Description
This book is born out of real-world information security industry experience. The authors of this book have held the titles of systems administrator, systems programmer, network engineer/security engineer, security director, HIPAA security officer, ISSO, security consultant, instructor, and others.
This book is also born out of real-world instruction. We have logged countless road miles teaching information security classes to professionals around the world. We have taught thousands of students in hundreds of classes: both physically on most of the continents, as well as online. Classes include CISSP®, of course, but also continuous monitoring, hunt teaming, penetration testing, security essentials, hacker techniques, information assurance boot camps, and others.
Good instructors know that students have spent time and money to be with them, and time can be the most precious. We respect our students and their time: we do not waste it. We teach our students what they need to know, and we do so as efficiently as possible.
This book is also a reaction to other books on the same subject. As the years have passed, other books’ page counts have grown, often past 1000 pages. As Larry Wall once said, “There is more than one way to do it.” [1] Our experience tells us that there is another way. If we can teach someone with the proper experience how to pass the CISSP® exam in a 6-day boot camp, is a 1000+ page CISSP® book really necessary?
We asked ourselves: what can we do that has not been done before? What can we do better or differently? Can we write a shorter book that gets to the point, respects our student’s time, and allows them to pass the exam?
We believe the answer is yes; you are reading the result. We know what is important, and we will not waste your time. We have taken Strunk and White’s advice to “omit needless words” [2] to heart: it is our mantra.
This book will teach you what you need to know, and do so as concisely as possible.