"Ideal preparation tool for the CISSP exam; gives you exactly what you need to know in an accurate, concentrated, no frills, no fluff manner. The exam warnings, clear explanations about common misconceptions, are priceless and I learned a lot from them."--Stephen Northcutt, President, SANS Technology Institute "For anyone serious about passing the exam I would recommend this book to be one of their guides and award the book nine out of ten in terms of its approach, coverage of the material and applicability to the task of preparing a student for the CISSP exam overall."--Jim McGhie, MBCS, CEng CITP "The CISSP certification is the very first and most prestigious, globally-recognized, vendor-neutral exam for information security professionals. This new study guide is aligned to cover all of the material included in the exam complete with special attention to recent updates."--Dierdre Blake on Dr. Dobb's Journal "[T]he book contains all the necessary topics that you will need to know to review for the exam. Overall the book is more concise than the majority of the other CISSP study guides available. It uses techniques such as "Learn By Example" and "Exam Warning" boxes to illustrate and highlight key points. Well written by technically competent authors, I found the book easy to read. Significantly cheaper than many of its peers, this is all that the more experienced prospective CISSP candidate requires."--InfoSecReviews.com
Eric Conrad is a SANS Certified Instructor who has successfully taught hundreds of students to pass the CISSP. His career began in 1991, as a Unix sysadmin for a small oceanographic communications company. He gained experience in a variety of industries, including research, education, power, internet, healthcare, and has worked with companies such as Mitsubishi Electric Research Labs, Boston University, The Open Group, Navipath, and Caritas Christi Health Care. He is now an independent information security consultant focusing on intrusion detection, incident handling, and penetration testing. In addition to the CISSP, he holds the prestigious GIAC Security Expert (GSE) certification, as well as GIAC GPEN, GCIH, GCIA, GCFA, GAWN, and GSEC certifications. He is a contributing author to SANS HIPAA Security Implementation.
Seth Misenar is a certified SANS instructor and also serves as lead consultant and founder of Jackson, Mississippi-based Context Security, which provides information security though leadership, independent > research, and security training. Seth's background includes network and Web application penetration testing, vulnerability assessment, regulatory compliance efforts, security architecture design, and > general security consulting. He has previously served as both physical and network security consultant for Fortune 100 companies as well as the HIPAA and information security officer for a state government agency. Prior to becoming a security geek, Seth received a BS in philosophy from Millsaps College, where he was twice selected for a Ford Teaching Fellowship.Also, Seth is no stranger to certifications and thus far has achieved credentials which include, but are not limited to, the following: CISSP, GPEN, GWAPT, GSEC, GCIA, GCIH, GCWN, GCFA, and MCSE. Beyond his security consulting practice, Seth is a regular instructor for SANS. He teaches numerous SANS classes, including SEC401: SANS Security Essentials Bootcamp Style, SEC504: Hacker Techniques, Exploits, and Incident Handling, and SEC542: Web App Penetration Testing and Ethical Hacking. Seth also serves as both virtual mentor and technical director for SANS OnDemand, the online > course delivery arm of the SANS Institute.
Joshua Feldman, CISSP, has supported the Department of Defense Information Systems Agency Information Assurance education, training, and awareness program since 2002. During his tenure, he has contributed to the DoD 8500 series, specifically conducting research and authoring sections of the DoD 8570.01-M, also known as the DoD IA Workforce Improvement Program. He has taught well over 1000 DoD students through his "DoD IA Boot Camp" course. He also is a subject matter expert for the web-based Information Assurance training every DoD user is required to take each year as part of their security awareness curriculum. He is a regular presenter and panel member at the Information Assurance Symposium, hosted by both DISA and NSA each year. Before joining the support team at DoD/DISA, Joshua spent time as an IT Sec engineer working for the Department of State, Diplomatic Security. There, he travelled to embassies world-wide to conduct Tiger Team assessments of the security of each post. His trips included the US Mission to the U.N., Cairo, Sri Lanka, Paris, and China. Joshua got his start in the IT Security field when he left his position teaching science for Montgomery County Public Schools, Maryland and went to work for NFR Security Software. There, he worked as both a trainer and engineer implementing at the time a brand new set of technologies called, IDS technologies, and instructing customers how to properly configure these new appliances.
