Editorial Review

Can you imagine valuing a book so much that you send the author a Thank You letter?

Hundreds of thousands of project managers understand why PMP Exam Prep by Rita Mulcahy, PMP, is a worldwide best-seller. Is it Rita's years of PMP exam preparation experience? The endless hours of ongoing research? The interviews with project managers who failed the exam, to identify gaps in their knowledge? Or is it the razor-sharp focus on making sure project managers don't waste a single minute of their time studying any more than they absolutely have to? Actually, it's all of the above.

PMP Exam Prep, Sixth Edition by Rita Mulcahy contains hundreds of updates and improvements from previous editions--including new exercises and sample questions never before in print. Offering hundreds of sample questions, critical time-saving tips plus games and activities available nowhere else, this book will help you pass the PMP exam on your FIRST try. ... Read more

Reviews

My value-add Rita book-usage tips + CAPM / PMP experience...
This review is for the April 2009 6th edition of RMC's PMP Exam Prep. Also see my Amazon "Project Management Journeyman" Booklist (* NOTE: updated May 2010 -- both the Journeyman Booklist and this review per 8th value tip below *).

I'm writing this book review with 5 value-points for the reader in mind:

(1) List of 7+1 *VALUABLE* tips to get more horsepower out of the book faster
(2) I used the "harder" PMP book for passing the "easier" CAPM exam
(3) use of the RMC learning system with 2 other competitive offerings
(4) thoughts on other RMC offerings
(5) my experience with the PMBOK v4 PMI CAPM exam in light of the above


The PMI PMBOK version 4 was released in 2008, and the CAPM / PMP exams switched over from the now-superseded PMBOK version 3 as of July 2009. Seeking to certify under the latest standard, I looked at 3+ leaders in the field for self-paced PM training (RMC, Kerzner, Heldman) and chose the Rita/RMC book and system as the best overall value hands-down relative to my specific 2-POINT training goal: (a) to be *solid* in the PM basics *well* beyond your typical CAPM candidate -- but without having to read 8 to 12 different PM books over a period of months to get there; (b) do it for as close to the drive-out price of $1000 as possible versus the typical PM training program investment of $2500-5000 elsewhere.

I deliberately used the more difficult, much thicker RMC PMP book instead of RMC's CAPM book to prepare for the CAPM exam, and am pleased with the results. And going forward, I also bought Kerzner and Heldman's PMP books (again, see my PM booklist) and find their different approaches actually complement the RMC program for continued professional development quite well. Kerzner's strength is case studies and color commentary that comes from years of doing PM, teaching PM, and evolving his great book. Heldman's approach is the opposite of RMC: learn thoroughly by doing in the laboratory of the job. Heldman will push you to get good at comprehensive hands-on PM, but unfortunately it will take MUCH longer than RMC's approach for coming up to speed to pass the PMI exam sooner rather than later. *** RMC is about practical actionable knowledge NOW - and RMC delivers. *** I'm not saying anything bad about Heldman's approach; rather, I'm saying that the 3 systems (RMC, Kerzner, Heldman) have different approaches that work well together. My proposed reading order is to go through the RMC book 2x-3x and take the test. Next get through Kerzner -- an easy read to fill out one's worldview after paying the price to get through RMC. Finally, if you're a full-time PM, use Heldman's book to round things out.

On other RMC offerings, first I'll mention the CAPM online 23-hour course - you'll recall that (in addition to a 4-year degree) PMI requires 23 classroom contact hours in lieu of 1500 documented hours working on a project team for eligibility to take the exam. The online RMC CAPM course is pretty much taken straight from the book but interlaced with video vignettes featuring Rita teaching. A heads-up: don't look for fireworks with the online course. You've actually already experienced the show when you read the book; the online course complements with multi-media feedings for the CAPM candidate and thus satisfies the technicality of the PMI 23 hour classroom requirement. That's it. The price is right. Remember the gift-horse parable and your wallet will thank you.

The RMC system also offers an optional 1000+ exam questions database (FASTrack), and a flashcard drill system. If you're taking the harder PMP exam, then I would strongly recommend atleast the FASTrack as the RMC PMP book only offers 200+ questions; this is not enough for the PMP. However, for the easier CAPM exam, I found it enough to just memorize the complete Rita Process Chart and few other small patterns cited in the book. Interestingly, both the Rita chart in the RMC PMP book, AND the Process Group .vs. Knowledge Area matrix found in the PMBOK v4 book -- have the same page # -- page 43 !

