This page contains
links, books, & pointers to other web pages dealing with the ISC2
CISSP
exam,
While we're striving to have the best CISSP study information,
please send
suggestions to: wk [at] c4i.org
All book sales go towards the
C4I.org
general fund...
Heck, buy an
Apple Quad Processor G5 Desktop to help that along nicely, you will thank us later!
Mailing Lists
CISSP-Discuss
This group promotes information exchange among those who are
self-studying for the CISSP exam. To locate a study group
in your area, post a message at the forum for study groups
at http://www.cissps.com
HIPAA-CISSP Discussions
specifically focused on HIPAA Security regulations and issues by
CISSP's.
The HIPAA-CISSP discussion list is intended for discourse on
the interpretation, implementation, and issues associated with
compliance to the HIPAA security regulations. It is
expected that the majority of the participants on the list will
be CISSP's that are primarily focused on HIPAA compliance issues.
InfoSec
News
UPDATED - InfoSec News is a privately run, medium traffic list that caters to
distribution of information security news articles. These articles will come from newspapers, magazines,
online resources, and more.
Shop InfoSec
News
UPDATED - Best Selling Security Books & More!
Books
CISSP
All-in-One Exam Guide (Third Edition)
by Shon Harris
This authoritative reference offers
complete coverage of all material on the Certified Information
Systems Security Practitioner (CISSP) exam. You'll find exam
objectives at the beginning of each chapter, helpful exam tips,
end-of-chapter practice questions, and photographs and
illustrations. The bonus CD-ROM contains practice tests and
hundreds of questions. This comprehensive guide not only helps
you pass this challenging certification exam, but will also serve
as an invaluable on-the-job reference.
Advanced
CISSP Prep Guide: Exam Q&A
by Ronald L. Krutz, Russell Dean Vines
Used
alone or as an in-depth supplement to the bestselling The CISSP Prep Guide, this
book provides you with an even more intensive preparation for the CISSP exam.
With the help of more than 300 advanced questions and detailed answers, you'll
gain a better understanding of the key concepts associated with the ten domains
of the common body of knowledge (CBK). Each question is designed to test you on
the information you'll need to know in order to pass the exam. Along with
explanations of the answers to these advanced questions, you'll find discussions
on some common incorrect responses as well.
The
CISSP Prep Guide: Mastering the Ten Domains of Computer Security
by Ronald L. Krutz,
Russell Dean Vines, Edward M. Stroz
The
CISSP Prep Guide, one of only a handful of books on its
subject, does a good job of giving readers a feel for the scope
of the test and the style of its questions. It's ideal for use
either as a preliminary survey of the CISSP subject areas (the
test's publisher and the authors of this book call them
"domains") for relative newcomers to computer security,
or as a pure study guide to help more experienced professionals
zero in on the weak spots in their knowledge. Don't expect to do
well on the CISSP exam having only read this book. You'll want to
have some practical experience and some specialized reading under
your belt.
The CISSP Prep Guide: Gold Edition
by Ronald L. Krutz & Russell Dean
Vines
The CISSP Prep Guide: Gold Edition
has been updated to include CISSP bonus questions never before published and advanced
question and answer tutorial, the CD-ROM contains 660 questions of which 360 have never
before been available electronically, and all questions have been designed with Boson, the
premier interactive test engine for technical books in the industry.
Information Security Management Handbook, Fifth Edition
by Harold F. Tipton (Editor) & Micki
Krause (Editor)
Since 1993, the Information Security
Management Handbook has served not only as an everyday reference for information
security practitioners but also as an important document for conducting the intense
review necessary to prepare for the Certified Information System Security Professional
(CISSP) examination. Now completely revised and updated and in its fifth edition, the
handbook maps the ten domains of the Information Security Common Body of Knowledge and
provides a complete understanding of all the items in it. This is a "must have" book,
both for preparing for the CISSP exam and as a comprehensive, up-to-date reference.
CISSP
For Dummies
by Lawrence C.
Miller, Peter Gregory
It can be a long and difficult road to
CISSP certification, but this book will help readers survive! It
offers a blueprint to CISSP exam success, presenting numerous
self-assessment tools to help readers gauge their progress. It
also includes several test-taking tips and plenty of resources
for further study.
The
Total CISSP Exam Prep Book: Practice Questions, Answers, and Test
Taking Tips and Techniques
by Thomas Peltier,
Patrick D. Howard
Written by
ten subject matter experts, this test prep book allows Certified
Information Systems Security Professional (CISSP) candidates to
test their knowledge in each of the ten security domains that
make up the common body of knowledge upon which the CISSP exam is
based. Each subject is briefly outlined, and sample quizes and
explained answers are given for each domain. There is also
material on testing strategies and exam preparation approaches.
The authors are instructors for the Computer Security Institute.
CISSP Training Guide
by Roberta Bragg
This book maps to the exam objectives and offers numerous features such
as exam tips, case studies, and practice exams. In addition, the CD includes
PrepLogic Practice Tests, Preview Edition, making it the ultimate guide for
those studying for the CISSP exam.
CISSP
Exam Cram
by Mandy Andress
The CISSP Exam Cram is an exciting new
study guide for the rapidly growing number of professionals
seeking to pass the CISSP certification exam. Clear, concise, and
highly focused content lays out core technologies covered on the
exam like Access Control, Compute Operations Security,
Cryptography, Application Program Security, Communications
Security, and Systems and Physical Security. Candidates gain a
significant advantage during the test from the book's tear-out
cram sheets and memory joggers, sections on proven test-taking
strategies, warnings on trick questions, and time-saving study tips.
