Download
We offer that is written for answering your inquiries for this moment. This recommended publication can be the reason of you to lays extra little time in the night or in your workplace. But, it will certainly not interrupt your works or responsibilities, certainly. Managing the moment to not just get as well as check out the book is really easy. You could only require couple of times in a day to complete a web page to some pages for this It will not cost so hard to after that end up the book up until completion.
Download
Where you could find the quickly? Is it in guide store? On-line publication store? are you sure? Keep in mind that you will discover the book in this site. This publication is very referred for you due to the fact that it offers not only the experience however likewise lesson. The lessons are really important to serve for you, that's not concerning who are reading this book. It is about this book that will offer wellness for all individuals from many societies.
And also why don't attempt this publication to read? is among one of the most referred analysis material for any kind of degrees. When you truly want to seek for the brand-new motivating book to check out and you do not have any suggestions whatsoever, this following book can be taken. This is not made complex publication, no difficult words to check out, and also any complex motif and subjects to comprehend. The book is extremely valued to be one of the most inspiring coming books this just recently.
Also you have guide to check out only; it will certainly not make you really feel that your time is really limited. It is not just regarding the moment that can make you really feel so wanted to sign up with guide. When you have actually chosen the book to read, you could save the time, also few time to constantly review. When you think that the moment is not just for obtaining guide, you could take it here. This is why we pertain to you to provide the easy ways in obtaining the book.
Really, we cannot require you to read. But, by inspiring you to read this it could aid you to realize something new in your life. It is not pricey, it's very affordable. Within that budget friendly rate, you could obtain lots of points from this book. So, are you sill uncertainty with this boom will offer you? Let make change to earn better your life and all life on the planet.
Product details
File Size: 46098 KB
Print Length: 600 pages
Publisher: Auerbach Publications; 2 edition (August 29, 2013)
Publication Date: August 29, 2013
Sold by: Amazon Digital Services LLC
Language: English
ASIN: B00FOVG306
Text-to-Speech:
Not enabled
P.when("jQuery", "a-popover", "ready").execute(function ($, popover) {
var $ttsPopover = $('#ttsPop');
popover.create($ttsPopover, {
"closeButton": "false",
"position": "triggerBottom",
"width": "256",
"popoverLabel": "Text-to-Speech Popover",
"closeButtonLabel": "Text-to-Speech Close Popover",
"content": '
});
});
X-Ray:
Not Enabled
P.when("jQuery", "a-popover", "ready").execute(function ($, popover) {
var $xrayPopover = $('#xrayPop_1A29F5FA5BD011E9ABE7184B9DDE572D');
popover.create($xrayPopover, {
"closeButton": "false",
"position": "triggerBottom",
"width": "256",
"popoverLabel": "X-Ray Popover ",
"closeButtonLabel": "X-Ray Close Popover",
"content": '
});
});
Word Wise: Not Enabled
Lending: Not Enabled
Enhanced Typesetting:
Not Enabled
P.when("jQuery", "a-popover", "ready").execute(function ($, popover) {
var $typesettingPopover = $('#typesettingPopover');
popover.create($typesettingPopover, {
"position": "triggerBottom",
"width": "256",
"content": '
"popoverLabel": "Enhanced Typesetting Popover",
"closeButtonLabel": "Enhanced Typesetting Close Popover"
});
});
Amazon Best Sellers Rank:
#103,118 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
Bottom line: Most of the content covered in the book wasn't in the exam. Even if you find the writing style tolerable, the mis-match between the study guide and exam is what's offensive to me.It feels to me like the authors were writing the book blind. ISC(2) ought to at least give the "endorsed" authors an NDA and let them browse through the question bank as they're writing. What they wrote in this book somehow managed to cover the topics in a way that didn't help on the exam.I got sick of reading sentences like "It is important for the security architect to consider..." That phrase or a similar variant appears frequently. The whole first two chapters, as 1/2 of the book, were nothing but some light discourse on topics architects should be aware of. The writing sucks. It's painful to read. I feel like I'm the subject of someone's late night project that they were dreading to write. The authors didn't have fun, they stick to too many academic writing formalities, which bored the authors, and it shows.Way too many topics are discussed as if the reader is an ignorant fool, like defining what a fingerprint reader is or what authentication is - topics which any CISSP already covered in way more detail before even starting ISSAP studying.The networking chapter's author seems to only have a tiny knowledge on basic topics like a web DMZ, or thinks that the reader will be too dumb to grasp any real detail about them. There were several mentions of 56k dialup and modems and large swaths of discussion seemed to focus more on giving a history lesson than trying to introduce the reader to details of modern technologies. The reader is warned about "mobile code" defined as JavaScript, VBScript, Java, and ActiveX as that can be malicious and "activated" when clicked. Well duh. I expected to read about mobile devices like phones when I saw the mobile code section heading. The networking chapter author also clearly specializing in Microsoft products at their work.Cryptography was discussed a bit more nicely than the previous two chapters, but got bogged down in the details of PKI.The author of Chapter 4 had some fun with the writing and made it more conversational, even though it still talks about email spreading viruses like that's new information. Even without some additional editing, Chapter 4 isn't dreadful to read like the first half of the book.The end of chapter practice tests are hurriedly-written, don't test meaningful topics, and I think I picked out at least two cases where the "correct" answer is plain wrong.