My experience with the CAPM exam is that Rita was right: know the Rita Chart (and DO all the work in the book from cover to cover, no half-steppin' !) and you largely don't have to memorize Inputs / Outputs. However I'll throw in 2 warnings: (a) read the formal PMBOK book alongside the RMC book on a per-chapter basis for further subtle but important clarities around Inputs/Outputs anyway (but without memorization); (b) the PMP exam is full of experiential questions (qualitative) .vs. the CAPM exam questions are strictly quantitative. So I very much over-studied for the CAPM exam in using RMC's PMP book; but that's okay as my goal was EDUCATION (change one's mentality) and not just "training" (improve existing mentality).

Here are my 7+1 value-add observations and nuggets for getting more horsepower out of the RMC PMP 6th ed book:

(1) STUDY ORDER - SAVE YOURSELF SOME TIME: go to a copier and copy the "Difficulty Level" illustration on page 9, then the Knowledge Area bar chart near the bottom of page 99. These 2 drawings should make it clear how you'll want to tackle the book in a way that works uniquely for you. I was then able to alternate back and forth between a "hard" chapter and an "easy" chapter to help sustain my momentum; I also more readily invested more time in the harder chapters.

(2) PM PROCESSES & PM INTEGRATION CHAPTERS: PM Processes is the hardest chapter. Trust me when I say this - pay the price here to memorize the Rita Process Chart and the rest of the book becomes a breeze. Next, just skim the PM Integration chapter the first time and save the more in-depth effort for this chapter after completion of the book.

(3) RISK & QUALITY CHAPTERS: Read the Risk chapter early in your study sequence because it's the most pervasive of the 9 knowledge areas throughout the entire PM effort. Also read the Quality chapter early in the sequence else the Rita Chart can be ambiguous (e.g. Verify Scope .vs. Validate Scope, or what is QP .vs. QA .vs. QC ?).

(4) MY TRICK TO EASILY MEMORIZING THE WHOLE RITA PROCESS CHART AND NOT JUST THE PLANNING COLUMN: I oughta charge $$$ for what I'm about to share here. Rita only advises rote memorization of just the "Planning" group column (because the step-order within the other 4 PM process groups is not strictly fixed, but instead "generally" grouped and "approximately" sequenced). The good news is that "generally" and "approximately" is good enough ! So you can readily memorize all 5 columns for not much more work than memorizing the 1 column - and the results will show on the exam. So I made the following discovery after copying the flashcards pages in the PM Processes chapter (pages 47-57), then cutting them out with scissors and playing the game over several times for 2 hours. RMC does not point this trick out -- so I'm saving you a lot of time and increasing your score with this next secret ! Read carefully: the 5 original PMBOK process group columns (Initiate, Plan, Execute, M&C, Close), using the Rita Process Chart version rather than the PMBOK version, have a total of 10+24+20+17+8 = 79 steps distributed across the 5 columns. Working with the RMC PM Process Chapter flashcards revealed that, with no modifications, these 5 long columns will fragment out cleanly into 17 short columns that can each be thought of as "work-packages". These work-packages in turn can be thought of as self-contained pearls on a string that should be strung together in a self-evident logical order. I gave each of these pearls my own custom name for easy recall. The numbering sequence that emerges is: Initiate 55, Plan 5865, Execute 5573, M&C 5552, Close 332. It's easy to memorize these 5 numbers which together are the 17 digits that in turn are the 17 "pearls", and that collectively contain Rita's 79 steps. Visualize being a PM on the job through each pearl as you build the entire chart out over and over again on paper. You'll have the *entire* chart down cold in 1 to 2 hours:

>> INITIATE formerly 10 steps, now 5+5 steps = 5-step Big Picture, 5-step Make Commitments;
>> PLAN formerly 24 steps, now 5+8+6+5 steps = 5-step Project Scope + Equipment + Team, 8-step WBS + Dictionary, 6-step Other Plans, 5-step Finalize;
>> EXECUTE formerly 20 steps, now 5+5+7+3 = 5-step Product Scope + Request Change, 5-step Make the Donuts + Uphold QA standards, 7-step Manage Team, 3-step Information I/O;
>> MONITOR & CONTROL formerly 17 steps, now 5+5+5+2 = 5-step Measure + Influence, 5-step Change Control, 5-step V&V + Risk + Forecast/Report, 2-step Manage Reserves + Admin Procurements;
>> CLOSE formerly 8 steps, now 3+3+2 = 3-step External Closure, 3-step Internal Closure, 2-step Legal Closure.

