Statistics can be misleading, but last year, security professionals who earned (ISC)2’s CISSP certification reported earning an average $7,140 raise as a result. That’s the second highest payback of 37 credentials studied by Certification magazine, and it reflects a first-year ROI of 7.9 to 1.
Over the past two years, CISSP has clearly emerged as the industry’s No. 1 security certification. For instance, when the U.S. National Security Agency sought to establish its own elite infosecurity certification, it partnered with (ISC)2 to build that certification on top of CISSP. If that’s not an endorsement, what is?
To earn your CISSP, you need to pass one brutally tough exam. It’s six hours long, with 250 questions covering all ten domains of the CISSP “Common Body of Knowledge. That means you’ll need a deep understanding of everything from networking to operations, cryptography to law, access control to disaster recovery. Fortunately, there’s an equally systematic study tool: CISSP All-in-One Certification Exam Guide, Second Edition by Shon Harris.
Harris is a member of the U.S. Air Force’s Information Warfare unit, as well as contributing writer to Information Security magazine. (She contributed some of the toughest scenarios in the recent bestseller Hacker’s Challenge.)
She’s also “starred” as instructor in a series of weeklong CISSP bootcamps, earning raves from attendees who paid several thousand dollars apiece to participate. As one put it recently, “Shon lives and breathes the 10 Domains. A more qualified and capable CISSP instructor you could not find.”
She’s just updated her study guide to fully reflect the just-released version of the CISSP exam, with new coverage of the latest topics -- from wireless LAN security to penetration testing, asynchronous attacks to transborder information flow.
The new coverage is woven into clear and careful discussions of every exam objective. To name just a few: authentication, passwords, monitoring, firewalls, security models, physical security, protecting software applications, network security up and down the ISO stack, PKI, attacks and countermeasures, and incident investigation.
Harris is especially strong when it comes to day-to-day, “non-sexy” security management practices that systematically reduce the risk of attack or compromise.
Here, she addresses everything from risk management to policies and procedures, security baselining to information classification, security organization to internal training and awareness programs. You’ll especially appreciate her detailed walk-throughs of qualitative and quantitative risk analyses, and her list of 19 factors to take into account when evaluating safeguards.
CISSP All-in-One Certification Exam Guide, Second Edition is replete with practical examples and scenarios. Best of all, Shon Harris brings exceptional real-world insight to information security. Pros. Cons. Limitations. Trade-offs. And if you like sample questions, this book is a bonanza. You’ll find more than 1,000, including hundreds on CD-ROM.
That disk also contains live video training from Shon Harris -- so you can see for yourself what top security professionals gladly paid thousands of dollars for. Bill Camarda
Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks for Dummies, Second Edition.