CISSP Prep Guide: Exam Q & A", Ronald L. Krutz/Russell
Dean Vines, 2003, 0-471-23663-2, U$50.00/C$77.50/UK#37.50
%A Ronald L. Krutz
%A Russell Dean Vines
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%I John Wiley & Sons, Inc.
%O U$50.00/C$77.50/UK#37.50 416-236-4433 fax: 416-236-4448
%P 331 p. + CD-ROM
%T "Advanced CISSP Prep Guide: Exam Q & A"
See also "The
CISSP Prep Guide Gold Edition", Ronald L. Krutz/Russell
Dean Vines, 2003
Like "The Total CISSP Exam Prep Book" (cf.
BKTCIEPB.RVW) before it,
this volume contains no tutorial material, only questions,
questions and answers. The format is quite similar to
work, with the book divided into the standard ten domains.
difference is the inclusion of a CD-ROM with a testing
CISSP candidate wants sample exams and sample questions,
so the query
remains, are the questions any good?
contains "the Boson-powered test engine," but
are not quite as simplistic as those on the Boson exams.
They tend to
be longer, and, at first glance, look a lot more like
real CISSP exam
questions. However, upon closer examination, two problems
obvious. One is that a number of the questions are still
despite the additional verbiage. They concentrate on
of facts, without the analysis and critical thinking
that the actual
exam requires. The second issue is that a large number
rely on very specific, and often esoteric facts. Again,
counter to the genuine test, where concepts and principles
these two difficulties combine in a single question,
as "Which choice below is NOT one of NIST's 33 IT
principles?" If you haven't fully memorized NIST's
principles, don't worry. Even if you have no idea where
NIST's 33 security principles you can still get the answer.
your options is "Totally eliminate any level of
risk." Even the
rawest security neophyte can tell you that, since this
it obviously has to be the right answer.
book may give you a somewhat better idea of the types
questions you may encounter, and the range of topics
you may need to
know. As preparation for the exam, however, it will both
unnecessarily (although if it drives you to take the
ISC2 course, that
might not be a bad thing), and fail to prepare you fully.
Robert M. Slade, CISSP, 2003 BKADCIPG.RVW 20030110