(5) ONCE A DAY -- 5-MINUTE BRAIN-DUMP THE RITA CHART TO PAPER: whadya know, Proverbs in the morning, Psalms at night, and the RITA CHART while in the food-line during lunch !

(6) PROCUREMENT MANAGEMENT CHAPTER: sorry guys, this chapter needs more clarity and elaboration. It's already the longest chapter in the book but that's okay. The solution is not to argue with the coke machine with 45 cents in the hand and try in vain to buy a 50 cent coke. The solution is to pay the 50 cents and get the coke. Thanks.

(7) THE LAST CHAPTER CALLED "REASONS YOU MIGHT FAIL THE EXAM": *do* the inputs / outputs exercise after the 2nd read-through (and you DID parallel-read the PMBOK book on a chapter by chapter basis, right ?!). The last chapter brings it all home for sure. Make this the partner chapter with your 2nd passage through the PM Integration chapter.

(8) ADDED MAY 2010 -- ADDITIONAL THOUGHTS ON TIME & STUDY APPROACH: Thank you for your kind posts in response to this review. To answer your questions, everybody learns at different rates. Those with lesser "verbal memory" will take longer to learn from books (.vs. multimedia) than others. Particularly for a CAPM but also for the PMP, on average, you'll want to carve out 4 to 6 weeks (evenings & weekends) and ONLY focus on project mgmt. The net time invested (with 23 hour online course included) will range from 80 to 150 hours. Regardless of the time that you will personally require, it's a mistake to either drag the effort out over multiple months or parallel-study other credentialing efforts. Why? Because with PM you are ALREADY learning multiple subjects at once! PM is an aggregate "discipline comprised of multiple disciplines". This makes it all that much harder to properly *contextualize* as it's learned. Contextualization is essential to true education over mere training. So take a month and do this "one thing" very well to the absolute exclusion of all others. Turn off the TV and iPhone; do drive-through or take-out; set clear mini-goals for the complete month; dont be discouraged if 4 weeks becomes 6. LAST TIP: near to your arrival time at #7 above, schedule the exam through Prometric 7 days out for CAPM, and 10-14 days out for PMP (factor in all those sample test questions first). Your momentum, commitment and focus will be unstoppable.

This book is all you need!
Just took and passed this exam yesterday. I studied this book exclusively for about 50 hours over the past month. I used no other training materials, no test simulations, no classes - not even the PMBOK! I am fairly experienced, so your hours may vary, but everything you need to pass this test is in this book.
First the book from an editorial view: I have taken literally dozens of IT certification exams and have used at least one book for every one. Most technical books, IMO, are written in a very sloppy fashion - typos, grammar seemingly from a language other than English, non-functioning code, etc. Not Rita's book. Rita's Exam Prep is easily the highest quality certification book I have ever read. I found only two errors in over 500 pages of real content! Ok, so now you know the book is well constructed, highly edited, and you can trust the content to be relatively error-free. Let me now explain about the actual content and how it matches to the test content (it's relevancy, if you will).
Rita obviously understands the PMP content and exam objectives exceedingly well. But just as importantly, she understands how to present the material in a way that allows to reader to concentrate and absorb the important points. I have taught before and there is a world of difference between someone who knows the material and one who can actually teach others the material. In my opinion, this book is as good as it gets for those on a self-study certification path. If you follow her study plan, there is no reason for you to fail this exam.

Out of the 200 questions on the exam, I would estimate that you should be able to successfully answer 180-190 of the questions with just Rita's book. You only need ~61% to pass, so you should have a high degree of confidence that you will pass this exam on the first try if you read and understand what Rita is presenting to you.

One final note: I read where some people thought this book was expensive. This is a high-end certification and has a high-end testing fee to go along with it. You don't want to spend ~$500 on an exam and then skimp out on test preparation! Many people spend thousands on a class and won't walk away with as much knowledge as what is in this book. For what you are getting, this book is a bargain!

THE BOOK for PMP Certification
In short this book is a very good reference for Project Management (not only for PMP Certification).

I was impressed with the overwhelming amount of people praising Rita's book and decided to buy it. Lucky me. It is indeed a very good book.

Besides being a great asset when pursuing the PMP Certification, this book is a great introductory book on Project Management, covering most important subjects.

Do not expect to get as much info as you would reading Kerzner's book, but the balance is good.

Full of illustrative pictures it presents the Project Management processes, along with explanation and examples (a totally different approach than the one used in the PMBoK). I've enjoyed A LOT this approach.


Quick Chapters Overview:

Chapters 1 - 3 cover the introductory material and the PM Framework.

Chapters 4 - 12 cover each of the 9 Knowledge areas.

