In the New Year, many information security professionals will have made a resolution to pursue some sort of industry certification. While there are many worthwhile certifications available, the CISSP is a very common goal.

Shon Harris has been developing CISSP preparation materials for many years and the sixth edition of her "All In One CISSP Exam Guide" (McGraw-Hill, 2013) has just been released. This is a mammoth book that provides (in its 1400+ pages) a substantial introduction to the ISC(2) "Common Body of Knowledge". The companion CD-ROM provides a video module on cryptography taken from the author's video training as well as 1400 practice questions for the certification examination.

Though no one book is sufficient preparation for the CISSP exam, this is a worthwhile and valuable resource to add to your preparation library. After your exam, it will serve as an excellent desk reference on security topics.

The CISSP exam itself is quite challenging and is in some ways quite different from many other certification exams. As noted in the candidate bulletin, the exam is made up of 250 multiple choice questions where the candidate is tasked to identify the best answer out of the four possible answers. This is quite different from many exams where the task is to distinguish the correct answer from three incorrect ones. Often on the CISSP exam, all four answers will be somewhat correct but one will be the best.

Practice in handling these types of questions will go a long way toward successfully completing the exam and Shon Harris has produces a new edition of her "CISSP Practice Exam" (2ed, McGraw-Hill, 2013). This book includes 250+ simulated exam questions with detailed explanations of which out of the 4 answers is the best answer.

Do be aware, this is not a "brain dump" and the odds of your seeing any of these practice questions on the actual exam are quite small. However, working through these practice questions will introduce you to the thought processes involved in handling questions on the real exam.

It has been said "Be careful, for writing books is endless, and much study wears you out" so Richard Austin (http://cse.spsu.edu/raustin2) fearlessly samples the wares of the publishing houses and opines on which might profitably occupy your scarce reading time. He welcomes your thoughts and comments via raustin at ieee dot org