It's good to get study questions from an authority. Since this review is pre-CISSP test I can't speak to the value of those questions. I'm certain they'll be right on target though.

I liked the book very much. I liked that newer information is included like wireless networking HIPAA and other topics.

I think the book is about 100 pages too thick. One can literally rip out the first 99 pages and not loose any content. The first 99 pages are all the questions. The rest of the book are the questions repeated again along with the answers. I couldn't help but think someone went out of their way to create a bigger book knowing that all the information could've been covered in fewer pages.

Since the original CISSP Study Guide is also formatted this way I guess it's okay, but it still wastes a lot of paper IMHO and more than likely adds to the cost of the book.

Call it a pet peave I guess. Other than that, a great book and highly recommended.

Russell Dean Vines and Ronald Krutz have yet another first rate manual; for the CISSP exam. The authors have gone the extra mile to produced a book that an additional studsy guide companion to their already successful CISSP Study Guide.

This is not an addendum to the first book but rather a cut to bone manual that focuses on the exam objectives. While it may appear that the small manual is nothing more than questions and answers, after reading the text I found it provided more than just bullet points.

There is over 200 questions with detailed explanations to work with as well as a cd-rom, using the highly successful, Boson testing engine with an additional set of practice questions. Used as a final preparation tool or as a supplement to The CISSP Prep Guide, either way you have a great study tool.

Advanced Q&A is exactly what was needed as a companion to the CISSP Prep Guide. The questions in the original Prep Guide seemed too easy, and these are definitely not easy! It has been suggested to read the Prep Guide and answer the All-in-One questions, but now with the CD included, that's not necessary; Advanced Q&A is a complete study solution.

Writing a book on wireless security is like writing a book on safe skydiving - if you want the safety and security, just don't do it. Hard-wired (cabled) networks have been around for decades and they are still for the most part insecure. Wireless networking (focusing on 802.11), which has been around for only a few years, is clearly an insecure technology. With that, there is currently not a lot to write about when it comes to effective wireless security.

Wireless Security Essentials: Defending Mobile Systems from Data Piracy confirms that there is little to say on this topic because although it is 345 pages in length, only about 75 pages deal with wireless security. Of those 75 pages (pages 135 - 207), about 15 pages discuss vendor products.

The first 135 pages and 4 chapters of the book are an introduction to computer technology, networking, wireless security, and basic security issues. In addition to the 75 pages on wireless security, pages 209 - 345 are composed of a comprehensive glossary and 4 appendixes.

Only in chapter 5 does the book get into " wireless security". For the most part, people equate wireless with 802.11. Within 802.11, the security functionality is provided by WEP (Wired Equivalent Privacy), which provides the underlying security of 802.11. But an insurmountable problem is that WEP has been proven (see Breaking 802.11 Security at [URL]) to be seriously flawed, and is therefore insecure. Since the security foundation of 802.11 is basically nil, 802.11 networks as of this writing simply can't be adequately secured.

So why do companies deploy wireless networks given their inherent security risks? For the same reason they deploy Windows -- functionality. While Windows is for the most part an insecure operating system, its functionality is huge, and history has shown that functionality wins over security.

The functionality of wireless has even given birth to a new pastime of war chalking. War chalking is when an area of public access has been determined to have a wireless access point available, it is marked with chalk to let everyone know. For more information on war chalking, see [URL]

While the book does have valuable information, the fact that only 75 pages of it are specific to wireless security may not warrant its [price] purchase price. There are numerous free articles on the Internet that provide roughly the same amount of information and may be more cost effective to most readers. One place to start is The Unofficial 802.11 Security Web Page at [URL]/ and also 802.11 Security Beyond WEP at [URL].

The title may lead you to believe that only wireless security is addressed but this book is a complete source of security information and reference material that is useful for any computer user.

It provides detailed information on security standards and policies. Both for the wireless and connected environments. There is also specific information for the products of major vendors.

The true test of whether or not a technical book is useful is whether or not you can apply the information provided to the real world. After finding an unknown machine attached to my wireless network one day I was glad I had this book handy. It proved an invaluable asset in locking down our system and accessing any damage.

highly recommended for anyone interested in security. Wireless or not.

If you think the only thing you need to do to ensure wireless security is not leaving your cell phone lying around, you should check this book out. I went right to this book, mostly because of the author, and it did not disappoint. His CISSP Prep Guide is also an amazing book.

Security, security, security, that's seems to be the hottest growing area of the IT industry over the last 18 months. CompTIA release of the security+ exam is the foundational standard by which companies have set a measuring stick for those looking to break into the Security field.

In this book the authors have given you a good breakdown of the domains associated with a very tough exam. The authors seem to have covered every objective and the material is technically accurate and up to date.

The book has over 150 practice questions included. What I found to be most helpful was the communication security as well as the infrastructure security sections. Looking at the overall content of the book you should have a good base in which to learn from.

I was very pleased with the cdrom included, which has a practice question using the Boson Testing engine. Overall the authors have created a very good study guide and based on what I have seen from the exam, this book should help.

After reviewing most of the Security+ material on the market, this book helped me the most in passing the CompTia certification. It appears to be the only Sec+ book authored by a Security+ certified professional, and the questions in the book and extra questions on the CD were dead on.