Chapter 13 covers Professional and Social Responsibility.


PROS:

It has been written as if Rita were talking to the reader. It is a very nice feature that makes the reading very easy. Also, while she does that, she makes you think what and how well have you been managing your projects. Very nice. (Tell me later about it).

Ok, but what makes this book different?

Some of the items are:

* Tricks of the trade
* Eligibility Checklist
* Study Tips (Rita calls it "critical time-saving tips")
* PMI-isms
* Games and exercises
* Common Errors and Pitfalls
* Cert Study Plan
* Quick Tests (at the beginning of each chapter)


CONS:

Very small letters, make it hard to read (Ok, I got the book at the same time I had to get my first glasses, so give Rita some credit).


To summ up:

I recommend it for both the beginner and the seasoned PM alike, since it will be a nice refresher.

If you're looking for a book full of examples and templates, I'd recommend not buying it.

Hope this helps!

PMP exam Prep - review
This book was suggested by our instructor as one of the best aids to focus on passing this exam. Forget the flash cards! read this book, take the practice exams as she suggests,
use an exam simulator - and you'll pass. Best bang for he buck!

All You Need to Know
I bought Rita Mulcahy's PMI EXAM PREP (Sixth Edition) in April of this year (2010) primarily based on the excellent reviews that I read on this site.

I took and PASSED the exam today. Here's what I will share in hopes you will be able to pass the exam as well.

1) If you follow Rita's instructions in the book you WILL pass the exam on your first attempt.
2) I read the book (cover to cover)(3) times, took all the exercises and end-of-chapter tests with each reading.
4) On my third reading I was able to achieve scores on the end-of-chapter tests in the 80% - 90% range.
5) Don't obsess about the formulas too much. Rita says in her book there will be 8 or so questions that require calculations and she was right on the money.
5) Ignore the negative reviews that have been posted on this site. It is true that Rita does some self-promotion in her book and that she reminds readers that they are probably not doing PM the "correct" way. I interpret this as coming from one who is confident in her PM expertise and is goal/success oriented.

And last, but not least, I discovered that Rita passed away earlier this year. For some strange reason I felt a personal sense of loss and I never met or talked to her. May she rest in peace.

Blows the PMBOK out of the water
Give me $100 to buy books to study for the PMP, and I'll buy this book and pocket $37. Rita's book takes the arcane wisdom of the PMBOK and translates it into real english to help practitioners pass the test. I'm now a certified PMP, and I give 80% of the credit to this book, and 20% of the credit to the RMC online course that cost my employer almost $1000. This book alone should be enough for most project managers to pass the exam and become certified.

The good:
- Quick explanations of difficult concepts
- Breaks down the PMI methodology into easy to follow steps
- Reinforces those topics really necessary to understand the PMI process
- Gives helpful hints on the type of material likely to be found in the test
- Exercises, exercises, exercises! Practice makes perfect. Most of the PMI methods are no-brainers, but you have to learn everything exactly the way they want you to. Best way to do so - use this book!
- Quick exams to capture your knowledge before the chapters. If you understand it, don't waste your time.

The bad:
- I didn't buy it before signing up for her online course. Definitely grab this book.
- It's not recommended by PMI over the PMBOK. I bought both and was depressed whenever I had to open the PMBOK.

Rita's PMP Exam Prep Review
This is an excellent product. I passed PMP exam (on first try) just by studying from PMBOK and Rita's PMP Exam Prep last May. This edition is slightly more advanced and revised to fit PMBOK 4th edition. ... Read more

Editorial Review

Get complete coverage of the latest release of the CompTIA A+ exams inside this fully revised and updated resource. Written by the leading authority on CompTIA A+ certification and training, this expert guide covers CompTIA A+ exams 220-701 and 220-702. You'll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, in-depth explanations, and more than 1,000 photographs and illustrations. Designed to help you pass the CompTIA A+ exams with ease, this definitive volume also serves as an essential on-the-job IT reference.

