Information security certifications are popular, and the vendor-neutral Certified Information Systems Security Professional (CISSP) is one of the most recognized. CISSP is controlled by the International Information Systems Security Certification Consortium. The exam syllabus focuses wholly on information security themes. This 2012 study guide for the CISSP certification is the revised second edition of a book originally published by the same authors, experienced security professionals, in 2010.

The CISSP certification covers ten domains: access control; telecommunications and network security; information security governance and risk management; software development security; cryptography; security architecture and design; operations security; business continuity and disaster recovery planning; legal, regulations, investigations, and compliance; and physical (environmental) security. The 11 chapters of this second edition cover all of the domains addressed in the first edition, except that the chapter on application security has been replaced by one on software development security.

The book covers the latest (2012) common body of knowledge. The self-tests at the end of each chapter are very useful, and there are two sample exams for practice. The appendix includes a useful glossary. Supplementary material is available on the book’s website (http://booksite.syngress.com/companion/conrad).

When compared with other books available for the CISSP exam [1,2,3], this book is complete and less expensive. It has features that will help readers pass the exam. Therefore, I recommend it as a good self-study guide for professionals who wish to obtain CISSP certification.

More reviews about this item: Amazon, B&N