Auteurs similaires à suivre
Gérer vos suivis
Les clients ont aussi acheté des articles de
Mises à jour de l'auteur
This book has a nickname, CISSP Sudoku 365, a metaphor of turning the 365 questions into the exciting game, Sudoku. It is for CISSP aspirants who:
- intend to learn by topics,
- finish the first round of study, or
- sprint for the CISSP exam.
Reasoning and Justification
This book not only provides a pool of quality questions and suggested answer keys but also advocates reasoning and justification. Most of the questions synthesize two or more facts and entail an analysis of the implications.
How to Use This Book
To use this book effectively, readers need to:
- think, research, and study intensively,
- use judgment and critical thinking, and
- develop justification and identify the best answer.
Handy Navigation Experience
This book also features its handy navigation experience. Readers can navigate between questions and answers and justification from the author's blog. If you have tried this Sudoku challenge and not retreated, you may feel more comfortable in the real exam.
"This book should be part of your study plan for the CISSP." -J. Stapp
The Effective CISSP: Security and Risk Management is for CISSP aspirants and those who are interested in information security or confused by cybersecurity buzzwords and jargon. It is a supplement, not a replacement, to the CISSP study guides that CISSP aspirants have used as their primary source. It introduces core concepts, not all topics, of Domain One in the CISSP CBK - Security and Risk Management. It helps CISSP aspirants build a conceptual security model or blueprint so that they can proceed to read other materials, learn confidently and with less frustration, and pass the CISSP exam accordingly. Moreover, this book is also beneficial for ISSMP, CISM, and other cybersecurity certifications.
This book proposes an integral conceptual security model by integrating ISO 31000, NIST FARM Risk Framework, and PMI Organizational Project Management (OPM) Framework to provide a holistic view for CISSP aspirants. It introduces two overarching models as the guidance for the first CISSP Domain: Wentz's Risk and Governance Model.
- Wentz's Risk Model is based on the concept of neutral risk and integrates the Peacock Model, the Onion Model, and the Protection Ring Model derived from the NIST Generic Risk Model.
- Wentz's Governance Model is derived from the integral discipline of governance, risk management, and compliance.
There are six chapters in this book organized structurally and sequenced logically. If you are new to CISSP, read them in sequence; if you are eager to learn anything and have a bird view from one thousand feet high, the author highly suggests keeping an eye on Chapter 2 Security and Risk Management.
This book, as both a tutorial and reference, deserves space on your bookshelf.