Covers all exam objectives, including how to:

• Work with CPUs, RAM, motherboards, power supplies, and other PC components
• Install, partition, and format hard drives
• Install, upgrade, and troubleshoot WIndows 2000, Windows XP, and Windows Vista
• Troubleshoot PCs and implement security measures
• Install video and multimedia cards
• Work with portable PCs, PDAs, smartphones, and wireless technologies
• Manage printers and connect to networks and the Internet
• Understand safety and environmental issues
• Establish good communication skills and adhere to privacy policies

The CD-ROM features:

• Practice exams for 701 & 702
• 600+ chapter review questions
• New video introduction to CompTIA A+
• One-hour video training segment
• Mike's favorite PC tools and utilities
• Searchable e-book

Mike Meyers, CompTIA A+, CompTIA Network+, MCP, is the industry's leading authority on CompTIA A+ certification and training. He is the president and founder of Total Seminars, LLC, a major provider of PC and network repair seminars for thousands of organizations throughout the world, and a member of CompTIA. ... Read more

Reviews

Best of the bunch, February 15, 2010
I had received the CompTIA A+ Complete Study Guide for xmas because the All-in-One Exam Guide wasn't available yet. Well, I gave up on the Complete Study Guide after I was 1/3 the way through and ordered Meyer's version as I saw that it had become available on Amazon. What can I say? The guy is such a great teacher and the book is very well laid out and easy to understand, relying on plenty of analogies and diagrams. You get the feeling that you are in a classroom listening to your favorite teacher; Mikes methods of teaching are pleasantly informal, and he seems to have the formula for mixing professionalism and humor down to a tee.

Two thumbs up. Passed both tests this morning., April 17, 2010
Definitely going to give this book two thumbs up. I've been doing the things in this book for about three years, but I do my best to play around at home and do stuff like this anyway. I simply read through the book and took the tests on the CD. Saw that there were a couple of areas on the tests that I needed to review. Reread 3 chapters and took the tests this morning. I made an 845 on the 701 test and an 870 on the 702 test (both out of 900). Overall, it took me about a month to study and finally take the test. Not too bad for a book that's 1300+ pages. It was easy to read and easy to understand. The light jokes were nicely thrown in as well. Can't say enough good about this book. I hope the Network+ and Security+ are the same way... because I just bought them. ;)

Well written and easy to understand, March 15, 2010
I found Mike Meyer's CompTIA A+ Certification Exam Guide to be of great help in passing the A+ certification. His seventh edition is written in a clear and concise manner that's easy to understand and also makes a great reference book.

However in some areas, for example, the CPU section, I think that Mike goes into too much detail for the A+ certification and I found there is not enough background or troubleshooting information on VOIP technologies. Even with these shortcomings, I would still highly recommend this book.

An Excellent Resource for Studying, July 21, 2010
To put it simply this is probably the most dynamic and interesting text-book I have
read in ages. Most texts use the format of dry facts and statistics while dragging
out the source material for what seems like forever. Mike has that unique writer's gift
of taking a relatively dry subject and making it fun and interesting to read. I love
the format he uses of starting with the broad history and moving into the factoids
all without losing his humorous touch. Using this book and a few practice tests from CompTIA's
own website, I was able to pass the test on my first try after about a month of study.


This was a great resource for study and I only have two small complaints.

1. The practice tests included on the CD do not have enough questions. This means that after
you take it once or twice you will have seen all the questions and it goes from being
a good gauge of your progress to just memorizing the correct answers.

2. The book does not cover VoIP in enough detail to satisfy the questions that will probably be on the
exam. So you will have to do a bit of extra research into VoIP to get up to speed on the topic.
Overall this is an excellent all-in-one guide that will help you towards achieving A+ certification.

If you want to get lifetime certification you better start now, because come January 1st
your certification will switch to only being good for 3 years if you don't get it before 2011.

Great but no CD with a Kindle, November 10, 2010
This review is for the Kindle user. Well, It seems like common sense; you would think that because it is a ebook that you would not get the CD and that there would be a possible link to the information on the CD. Well, nope! Now shame on you Amazon. You do not state it anywhere about the status of a the information on the CD. Now I say information, because when you buy a book, that is what you are buying, information. If the CD has information on it, then you should be entitled to this information. I have spoken to Amazon via emails and to the publisher and this turly seems to be a missed topic, WOW. I really enjoy the Kindle(I use it on my PC), but Amazon should set up links with this information for the buyers, because we did buy it.

The Book is very good and covers all of the important topics that you will need to know. You just have to commit it to memory.

This Will Help You Pass!, August 3, 2010
Having been in the I.T. field for 6 years (although not certified) and after TONS of experience of fixing people's computers, upgrading them, and troubleshooting them, I decided that it was time for me to go for my A+ certification. Right now I am going to take the test in the next two weeks, and I feel VERY prepared.

Even if you have NO EXPERIENCE fixing PC's, you will by the time that you are done with this book. It gives you helpful hints on what to see on the exam, and what you will see in the I.T. field. After studying and doing the practice tests in the back of the book on the CD which I HIGHLY recommend that you do once you are done with this book because if you want to pass the A+ exam, you want to see as many questions and answers because most, if not all, are going to be on the exam but written differently.

