Problem solve Get help with specific problems with your technologies, process and projects.

Advice on preparing for the CISSP

I am in the process of studying for the CISSP in order to join the security field. I've been in the messaging world for a while (including security) and would like to know what the best way to go about receiving this certification is. I just got the prep book that people are claiming is great, but I would like to know what other resources are out there in order to get prepared for this test.

I would also like to know if there additional security certifications that are as highly regarded as this one in the security field.

Although there are lots of other good security certifications out there, the CISSP remains among the most popular and highly regarded credentials. You should check out my vendor-specific and vendor-neutral security cert surveys to get the full sweep of this landscape, which include my recommendations as to which such certification are particularly noteworthy.

As far as the CISSP goes, there are lots of good books and tools to help you prepare, including an increasing number of four- and five-day prep classes from companies like Mountain View Systems, Intense School and so forth. For the money, the best prep book available right now is described in the following summary I've written for publication elsewhere:

"Harris, Shon: CISSP All-in-One Exam Guide, Osborne McGraw-Hill, 2002, ISBN: 0072193530.
There are numerous other titles about the CISSP exam available, but this is the only one to get high ratings from both security professionals and ordinary book buyers. Covers the 10 domains in the Common Body of Knowledge (CBK) that is the focus of the CISSP exam, but also includes lots of examples, case studies and scenarios. Where other books summarize, digest and condense the information almost into almost unrecognizable forms, this book is well-written, explains most key topics quite well and lays out the landscape that the CISSP covers very well. Those with infosec training or backgrounds may be able to use this as their only study resource, but those who lack such background will want to read more widely."

(Quoted from material slated for appearance in InformIT.com Web articles on "The IT Security Bookshelf" and for an appendix in the forthcoming Que Certification title: "The ICSA Training Guide," by Mike Chapple, Deb Shinder and Shawn Porter (ISBN not yet available). Reproduced by permission of Pearson Publishing.)

In fact, I've put together a list of the top 50 or so information security books and would be glad to share a copy if you'd like to see it. Please e-mail me at edtittel@techtarget.com.

For more information on this topic, visit these other SearchSecurity resources:
Ask the Expert: The ten areas of the CISSP Common Body of Knowledge
Ask the Expert: Reading list for studying for the CISSP
Best Web Links: Infosec training, careers and events

This was last published in May 2002

Dig Deeper on CISSP certification

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.