[ISN] REVIEW: "Advanced CISSP Prep Guide: Exam Q & A", Ronald L. Krutz/Russell Dean Vines

From: InfoSec News (isnat_private)
Date: Wed Feb 05 2003 - 22:14:30 PST

  • Next message: InfoSec News: "Re: [ISN] Regina police recover missing hard drive"

    Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private>
    
    BKADCIPG.RVW   20030110
    
    "Advanced CISSP Prep Guide: Exam Q & A", Ronald L. Krutz/Russell Dean
    Vines, 2003, 0-471-23663-2, U$50.00/C$77.50/UK#37.50
    %A   Ronald L. Krutz
    %A   Russell Dean Vines
    %C   5353 Dundas Street West, 4th Floor, Etobicoke, ON   M9B 6H8
    %D   2003
    %G   0-471-23663-2
    %I   John Wiley & Sons, Inc.
    %O   U$50.00/C$77.50/UK#37.50 416-236-4433 fax: 416-236-4448
    %O  http://www.amazon.com/exec/obidos/ASIN/0471236632/robsladesinterne
    %P   331 p. + CD-ROM
    %T   "Advanced CISSP Prep Guide: Exam Q & A"
    
    Like "The Total CISSP Exam Prep Book" (cf. BKTCIEPB.RVW) before it,
    this volume contains no tutorial material, only questions, and then
    questions and answers.  The format is quite similar to the Peltier
    work, with the book divided into the standard ten domains.  A major
    difference is the inclusion of a CD-ROM with a testing engine.  Every
    CISSP candidate wants sample exams and sample questions, so the query
    remains, are the questions any good?
    
    The CD-ROM contains "the Boson-powered test engine," but the questions
    are not quite as simplistic as those on the Boson exams.  They tend to
    be longer, and, at first glance, look a lot more like real CISSP exam
    questions.  However, upon closer examination, two problems become
    obvious.  One is that a number of the questions are still very simple,
    despite the additional verbiage.  They concentrate on pure recitation
    of facts, without the analysis and critical thinking that the actual
    exam requires.  The second issue is that a large number of questions
    rely on very specific, and often esoteric facts.  Again, this is
    counter to the genuine test, where concepts and principles are
    emphasized.
    
    Occasionally these two difficulties combine in a single question, such
    as "Which choice below is NOT one of NIST's 33 IT security
    principles?"  If you haven't fully memorized NIST's 33 security
    principles, don't worry.  Even if you have no idea where to find
    NIST's 33 security principles you can still get the answer.  One of
    your options is "Totally eliminate any level of risk."  Even the
    rawest security neophyte can tell you that, since this is impossible,
    it obviously has to be the right answer.
    
    This book may give you a somewhat better idea of the types of
    questions you may encounter, and the range of topics you may need to
    know.  As preparation for the exam, however, it will both scare you
    unnecessarily (although if it drives you to take the ISC2 course, that
    might not be a bad thing), and fail to prepare you fully.
    
    copyright Robert M. Slade, CISSP, 2003   BKADCIPG.RVW   20030110
    
    -- 
    ======================
    rsladeat_private  rsladeat_private  sladeat_private p1at_private
    Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
    Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
              March 31, 2003           Indianapolis, IN
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Feb 06 2003 - 01:33:46 PST