The book also shows you how to stuff too; like installing a NIC, CPU, RAM, motherboard's, and a list of other things too. Also on the CD, there are video tutorials on how to do specific things also in case you want to see how things are properly installed without wrecking the hardware.

I LOVE this book and I cannot recommend it enough to people who want to get into the I.T. field. This is definitely a GREAT foundation to other higher certifications (after this, I'm going for my CCNA).

Before I end this review, I want to give out a couple of pieces of advice that Mike left out.

1. Take your time, I know that there is a time limit, but READ EVERY SINGLE QUESTION AND POSSIBLE ANSWER VERY THROUGHLY. Trust me, CompTIA likes to throw some hard-ball questions and think that they have the right answer when in reality it is the wrong answer. If you know that it is the right answer, go for it. Like I said, CompTIA likes to trick you into thinking that the wrong answer is the right answer.

2. Study the heck out of this book and grab an old computer and study the heck out of it. If you are new to PC repair, read this and know it like the back of your hand. Trust me, there are going to be some real world situations where you are stuck and don't know the answer, my solution? Before you go take the exam, get an old computer and study the heck out of it with the book by your side...having book skills is one thing, but having good troubleshooting skills is another.

3. My last and final tip....Be Patient. I know this is a THICK book, and whatever you do, DON'T SKIP ANY CHAPTERS OR SECTIONS! Like I said, CompTIA will throw some HARDBALL questions at you (and some soft ones too so expect those also), and if you are not sure about something, go back into the book, study, or research the heck out of it.


Like I said, this book (and an old beat-up computer) will help you pass the exam. Good luck passing that exam!

Best Study Guide for A+, October 9, 2010
I just recently passed both A+ tests yesterday and have to thank Mike Myers for the excellent book. I used this book, Exam Cram Version 3, examcheets, ILT series from my New Horizons class and IT exam world practice tests. The two best where the Mike Myers book and IT examworld tests for passing the tests. Dont waste your time with anything else then these two sources and you will pass with no problem. This book will teach you about legacy devices that the new 220-701 just loves to ask questions about. The IT exam world will cover just about every question that you will run across on the test. The test cd is excellent as well that comes with the book but is lacking with command line commands and there switches. Two of us in my New Horizons Class used this book to supplement the ILT books and passed both A+'s with no problem. On to our Network+ training now!!

Great review book, April 14, 2010
I purhased this textbook to refresh my knowledge before taking the A+ exam. I have been very satisfied with the writing style in the book, and the amount of information contained inside. There have been many times while reading this book that I read something I previously did not know, and was not contained in the other A+ books I have read. This book specifically blows away the Jean Andrews book, in pretty much every way. My only complaint is the book is in black-and-white, but for the price, color could not be expected. Buy this book!

Studying for the CompTIA A+, April 9, 2010
Only into the third chapter of this book so far, but it is a fairly easy read, especially for those that do not like to read. The author uses terminology which is easy to understand and basically starts from scratch as if you had no computer knowledge. I am going to read this from cover to cover although I already have 10+ years in the industry and an Associates in IT. The only thing I didn't like is that not all the acronyms are spelled out. All in all though a pretty thorough book!

I liked the 6th, and I like this one too, February 3, 2010
Good Update to reflect the latest processors and the Windows Vista & Seven OSes. Clear and concise as always, but he changed one of his best lines!
Before: "Redesigned to maximize efficiency, the Core 2 processors spank their Pentium D predecessors by up to 40 percent in energy savings..."

After: "Redesigned to maximize efficiency, the Core 2 processors offer up to 40 percent in energy savings..."

What happened Mike? ... Read more

Editorial Review

Learning a complex new language is no easy task especially when it s an object-oriented computer programming language like Java.You might think the problem is your brain. It seems to have a mind of its own, a mind that doesn't always want to take in the dry, technical stuff you're forced to study.

The fact is your brain craves novelty. It's constantly searching, scanning, waiting for something unusual to happen. After all, that's the way it was built to help you stay alive. It takes all the routine, ordinary, dull stuff and filters it to the background so it won't interfere with your brain's real work--recording things that matter. How does your brain know what matters? It's like the creators of the Head First approach say, suppose you're out for a hike and a tiger jumps in front of you, what happens in your brain? Neurons fire. Emotions crank up. Chemicals surge.

That's how your brain knows.

