[ISN] REVIEW: "Secured Computing", Carl F. Endorf

From: InfoSec News (isnat_private)
Date: Thu Dec 12 2002 - 00:50:52 PST

  • Next message: InfoSec News: "[ISN] Panel urges cooperation on cybersecurity"

    Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private>
    
    BKSCDCMP.RVW   20020905
    
    "Secured Computing", Carl F. Endorf, 2002, 1-55212-889-X,
    U$44.95/C$64.00
    %A   Carl F. Endorf etresearchat_private
    %C   Suite 6E, 2333 Government Street, Victoria, BC   V8T 4P4
    %D   2002
    %G   1-55212-889-X
    %I   Trafford Publishing
    %O   U$44.95/C$64.00 888-232-4444 FAX 250-383-6804 salesat_private
    %O  http://www.amazon.com/exec/obidos/ASIN/155212889X/robsladesinterne
    %P   538 p.
    %T   "Secured Computing: CISSP Study Guide, Second Edition"
    
    Like Mandy Andress' book (cf. BKCISPEC.RVW), this concentrates on
    terminology, rather than the concepts that the CISSP exam actually
    tests for.  Like Krutz and Vines' book (cf. BKCISPPG.RVW), this
    obviously and slavishly follows the (ISC)^2 syllabus.  Unlike Shon
    Harris' book (cf. BKCISPA1.RVW), it doesn't provide much added value
    or explanation.
    
    It does offer a money back guarantee.  If, within six months of buying
    the book, you take the CISSP exam twice (at U$450 a pop) and fail both
    times, you get the price of the book back.  Less shipping and
    handling.  (Also, you might need to be careful when ordering the book. 
    The ISBN is identical for both the first and second editions.)
    
    Some of the errors in the first edition of the book have been
    corrected, but a few remain, such as the addition of a "strong star"
    property to the Bell-LaPadula security model.
    
    Since the work concentrates on jargon, there are glaring gaps in the
    coverage.  For example, the Law, Investigation, and Ethics domain has
    almost nothing to say about incident response, investigation,
    preservation of evidence, computer forensics, or interviewing.
    
    Added to the book in this second edition is a practice CISSP exam. 
    Although the structure of the questions appears to be similar to those
    you would see on a real exam, the answers, oddly enough, rely on non-
    standard terminology.
    
    Approximately one third of the total material in the second edition is
    a reprint of the "Standard of Good Practice" document available from
    the Information Security Forum (www.securityforum.org).  While there
    is nothing wrong with the document, and it could be a useful aid to
    the practitioner, it isn't much of a help in studying for the CISSP.
    
    While this book might provide some assistance in exam prep, it is
    probably not a sufficient guide by itself.
    
    copyright Robert M. Slade, 2002   BKSCDCMP.RVW   20020905
    
    -- 
    ======================
    rsladeat_private  rsladeat_private  sladeat_private p1at_private
    Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
    Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
        December 16, 2002   December 20, 2002   San Francisco, CA
        February 10, 2003   February 14, 2003   St. Louis, MO
        March 31, 2003      April 4, 2003       Indianapolis, IN
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Dec 12 2002 - 03:57:48 PST