CISSP Study Guide


  • Eric Conrad, CISSP, GIAC GSE, GPEN, GCIH, GCIA, GCFA, GAWN, GSEC, Security+, SANS-certified instructor and President, Backshore Communications
  • Seth Misenar, CISSP, GPEN, GCIH, GCIA, GCFA, GWAPT, GCWN, GSEC, MCSE, MCDBA, SANS-certified instructor and lead consultant, Context Security
  • Joshua Feldman, (CISSP) SAIC, Inc.

The CISSP certification is the most prestigious, globally-recognized, vendor neutral exam for information security professionals. The newest edition of this acclaimed study guide is aligned to cover all of the material included in the newest version of the exam’s Common Body of Knowledge. The ten domains are covered completely and as concisely as possible with an eye to acing the exam.

Each of the ten domains has its own chapter that includes specially designed pedagogy to aid the test-taker in passing the exam, including: Clearly stated exam objectives; Unique terms/Definitions; Exam Warnings; Learning by Example; Hands-On Exercises; Chapter ending questions. Furthermore, special features include: Two practice exams; Tiered chapter ending questions that allow for a gradual learning curve; and a self-test appendix

View full description


Computer and Information Systems Managers, Systems Administrators, Application Developers, Network Administrators, Security Managers, Security Analysts, Directors of Security, Security Auditors, Security Engineers, Compliance Specialists.


Book information

  • Published: August 2012
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-961-3


"Gives you everything you need and nothing you don't. One of the temptations you face as an author of a certification prep book or course is to include information that you feel is important, but not related to preparation for the certification. Eric Conrad has shown incredible discipline in keeping this book focused on preparing you to take the CISSP."

-Stephen Northcutt, President, The SANS Technology Institute 

Table of Contents


How to Take the CISSP Exam

Domain 1: Information Security Governance and Risk Management

Domain 2: Access Control

Domain 3: Cryptography

Domain 4: Physical (Environmental) Security

Domain 5: Security Architecture and Design

Domain 6: Business Continuity and Disaster Recovery Planning

Domain 7: Telecommunications and Network Security  

Domain 8: Application Development Security

Domain 9: Operations Security

Domain 10: Legal, Regulations, Investigations, and Compliance