Book Review: CISSP Exam Guide

​CISSP All-in-One Exam Guide. By Shon Harris and Fernando Maymi. McGraw-Hill Education;mheducation.com; 1,408 pages; $70.​

The Certified Information Systems Security Professional (CISSP) is the most popular information security certification today. Those in the security field often find that the CISSP certification is a prerequisite for hiring. Human resources departments often use it as a filter to determine qualified candidates, and information assurance personnel in the U.S. military are required to be certified. Because the certification is so important, a wide array of authors and publishers have written study guides. 

The framework of the certification is the (ISC)2 Common Body of Knowledge, which underwent a major update a few years ago. The biggest change was that it went from 10 domains to eight. The eighth edition of CISSP All-in-One Exam Guide goes into significant detail for all preparatory areas and more. It is a solid, albeit potentially overwhelming, study guide for the serious CISSP candidate.

Previous editions of the book included a CD-ROM with the additional study material and test questions. For this edition, the study material and questions have moved online. 

The CISSP test has been called an inch deep and a mile wide. That may be an exaggeration, but it is clear that the test requires knowledge of a lot of information. This reviewer believes that the recent update of the CISSP All-in-One Exam Guide will help candidates prepare for and pass the CISSP certification exam.

Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), PCI QSA (Qualified Security Assessor), is a senior security consultant with the Nettitude Group.