Three part review below:1) 2nd ed. vs. 1st ed text comparison. (NOTE - CIB = Candidate Information Bulletin, downloaded 8/13).2) Opinion on exam prep usefulness, and what I did to actually pass the ISSAP exam.3) Opinion on usefulness for the Security Architect role. (ISSAP + SABSA = winner).PART ONE: After purchasing the prior edition and this edition, I'll run through two sections for this review so you can get an idea of text improvements below. Physically speaking - the 2nd edition has much larger font for the majority of the text - but not the tables and figures. Yes, the font got SMALLER in many of the tables and figures (like the attack vectors table). Some of the figures were visually changed - but not the content.Note - this is a *reference* text designed to provide *essential* coverage of key topics - it will not replace in depth reading. For example - there are several summary / key points pages on the Common Criteria, which is several hundred pages itself as a source doc. Many of the relevant NIST docs are highly summarized as well.Technical BCP: In particular, the Technical BCP section has expanded/improved (a common criticism of the 1st edition.) There are many footnotes spread throughout the text to augment the text. There is an improved BIA discussion. The BCP section also now includes an "architecture focused" discussion of the domain. One really nice - and useful in real life - section in the 2nd edition is the "walk through of a DR Plan" with emphasis for the Security Architect.Security Architecture: Based on the ToC, the domain has changed names; content is similar, though (I don't have the prior ISC2 CIB to know). I did notice some additional paragraphs after the `attack vector' table which makes critical points - vector is NOT the same as payload, for example. Some of the attack vectors were also improved, along with a few new ones. The "Common Criteria" support tables discussion has also improved in content, keeping current w/ updates to the CC. The CMM model has improved, along with changes to the figures and expansion of the text. The architectural solutions section has some updated text, but the figure in the 2nd edition (4.6, 4.3 in the 1st) got smaller! The DODAF 2.02 is now current (improved also, assume it had corrections applied - I assume, I've never read the original DODAF). The 1st edition discussed DODAF 2.0.PART TWO: I've been in the technical security business (engineering, three SIEM implementations, eDiscovery/incident response, policy/procedure, design, architecture) for 10+ years, have taught the CISSP curriculum for SANS, and participated in two update cycles for the ISC2 CISSP material. With all that, here is what I did to pass the exam. If you have breadth and hands on technical depth in your career, TAKE THE EXAM!!!!A) Read the "Access Control" and "Security Architecture Analysis" sections completely (get their language).B) Skimmed the Technical BCP section. (like, 15 minutes).C) Used the 36 page ISSAP mind maps from "expandingsecurity.com". These were a GREAT resource. Use them and this book. Spent hrs. w/ these.D) Read the Wikipedia articles for CIB topics that weren't in the book ToC (maybe a few hours).E) Did not read "telecom" and "physical" chapters - I'd skimmed those a while back, when I got the first edition, glanced at the ToC.Passed exam.The other thing that REALLY helped was the SABSA Foundation course - many of the thinking/synthesis concepts in that course are highly relevant to the ISSAP discipline (you can see this in the book). I suggest the "Enterprise Security Architecture" blue book as well for your prep.Will this textbook help you? Sure it will, especially if you are `young in the tooth' when it comes to technical security architecture. It will help you find your weak spots. It aligns with most of the Q2/2013 CIB. It has been refreshed/updated, with more complete CIB coverage. However, if you want 100% coverage of the CIB, you need to look for a few more resources. For example - I could not find "Service Oriented Modeling Framework" or "Supervisory Control And Data Acquisition" in the ToC, the index (on the CIB), or the most likely sections in the text. I double checked, skimmed - not there, as far as I can tell. No comment if these concepts were on the test or not!PART THREE: As a principle enterprise and security architect of a Fortune 500 healthcare company, I've often wanted to augment my credential set with the ISC2 ISSAP. About two years ago I attended the SABSA course - and while that course and model is the only preparation I've found for the business focused aspects of the "Security Architect" position, the ISSAP, on the other hand, as described in this text, is focused on assessing if someone has breadth and depth in the technical aspects of security architecture. As a consumer of both - the SABSA course and certification and the ISSAP certification - I am happy to have both, although SABSA is more relevant when it comes to working with the business.
This book is rife with typographical and formatting errors, poorly organized, and has several technical inaccuracies / obsolete information. While organized in the same manner as the CBK with one chapter per domain, this makes for extremely long chapters (the first three being 100+ pages) with no hierarchical organization (it really should be in sections with multiple chapters per domain, but if not have multiple sub-heading levels so you can move from topic to topic within a domain easily). Highly relevant and accurate sections of this 2014 edition include PCM analog voice transmission, several pages on secure modems, an in depth (and not fully accurate) discussion of SSL3.0 with only a mention of TLS. (SSL has been recommended for retirement for several years and finally was retired around the time of publishing, so a forward looking book should be dealing with TLS, or at least addressing migration from SSL to TLS in a forward looking manner).While the dated material may be due to an outdated CBK in which case it will still be necessary for the exam (this is an exam prep book after all), ISC2 should be no less ashamed of that fact either.Two stars assumes it will still be useful for the exam (I have not taken it yet).
ISC2 reorganized the domains in 2017 and there are holes in coverage. You will not be adequately prepared for the exam if this is your only study tool.
I'm impressed, well written and has some good practice questions.
I didn't believe the reviews, I should have. The book really is full of typos, grammar mistakes, and outdated information. I didn't find anything totally inaccurate though, and it is readable.
I liked it.
PDF
EPub
Doc
iBooks
rtf
Mobipocket
Kindle
Posting Komentar