And that's how your brain will learn Java. Head First Java combines puzzles, strong visuals, mysteries, and soul-searching interviews with famous Java objects to engage you in many different ways. It's fast, it's fun, and its effective. And, despite its playful appearance, Head First Java is serious stuff: a complete introduction to object-oriented programming and Java.You'll learn everything from the fundamentals to advanced topics, including threads, network sockets, and distributed programming with RMI.And the new. second edition focuses on Java 5.0, the latest version of the Java language and development platform.Because Java 5.0 is a major update to the platform, with deep, code-level changes, even more careful study and implementation is required.So learning the Head First way is more important than ever.

If you've read a Head First book, you know what to expect--a visually rich format designed for the way your brain works. If you haven't, you're in for a treat. You'll see why people say it's unlike any other Java book you've ever read.

By exploiting how your brain works, Head First Java compresses the time it takes to learn and retain--complex information.Its unique approach not only shows you what you need to know about Java syntax, it teaches you to think like a Java programmer. If you want to be bored, buy some other book. But if you want to understand Java, this book's for you. ... Read more

Reviews

A different kind of Java book for beginners and experts, July 7, 2003
When I first saw "Head First Java", it reminds me of the colorful "conversational English" books I had when I started to learn English years ago. The casual, humorous books have turned out effective for English language learning. Is that style good for the Java language learners as well? Is this type of books for beginners only?

With those questions in mind, I started to read "Head First Java". Since I consider myself a Java expert (I wrote a Java book myself, after all), I decided that I would NOT read the book from cover to cover. Instead, I would randomly flip through the book for the humorous stories and photos. I figured that if I cannot learn much new about Java from a "beginner" book, I can at least have some fun.

Geez, I was wrong. I was ADDICTED to the book's short stories, annotated code snippets, mock interviews, puzzle games and brain exercises. They are not only entertaining but also informative. It may be a beginner's book but the stuff they cover are definitely deep enough for expert readers as well (e.g. multiple inheritance, polymorphism, inner classes, threads, RMI, ... just to name a few). The best of all is that I can actually remember the things I learned from the book because I associate them with the stories and pictures. I guess it has something to do with the fact that both sides of my brain are active when reading this book: The right side is for the stories and the left side is for the technical and logic stuff.

There are other great Java books (e.g. "Thinking in Java" by Bruce Eckel) in the market. But they are all very serious and require the readers to spend hours to read entire chapters. The great thing about "Head First Java" is that the bite-size code snippets and stories allow me to learn something about Java in my 5-10 minutes spare time, one piece a time.

The overall writing style is casual and enlightened. The presentation style (fonts and placements of graphical elements) fits the content very well. The book covers a wide variety of Java topics including: basic code structure and language syntax, OOP concepts, math and numbers, exception handling, the Swing GUI library, serialization, network, and distributed computing.

Of course, the casual style is not for everyone. I know people who love the re-assuring feeling from "serious" books. But I can re-assure you that Kathy and Bert are authoritative figures in the Java training community. The content is absolutely first class. I highly recommend "Head First Java" for both Java beginners and expert readers.

An Amazing Achievment, November 14, 2003
Who do Kathy Sierra and Bert Bates think they are? Don't they know that learning a programming language is supposed to be hard? Don't they know that it is supposed to involve suffering? Apparently not, as they have written a complete introduction to Java that is fun to read and easy to understand. If we don't stamp this out now, students will start expecting their teachers to be entertaining!

The book is an excellent introduction to Java. It covers all the typical topics of a basic introductory text and some extra including serialization, networking, and distributed computing. Each topic is covered in a fun way with important information highlighted. The authors use stories, fake interviews, pictures, and assorted other clever techniques to catch your imagination and make the topics memorable. There are plenty of exercises (with answers) to help you check to be sure you understood each chapter. And there are plenty of fun programs to code including a cool music machine instead of the typical "reverse a String" exercises.

If you are looking for a traditional text then this book is definitely not for you. Instructors should think carefully whether this book fits in with their style of teaching. This book is not for everyone but if you want to learn Java and object oriented programming in fun and unique way then this is the book you want. Now I just have to figure out how to keep it away from my students.

My all-time favorite tutorial on Java (or anything else), January 7, 2004
In all my years of reading technical books trying to learn new skills, the closest I have ever come to a book like this was when I first read a Dummies book. I liked it because it presented information in a humorous fashion that made things easy to comprehend. This style takes that type of learning to a whole new level. Using a combination of writing style, graphics, illustrations, and sample code, they draw you into each subject in such a way that you can't help but learn and understand.

