hand out sample exams. In fact,
      they guard the exam questions rather closely. The sample exams at
      cccure.org are a staple in CISSP study groups, and there is a
      commercial outfit that will sell you a set that they have made up.

      Essentially, of course, this is what Peltier et al have done. So the
      question is, how close are the sample questions in this book to the
      real thing.

      The answer, unfortunately, is not very. Different people worked on
      the questions for different chapters, so the level of success varies.
      (Security management has possibilities, telecommunications is rather
      ghastly.) Ultimately, though, these questions are not representative
      of what you will find on an actual CISSP exam. Those familiar with
      Bloom's Taxonomy of questions will know that you progress from simple
      questions of fact through synthesis of multiple facts through analysis
      based on synthesis to a level of judgement or critical thinking. Most
      of the questions a candidate will encounter on the CISSP exam are at
      the analytical or critical levels. Too many of the questions found in
      most sample exams are at the simple factual level. The questions in
      this current work do move beyond the simplistic, but they tend to turn
      on specific wording in some very weak references, rather than the
      principles and concepts encountered in the CISSP exam itself.
      (Appendix A is a bibliography used in the creation of the questions,
      and it is a decidedly poor one.) Some questions and answers are
      flatly wrong (planting malicious software is definitely *not* a
      passive attack). Others may have some point to their creation but get
      confused. One question states that a certain answer is not correct
      because the technology is not an encryption algorithm, but the
      "correct" answer isn't an algorithm either.

      This book may give you a very rough idea of the types of questions you
      may encounter, and the range of topics you may need to know. If you
      rely on it to prepare you for the exam, however, you may be in for a
      rude shock.

      copyright Robert M. Slade, CISSP, 2002 BKTCIEPB.RVW 20020823

      rslade@... rslade@... slade@... p1@...
      Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
      Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
      November 25, 2002 November 29,2002 Toronto, ON, Canada
      December 16, 2002 December 20,2002 San Francisco, CA
      February 10, 2003 February 14, 2003 St. Louis, MO
    Your message has been successfully submitted and would be delivered to recipients shortly.