Publisher: Auerbach, 2000, 711 pages
Since 1993, the Information Security Management Handbook has served not only as an everyday reference for information security practitioners but also as an important document for use by practioners to conduct the intense review necessary to prepare for the Certified Information System Security Professional (CISSP) examination.
Preparing for the examination is a major effort because it requires a thorough understanding of the topics contained in the Common Body of Knowledge (CBK) for the field as specified in the Generally Accepted Systems Security Principles (GASSP). The handbook is one of the most important references used by candidates preparing for the exam.
The Information Security Management Handbook maps to the ten domains of the Common Body of Knowledge tested on the certification examination: access control issues and methodology; telecommunications and network security; security management practices; applications and systems development security; cryptography; security architecture and models; operations security; business continuity planning and disaster recovery planning; law, investigations, and ethics; and physical security.
The Information Security Management Handbook is a 'must have' book, whether you're preparing for the CISSP exam or need a comprehensive, up-to-date reference, or both.
Describes a lot of the fields within the CISSP. Nothing to get too excited about, a bit dry and boring, but not bad. Too shallow to use for a CISSP exam.