FREE Delivery in the UK.
Only 6 left in stock (more on the way).
Dispatched from and sold by Amazon.
Gift-wrap available.
Official (ISC)2 Guide to ... has been added to your Basket
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Official (ISC)2 Guide to the CISSP CBK, Second Edition (ISC2 Press) Hardcover – 12 Jan 2010

See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle Edition
"Please retry"
"Please retry"
£27.96 £4.24

There is a newer edition of this item:

£45.97 FREE Delivery in the UK. Only 6 left in stock (more on the way). Dispatched from and sold by Amazon. Gift-wrap available.

Frequently Bought Together

Official (ISC)2 Guide to the CISSP CBK, Second Edition (ISC2 Press) + CISSP For Dummies
Price For Both: £68.36

Buy the selected items together

Product details

  • Hardcover: 968 pages
  • Publisher: Auerbach Publications; 2 edition (12 Jan 2010)
  • Language: English
  • ISBN-10: 1439809593
  • ISBN-13: 978-1439809594
  • Product Dimensions: 23.9 x 16 x 5.1 cm
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (4 customer reviews)
  • Amazon Bestsellers Rank: 325,361 in Books (See Top 100 in Books)
  • See Complete Table of Contents

Product Description


... ideal not only for information security professionals attempting to achieve CISSP certification but also for those who are trying to decide which, if any, certification to pursue. Executives and organizational managers who want a more complete understanding of all the elements that are required in effectively protecting their enterprise will also find this guide extremely useful.
—Tony Baratta, CISSP-ISSAP, ISSMP, SSCP, Director of Professional Programs, (ISC)2

About the Author

Harold F. Tipton, HFT Associates, Villa Park, California, USA

What Other Items Do Customers Buy After Viewing This Item?

Customer Reviews

4.5 out of 5 stars
5 star
4 star
3 star
2 star
1 star
See all 4 customer reviews
Share your thoughts with other customers

Most Helpful Customer Reviews

Format: Hardcover Verified Purchase
I received it pretty quick. Although the book's condition was mentioned as "Good" i guess it should be "Like New". I am pretty happy about the result. The price of the book was very reasonable for that quality.

Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
Format: Hardcover Verified Purchase
An immense text covering all the core information that should be known by a cyber security specialist. The prospect of rote learning the material for a six hour exam has made it a reference book only I am afraid. I'll stand my real experience against letters based on reading this book. That said it is well written and very well presented.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
By simeruk on 9 Sep 2011
Format: Hardcover
Excellent book. Solid cover and plenty of knowledge. If you prepare for CISSP this is a must to read before your exam.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
0 of 1 people found the following review helpful By A K SURI on 11 Oct 2011
Format: Hardcover
Delivered on time....slight damage to the hardcover but otherwise in good condition.
A good comprehensive resource for people preparing for CISSP.
Use this as your first step and then can follow up with various practice exam guides available.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Helpful Customer Reviews on Amazon.com (beta)

Amazon.com: 40 reviews
64 of 65 people found the following review helpful
An improvement? 7 Aug 2010
By M. Hawk - Published on Amazon.com
Format: Hardcover Verified Purchase
Many people have commented that the Second Edition of the Official (ISC)2 Guide to the CISSP CBK was a big improvement over the first edition. I have to wonder how bad the first edition must have been?

Before getting into the details of my concerns, let's look at the layout of this hardbound, 968 page "brick".

The book is organized in a 1:1 correspondence with the 10 Domains of the CISSP CBK (i.e. one chapter per domain). This organization is nice as compared with the All-In-One CISSP 4th Edition, which has something like 12 chapters to cover the 10 domains (which can make it hard to cross reference concepts).

Each domain is written by a different author (or authors) who are CISSP's and experts in the field covered by the domain. In concept this is a good idea, and in a few places it was clear that the authors tried to impart some real-world knowledge and experience (such as the BCP/DRP chapter). However, it also leads to contrasting writing styles and some issues with "continuity".

As one might expect, many domains have concepts that overlap. On occasion, the text of the book will call attention to areas that relate or overlap with other domains, but this is inconsistent and sometimes results in the reader having some questions in their mind about the 'big picture' of the concepts. Given the CISSP is primarily a managerial level certification, understanding the big picture is critically important.

In general, the content seemed relevant, though the organization left something to be desired (more on that later). However, I was a bit surprised to see quite a bit of disparate information in this book when compared with the official (ISC)2 Review Seminar course material. There were at least a few topics covered in one, but not the other. I would have expected there to be better alignment between two current and "official" (ISC)2 sources, and it left me somewhat questioning which resource to focus on.

Speaking of the content, as compared to the All-In-One CISSP (Shon Harris) book mentioned above, this book is more of a traditional technical guide. Shon Harris' books occasionally interject opinion that borders on 'soapbox' material. And I find her "jokes" to generally not be funny, and often distracting. Some might consider the Official (ISC)2 Guide to be dry in comparison, but in technical reference books I prefer clear and succinct writing.

As mentioned, the layout of the individual chapters could be improved. The book does follow a typical hierarchy for introducing concepts (i.e. the main topic introduced with large, bold font, sub-topics using smaller fonts, italics, etc). However, in many cases the context of the material was not introduced well at the start, leading the reader to question whether a "sub-heading" represents a new topic, or a topic relating to the previous topic. In many cases the material gets nested 5 or 6 layers deep, making it hard to differentiate whether a new section is a sub-topic or a new upper level topic. This is a bit hard to explain so I hope that is clear. Again, this certification is not about memorization, but rather concepts and how they interrelate, so the book's organization is important.

