Rating: 
Summary: Exactly What it Should Be
Review: After reading several of the reviews listed, many with low ratings, it came to my attention that the people have completely missed the point. The CISSP is supposed to be an acknowledgement of your understanding of security, not a piece of paper. You want to blow through a test? Go get Transender and get your paper MCSE. This book is meant to present the various areas of security and provide some insight arranged in the 10 domains. To cover every aspect of security would take volumes - hence the value of these editions. If you are looking for a quick fix, this book is not for you. This book continually communicates the foundation concepts of security that you will need to be a true CISSP. It concerns me that a book compiled with so much referenced security information is considered low ranking. Based on the "it doesn't help with the test" statements, I fear that the CISSP will become the flooded, worthless paper we see in other certifications. For those of us who are CISSPs and have been in the industry for sometime, this quick fix attitude will damage the certification and lead to poor practices in the industry. Read this book and learn, the story is there, clearly. When you know security - then take the test, don't learn how to take the test.
Rating: 
Summary: You're kidding, right?
Review: After reading the reviews previously posted I was convinced this would be a good purchase. Never have I been so misled. This book is extremely poorly organized and provides very basic introductions to the topics discussed. It's not a book I would suggest to a new information security professional or to someone with several years of security work. The beginner is introduced to only TWO basic concepts in the entire "Access Control Systems and Methodology" CISSP domain while the advanced reader is fed a history of biometrics!! This is the tone throughout the book. Not enough organized coverage of basic tenets and a lot of "...and I care, why?" theoretical and useless ramblings.Yuck.
Rating:
Summary: Senior Consultant EDS - mhicks0923@netzero.net
Review: An excellent book for future CISSPs. The authors cover the material with great detail and an informative way. A must have for all in Information Security.
Rating: 
Summary: Chap 9 is excellent
Review: Chap 9 is a great read on VPN security and technologies. I liked the "low down" on vendor VPN performance tricks toward the end of the chapter. Has some good info on Topologies and deployment techniques.
Rating:
Summary: CD ROM version significantly different from paper version
Review: Don't confuse this CD ROM with the book that is being sold under the same title (ISBN 0849398290) because there are some major differences besides the media on which the material is provided. The book is actually Volume 1 of the Information Security Handbook, Fourth Edition. This CD ROM contains Volume 1, plus Volumes 2 and 3 of the handbook, making it a more complete compilation of the material that encompasses the ten domains of the Common Body of Knowledge (CBK) of Generally Accepted Systems Security Principles (GASSP). See the product page for Volume 1 for reviews and a complete description of that subset of this CD ROM. Volumes 2 and 3, like Volume 1 are aligned to the ten domains, but have more up-to-date material and new papers addressing a wider array of topics. Moreover, CISSP candidates will find a great deal more study material, and working practitioners will find information that covers emerging trends and technologies that have surfaced since Volume 1 was published. The new or expanded material of the two additional volumes on this CD ROM are: Volume 2 - (published in 2000), goes deeper in network security, but also covers interesting topics such as single-signon (will be of particular interest to organizations implementing LDAP), centralized authentication, and related topics in addition to newer coverage in each of the ten CBKs. Volume 2 (published in 2001), is an overall update for each of the CBKs and contains a lot of fresh material that is fair game for CISSP exam questions, as well as a compendium of fresh material for practitioners. In addition to the convenience of having all of this material on a CD ROM vs. over ten pounds of paper, the contents are searchable using the built in search facility, and can be printed when hard copy is required. This is a nice feature for consultants who can bring a wealth of reference material on site for quick cross-referencing during assessments or developing action plans that are consistent with the GASSP. Of course, the fact that this collection is more complete, comprehensive and up-to-date than the book by the same title makes this an attractive choice for anyone who requires working references or wants to prepare for the CISSP examination.
Rating:
Summary: Excellent reference!
Review: Excellent reference! This is an excellent security reference! If you are looking for a pure CISSP prep book, this is not the best. But for general info sec, this is an awesome book.
Rating:
Summary: Excellent reference!
Review: Excellent reference! This is an excellent security reference! If you are looking for a pure CISSP prep book, this is not the best. But for general info sec, this is an awesome book.
Rating:
Summary: Indepth info. and written in understandable English
Review: First, realize that this is Volume 2, Volume 1 is also essential and about $30 more. This book is written in everyday English, which makes it infinitely more understandable than the texts written for high-level techs. A degree of knowledge about information security and computer technology would be useful before starting in on this book as it is indepth and covers a lot of ground. This is a book you will want to keep close for reference and studying for the CISSP. I've seen Tipton speak on several occasions and he's definitely a leader in the industry. Any books he authors or edits are probably worth having if you're serious about working in or understanding the information security industry.
Rating:
Summary: Inconsistent and Occasionally Inaccurate
Review: I bought the book because I was told it was THE CISSP study guide. So far I have read thru chapter 8 and feel really sorry for anyone relying on this for accurate information. The chapter on extranets was complete rubbish, the chapter on SSO went on about specific vendor solutions and seemed out of place, the whole thing is disorganized and inconsistent, and I have since ordered the CISSP Prep Guide instead. I will finish skimming and reading some of what appear to be the better chapters on crypto and legal considerations until the other book gets here, after which I guess I will try to sell this thing! I give this book two thumbs down.
Rating: 
Summary: not what you expect
Review: I bought this book hoping it would give a good outline to what would be on the cissp exam. It really isnt. The authors collected a bunch of articles they didnt write, and threw them into the 10 CBK categories. The articles themselves are interesting and good, but it wont really prep you for the exam. It is obvious that they wanted to take advantage of persons wishing to pass the CISSP, and threw together a bunch of [junk]. Im sure you could find every article in this book on the internet somewhere. I would recommed getting the free open study guides at cccure.org instead of this. Dont listen to the other reviewers, they are obviously authors or authors friends.
| 