Secured
Computing: A Cissp Study Guide
by Carl F. Endorf,
Chad Johnson (Editor)
This study
guide is designed for the experienced Security Professional. This
guide will help to supplement your studies and further your goal
of acquiring the CISSP designation. The book is designed for a
security professional by a security professional. The author has
strived to take the information that is needed to be successful
in the security arena and to condense it into one concise volume.
Official
(ISC)2 Guide to the CISSP Exam
by Susan Hansche, John Berti, Chris Hare
Candidates for the CISSP exam can now go directly to the source for study materials that
are indispensable in achieving certification. The Official (ISC)2 Guide to the
CISSP Exam is derived from the actual CBK review course created and administered
by the non-profit security consortium (ISC)2. In addition to being an invaluable
study guide, this book is detailed enough to serve as an authoritative
information security resource. Both of the guide's co-authors are CISSPs, and
the entire text has been reviewed and approved by Hal Tipton, Co-Founder and
Past President of ISSA and Co-Founder of (ISC)
Against
the Gods: The Remarkable Story of Risk
by Peter L. Bernstein
Peter Bernstein
has written a comprehensive history of man's efforts to
understand risk and probability, beginning with early gamblers in
ancient Greece, continuing through the 17th-century French
mathematicians Pascal and Fermat and up to modern chaos theory.
SRVBooks CISSP Professional Examination
Textbooks Volume I and II
by: S. Rao Vallabhaneni
Considerded "THE" cheat sheet for the
CISSP exam, Professor Vallabhaneni holds four master's degrees,
in management, accounting, industrial/systems engineering, and
chemical engineering. He is a graduate of the Advanced Management
Development Program at the University of Chicago's Graduate
School of Business. He holds the following 21 professional
certifications in the business field: CBM, CRP, CIA, CISA, CBA,
CFSA, CFE, CPA, CMA, CGFM, CCP, CDP, CSP, CISSP, ABCP, CITP,
CPIM, CQA, CQM, CQSE, and CPM, in the areas of management,
auditing, accounting, finance, information technology,
manufacturing, quality, and purchasing.
CISSP:
Certified Information Systems Security Professional Study Guide
by Ed Tittel, Mike
Chapple, James Michael Stewart
Topics
covered include security architecture, access control systems, cryptography,
operations and physical security, law, investigation & ethics. Written by IT
security experts with years of real-world security experience, this book
provides in-depth coverage of all official exam domains and includes hundreds of
challenging review questions, electronic flashcards, and a searchable electronic
version of the entire book.
Effective
Physical Security
by Lawrence J.
Fennelly (Editor)
Vulnerability
assessment and target hardening are two main components of the
crime prevention field. Effective Physical Security, 2nd edition
is written by specialists in this field and contains a wealth of
practical, immediately useful information. Material for this book
was selected from an earlier Butterworth-Heinemann publication,
Handbook of Loss Prevention and Crime Prevention, Third Edition,
and includes two completely new chapters on computer security and
access control.
Cyber
Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of
Computer Crimes
by Albert J. Marcella Jr, Robert S.
Greenfield
The
field bible for information security professionals, this book introduces you to
the broad field of cyber forensics and presents the various tools and techniques
designed to maintain control over your organization. You will understand how to,
Identify inappropriate uses of corporate IT, Examine computing environments to
identify and gather electronic evidence of wrongdoing, Secure corporate systems
from further misuse, Identify individuals responsible for engaging in
inappropriate acts taken with or without corporate computing systems,
& Protect and secure electronic evidence from intentional or accidental
modification or destruction.
The Shellcoder's Handbook: Discovering and Exploiting Security Holes
by Jack Koziol, David Litchfield, Dave Aitel, Chris Anley,
Sinan "noir" Eren, Neel Mehta, Riley Hassell
Examines
where security holes come from, how to discover them, how hackers exploit them
and take control of systems on a daily basis, and most importantly, how to close
these security holes so they never occur again. A unique author team-a blend of
industry and underground experts- explain the techniques that readers can use to
uncover security holes in any software or operating system. Shows how to
pinpoint vulnerabilities in popular operating systems (including Windows, Linux,
and Solaris) and applications (including MS SQL Server and Oracle databases).
Details how to deal with discovered vulnerabilities, sharing some previously
unpublished advanced exploits and techniques
Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition
by Stuart McClure, Joel Scambray, George Kurtz
Hacking Exposed, talks about security from an offensive angle. A Jane's-like
catalog of the weaponry that black-hat hackers use is laid out in full. Readers
see what programs are out there, get a rundown on what the programs can do, and
benefit from detailed explanations of concepts (such as wardialing and rootkits)
that most system administrators kind of understand, but perhaps not in detail.
The book also walks through how to use the more powerful and popular hacker
software, including L0phtCrack. This new edition has been updated extensively,
largely with the results of "honeypot" exercises (in which attacks on
sacrificial machines are monitored) and Windows 2000 public security trials.
There's a lot of new stuff on e-mail worms, distributed denial-of-service (DDoS)
attacks, and attacks that involve routing protocols.
The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography
by Simon Singh
The
Code Book, offers a peek into the world of cryptography and codes, from
ancient texts through computer encryption. Singh's compelling history is woven
through with stories of how codes and ciphers have played a vital role in
warfare, politics, and royal intrigue. The major theme of The Code Book
is what Singh calls "the ongoing evolutionary battle between codemakers and
codebreakers," never more clear than in the chapters devoted to World War II.
Cryptography came of age during that conflict, as secret communications became
critical to both sides' success.
Last updated 4.22.07