Another area that was lacking was the use of tables, figures, and diagrams. There are some tables, etc, but there really should have been a few more. This could have really helped in providing additional context for some of the topics (see previous paragraph). This is an area where the Shon Harris All-In-One CISSP is better.

I also wish the editor/publisher would have taken a bit more time to improve the index. How can key elements such as "Software Development Lifecycle" and "Common Criteria" not even have index entries? My recommendation is when reading this book and taking notes, be sure to notate page numbers in your own notes for future reference.

There were also the usual amount of typo's and a few technical errors. The quantity of errors in tech books seems to be on a slow, steady rise, so I'd consider this book to be typical or maybe only slightly worse than typical.

Ultimately, for those studying for the CISSP I would recommend this book simply because no single book covers the entire CISSP scope. Couple this book with either the CISSP All-in-One Exam Guide, Fifth Edition, or perhaps the CISSP For Dummies 3rd Edition if you are looking for a cheaper option that might serve an an easier introduction to the material.

UPDATE: I forgot to add that I did pass the CISSP using primarily this book, coupled with the Review Seminar mentioned above. Took the test August 8 of 2010, received notification that I passed in September, and received my certificate in October.

My approach was as follows:

I started studying for the exam in late May, targeting a test date of August 8 (note the date on my review was August 7). I basically counted the number of days I had to prepare, subtracted 1 week for review time and about 7 "off" days to allow for days off or catch up. I also subtracted one week for the review seminar course that I took the week prior to the exam. I then took the number of remaining days an divided the number of pages in the book by that to set a pages per day goal. I think the result was something like 18 or 19 pages per day.

That was my goal - read 19 pages per day and take notes as I read. The next day I'd review the previous day's notes, and read another 19 pages and take notes. I used the Shon Harris book as a supplement to fill in gaps that I felt were unclear.
25 of 26 people found the following review helpful
A Fantastic Resource for the CISSP 3 April 2010
By Hemingway - Published on Amazon.com
Format: Hardcover
As opposed to the rather popular Shon Harris title, the 'AIO CISSP Study Guide', this title provides a more serious and professional presentation of the requisite exam material. It can be heavy going at times, and may require the occasional re-read to ensure that information is sinking in, but then again the subject matter is heavy, and is not to be taken lightly. Not only will this text provide you all you need to know to pass the examination, it will remain as a vital ongoing reference for those professionals who are at the front lines of the Information Security profession.
22 of 23 people found the following review helpful
I Passed the CISSP Exam with only this book 30 Jun 2010
By EU - Published on Amazon.com
Format: Hardcover
Let me say that I bought the Shon Harris AIO book and could not get through it - too many stories and jokes that I found distracting. In a nutshell the AIO guide is too wordy and bored me highly (although when she gets to the CISSP material it is good as she knows her stuff). With that said I bought this book and boy was I glad I did! Finished the book a week before the exam and spent the last week taking the practice exam included (about 1 hour a day). I really enjoyed the book as it is written by several professionals that specialize in a domain (this changes the pace and ensures you learn from specialists vs a jack of all trades). Now I have taken certification exams before and have found the official books are the best ones to use (this one did not disappoint). Now on to the exam. The exam was the most difficult exam I have ever taken - really the CISSP is no joke. I felt the book (only study material I used) got me assimilated to terminology and theory and my experience made the difference in the exam for me. Since you are supposed to have 5 years experience in the field to take this exam anyways, this book should get you through the theory and your experience should get you through the rest of the test. I think ISC2 has done a wonderful job with this book and its questions (exam like but I did not find any on the actual exam) so that you may see where you stand. I am proof that you can pass with just this book and don't need to waste time with multiple sources of material if you have h security experience required to take the exam. For those without experience, I suggest the SSCP ISC2 credential instead - the CISSP requires an endorsement of your experience anyways (and potential audit) so it may be a waste of your time and money if you don't have the required experience. For those that do, rest assured you can pass with just this book (I did), buy the book with confidence and thank me later.


The approach I used follows:

1. Take practice test (included) to see weak areas.

2. Read book cover to cover.

3. Take practice exam again.

Take real exam; some tips:

1. Get a good night's rest.

2. Eat lots of carbs and protein the day of the exam.

3. Take a protein bar and water as you will need a break during the exam.

Best wishes on passing the exam!
4 of 4 people found the following review helpful
Rich B 9 Jun 2010
By Richard B - Published on Amazon.com
Format: Hardcover Verified Purchase
After being in computer science and information technology for years, rarely do I come across a book so noteworthy of being organized, easy to read and while maintaining its potency through efficient delivery. If you are studying for the exam this is the book to have (of course re-reads are necessary), if not I still recommend to anyone(CIO, CFO, CEO, Manager, etc) responsible for, concerned with, or reliant on information and the technology that supports it
6 of 7 people found the following review helpful
Use this book or Shon Harris AIO 5th Edition to pass! 17 May 2010
By Brian Anderson - Published on Amazon.com
Format: Hardcover

I recently sat the exam and passed after reviewing both the Shon Harris AIO and the Offical ISC2 Guide to the CISSP CBK v2. Either book is a great purchase, and I'm still using the books after passing the exam as a reference. This book to me is a lot better written then the previous versions.

Brian Anderson
Were these reviews helpful? Let us know