CISSP Exam Cram

Overall, Richard Bejtlich�s review is pretty accurate. The book is basically Cliff Notes for the exam. If you have done a lot of reading preparing for the CISSP Exam, this book will serve you well. It is a quick and dirty reference that is to the point. It is perfect to take on a bus or plane to review as it does not weigh nearly 10 pounds like the CISSP All-in-One Exam Guide.

If you want breadth, this book is fine.
If you want depth, then don�t use an Exam Cram title.

For those that want hearty references for the exam and wanting exhaustive tomes, they would be better served with books such as:

CISSP All-in-One Exam Guide
...

Rating:
Summary: Waste of money
Review: As other review have stated, this book does little more than simply state the basic facets of the CBK. IT does not go into good detail and the practice questions are horribly simplistic. So much so that they add nothing and provide no measure of your preparedness, which is supposed to be the whole point of practice questions. Typically, the EXAM CRAM books have been good (at least for the MCSE they were), but this one was dissapointing at best. Buy the all-in-one study guide instead.

Rating:
Summary: Exam Cram? Don't you believe it ...
Review: CISSP exam cram? Not by a mile. I was very disappointed at how it glossed over most topics and how simple the practice questions are in comparison with those on the exam. The book is a decent intro to ISS (the only reason I gave it two stars) but doesn't come close to preparing you for the exam. The sad thing is that it gives the reader a false sense of preparedness. Don't think that by correctly answering all of the practice exam questions you're ready for the real thing. If so you'll realize your out money thirty minutes into the test.

Rating:
Summary: Too Limited and Basic
Review: I found the "Exam Cram" books work great for one hour tests (such as the CompTIA ones), but the CISSP exam covers so much material in so much detail, something this limited is not of much help in studying. I used this as my first study guide for the exam, and was able to breeze through it in a couple hours and score a 49/50 on the practice test at the end of the book (well technically 48/50, but there's an obvious error in the answer key!). The sample questions from other books and websites were much more detailed and tricky, and you'll need plenty of time reviewing those in order to have a shot at passing the exam. While I did find this well organized, nicely written, and technically correct, it ultimately is not worth the time spent reading. I found Mike Meyer's CISSP Passport offered a much better level of detail, and proved much more helpful in my studying.

Rating:
Summary: So, So, Not Up To The Author's Capabilities
Review: I had studied Mandy's "Surviving Security" book in preparation for my taking the CISSP exam. When the 'CISSP Exam Cram' became available, my expectations were sky high because of her previous book. Regretfuly, the 'CISSP Exam Cram' did not meet my expectations. I found the book to be extremely limited based on the breadth of the CISSP examination and that it contained little to no depth of subject. I could have done just as well reading a good security terms definition list. And I even memorized the 50-cram statements (they may have helped me answer 1 of the 250 questions on the exam). Therefore, the time I spent studying the book did not pay the expected dividens. The author's "Surviving Security" was more on target for preparing a person for the CISSP examination.

My hope is that the author will revise the 'CISSP Exam Cram' and make it more on target (Readers deserve a good return on their purchase and study time investment). Perhaps preparing an Exam Cram type book is not her cup of tea. I know she has the knowledge and capability to prepare a good Cram Book; this isn't it.

Rating:
Summary: Very light reading
Review: I spent a weekend in commercial airline purgatory reading the new Exam Cram CISSP book. This is the first book I've read for CISSP study prep, and I have to say, it's pretty basic. On the 50 question self-test at the end, I got 100% on my first try. (Not counting the two errored questions, of course -- every Exam Cram book has a couple wrong answers, which is to be expected.)

I know I'm not that smart, so the only other explanation for my phenomenal performance is that the material is really basic, and lacks the depth of the real test. This is reflected by my first attempt at the 10 random question test on cissp.org, where I scored a pretty pathetic 60%.

I also found the end of chapter "for more information" URLs annoying -- every chapter mentions securityfocus.com. Like it's one big ad for SecFoc.

So, the Exam Cram book may be useful for someone who's never, ever worked in InfoSec before, and is thinking of starting a career with an eye towards CISSP certification (I imagine the crypto stuff might be hard for someone who's never worked with/studied modern crypto, for example). Can't say it's useful for current professionals, though.

Rating:
Summary: Best for experienced Administrators & Engineers
Review: If you are already a skilled systems engineer that is familiar with the concepts of TCP/IP and account logon policy, then this book will cover the additional areas that ISC(2) require. The ~100 practice questions in this book were very VERY helpful, similar to the Transcender format where it explains why the correct choice, and the reasons the incorrect answers are false.

I reviewed just the practice questions and passed my test on the first try. Just because the test is $500, don't try to "out think" the questions, pick the logical answer and the practice questions in this book will verify you are picking the answers that ISC(2) agree are logical.

For many skilled SE's and SA's, the CISSP study materials are a cure for insomnia and tedious to read, almost like reading your local state DMV drivers license instruction book, almost as bad as a life insurance policy terms and conditions.

For those who are already technically skilled, this book is a great choice.

Rating:
Summary: Best for experienced Administrators & Engineers
Review: The content and especially the questions are very low level. I refuse to believe this is representative of the actual exam. After reading it I can say I've learned a couple new acronyms but that's about it. This is my 1st book on the subject, hope the others are better.

Rating:
Summary: Good for review
Review: This book is very good for a review of the CISSP material.

but do not use it as your main reference.