The CISSP Prep Guide: Gold Edition is a very comprehensive, technical guide that will help you pass the CISSP. It is also horrible to read. If you need a reference guide to build on a few weak areas covered by this exam then you might find this book a valuable reference. I am very familiar with Telecom and networking, but need to read up on most other section. For this, I have been turning to a book purchased by a co-worker: CISSP Cert Exam Guide by Shon Harris. I don't know if the Harris book has the same information coverage as the Gold Edition, but it is far easier to read. Take this advice: Read a few sections of each book. These are too expensive to take the chance - I took the chance and regret it...

The CISSP Prep Guide: Gold Edition is a very good reference for anyone wanting to study for the exam.

The Gold Edition is quite comprehensive, and covers all of the core elements of the CBK. The often overly technical writing makes the book difficult to read at times.

While most test software that comes with books is often second rate, the CD-ROM Prep Exam guides are quite valuable. The CD-ROM contains over 360 questions on the 10 areas of the CBK.

While no one should not base his or her entire CISSP exam preparation on any single reference, The CISSP Prep Guide: Gold Edition is nonetheless a good place to start.

I just took the CISSP exam after three weeks of studying, with The CISSP Prep Guide: Gold Edition as my main study guide. Unfortunately, Krutz & Vines have included a wealth of information that I didn't need to know, meaning I spent hours memorizing superfluous information. For example, they delve into the gory details of the various cryptographic algorithms. I was careful to learn that information, only to have another exam guide point out that "the CISSP exam does not cover the specific details of how cryptographic algorithms work, so if you are confused by this information, feel free to move on."
While it is true that you can do well on the CISSP test by studying this book, you don't need much of the information presented here, and most of it is presented more concisely in other study guides. Furthermore, other study guides I used contained valuable information that was not in this book, information that did appear in test questions.
As goofy and badly-written as it may seem, Shon Harris's study guide will serve you better in the end.

I studied this work 30-days before taking the CISSP November 2001 examination. You don't pass the CISSP exam from just reading; broad experience is mandatory. The 'Prep Guide' helped me pull my experience into focus for the exam; the book does not give you the answers on the test, it helps you understand the concepts, thus, it helps the reader understand the exam questions which in turn allows the exam taker to go quickly into deep memory and find the answer that most resembles those on the exam. Of all the thousands of dollars of "security" books that I have purchased, read, and studied, the 'Prep Guide' is the only one that extensively covers the broad spectrum of topics emphasized in the exam.

Main plusses of the book:
(1)It keeps you focused in your study,
(2) The scholarly writing is a good preparation for the way the examination questions are stated,
(3) It will continue to be a solid reference book in my security practioners library (the added HIPAA information may have been filler but I find it useful in the profession if not for the exam), and
(4) Best price of any prepration security book for the focused information that it provides.

Oh, yes, and it helped me receive my CISSP certification in November. Buy the book and study the book, you will not go wrong.

This book is exactly what CISSP candidates need to prepare for the exam. The authors make sure to cover the CISSP Common Body of Knowledge in enough detail, give pointers along the way, and include sample questions to practice for the exam.

Since this is a study guide, the emphasis is on breadth, not depth of coverage, and that's the way it should be.

Several inaccuracies and typos should be corrected in the second edition (e.g. the description of lattice-based control on p. 34, or sample question 9 in Chapter 10 and its answer).

So is this now my favorite survey of computer and information security? Not quite. I still prefer "Secure Computing" by Rita C. Summers, even though it is already 4 years old. Unfortunately it is out of print, and it is a mystery why McGraw Hill wouldn't print a few thousand copies to satisfy the demand.

Another CISSP prep book is coming soon (Mandy Andress, "CISSP Exam Cram"). Let's hope it will be as good as the Prep Guide.

It's been said many times that the vast ocean of the CISSP Common Body of
Knowledge (CBK) is fifty miles wide and two miles deep and preparing for it
can be quite an overwhelming endeavor. Various on-line study groups and web
sites have numerous suggestions and links where freely available materials
and helpful hints may be found. It's been said many
times over that NO one book can effectively cover the CBK and to prepare the
CISSP candidate for the exam. I too have amassed a large collection of the
most suggested tombs. Well The CISSP Prep Guide almost negates this
statement. The CISSP Prep Guide is now the FIRST place to start! I wish it
had been in print a year ago when I began my quest for the CISSP. It is a
complete and affordable textbook covering the MEAT of the CBK. This book
completely defines and explains the major points of the CBK. It is an
extremely readable and understandable text. If you can't afford attending
the ISC2 CISSP Seminar either because of cost or time away from work this
book is for you. If you have already attended the CISSP Seminar this book
is for you. I was blessed by having the opportunity in attending the CISSP
Seminar yet I am still finding that The CISSP Prep Guide is building upon
the materials presented in the seminar. I can see where my copy of The
CISSP Prep Guide will quickly become a dog-eared reference text that I use
to refer to while carrying out my duties as an Information Systems Security
Officer .

It must be difficult to write an exam review book before the exam is actually offered. I purchased this book for additional reference before taking the CISM Exam over the past weekend; 6/03. This was the first time the exam has been offered to the public. I estimate that 80% of the exam questions where not covered in this book. While the material presented by the author's is valid, it did not help much in terms of the exam. This book is much more useful for someone trying to obtain the CISSP not CISM.