This book starts with the basics of Java and progresses clear through to RMI and JINI. Granted, those last subjects are just touched on, but at least you're exposed to them. Even after all the Java tutorial manuals I've read, I still got a lot out of this book. For instance, I always was sort of fuzzy on the event listener logic. The Head First explanation was one of the most understandable (and entertaining) treatments of it that I've ever read. Likewise, inner classes were always confusing to me. The coverage of that subject here makes it sound so simple.

And why do you need this if you're a Notes/Domino developer? If you've never worked with Java, you're probably intimidated by the subject and afraid to get started. Don't be... This is the most fun you'll ever have learning a new skill. While it doesn't talk specifically about how to code a Java agent in a Notes application, you'll learn the concepts and the syntax you'll need to be able to do that. Once you have those skills in place, you can move on to a book specific to using Java in a Notes environment (such as Domino Development With Java by Tony Patton). The book doesn't assume you're a programming guru to get started. You will learn a lot from this material, and it's something you need to do in order to continue to stay relevant in the IBM/Lotus world.

Conclusion
If you're a C/C++ guru approaching Java, this book may not be for you. You'll already know much of the material from your exposure to those languages. But if you're a mere mortal like the rest of us, you need to buy this book if you're looking to learn Java. I am SO hoping that the Head First approach to tech writing becomes a series. If it does, I'm ruined for life in what I will expect from a book. This is really great stuff!

Who said learning could not be fun., June 3, 2003
I had the pleasure of reading Head First Java as Kathy & Bert turned out the chapters. Though the book has not hit the stores yet, I'd like to share my experience reading the work copy of the book.

I'm a 47 year old programmer that has basically seen it all in my 25+ years in IT. Though I've been busy with Java for more than 2 years, I until recently still saw myself as an absolute beginner. Why you might ask? Well for starters all my Java was simply "hobby" work, I did not use it at work. Secondly, and the most important reason, is that I simply did not understand and grasp some of the key concepts of OO that one needs to know to be able to fully use the capabilities Java has to offer.

As fate would have it, the work copy Kathy & Bert's book became available to me as I started to work in a new department where I have to program in Java. I was drowning. I had to keep on asking the youngsters on the team for assistance. You can't believe what that does for your self-confidence. But as I read more and more of Head First Java I found myself sitting in tech meetings not only understanding what was being said but I was actually coming up with some fresh ideas that helped us re-design our systems to become fully OO.

Why is that so. Simply because of the unique way Kathy and Bert teach and share their knowledge. The best way for me to describe this book is by using the teacher at school that we all have encountered in our school careers. You know the one that enthusiastically drew the most elaborate drawing on the black board to explain his point, the one that simply generates interest in his subject purely because of his sheer love of the subject he teaches. Now imagine that teacher in book form. The Head First way, your favourite teacher in a book.

I can carry on for quite awhile about the unique style of the Head First way, but I suggest you download the sample chapters at O'Reilly or go download the "demo" at Kathy & Bert's own site...

What has this book done for me. For one it finally made me grasp Polymorphism, and the use of interfaces. Though I've used it before, like a parrot without understanding, I never saw it's real strength. Now I use it all the time. I can't believe I programmed Java without them. Head First Java turned me into a Java OO programmer instead of a Java procedural programmer. Yep one can write pretty neat procedural programs in Java.

If you are a Java programmer that has problems understanding the finer points of the language and OO in general I suggest you go out and buy the book.

I want to end with a word of caution. This book, because of it's uniqueness, might not appeal to everybody. I suggest you browse (or download the demo) the book before buying. You will know immediately know if the book is for you.

If you want learning to be fun buy this book.

Makes other books look like the API, July 17, 2003
In short, it's a great book. It will make all your other Java books
indistinguishable from a printed copy of the API. This is how to
actually understand Java. I kept yelling "So THAT's how it works!" at
least once a chapter. It's really amazing how much I realized I didn't
know. Well, didn't understand. I knew stuff and could do the right
syntax and all that but now I think I really get Java a lot more. In
particular OO and polymorphism which, let's face it, are the kind of
thing that seem simple at first but are slippery to really get ahold of.

The exercises are excellent. I think I could learn more from just the
Head First exercises than from the other books on Java I've bought,
combined. When you buy this, do them all at least once.

I want to point out one particular thing they do with the weirder
concepts. They'll introduce and explain a topic, and then you go to the
next page and there's a picture of someone going "Huh???" And the text
will say yeah, this is a weird concept, and start again and explain it a
different way. And then clarify it again. By then you really do
understand it. I think this is great because it acknowledges that some
of these concepts are just hard to learn. No matter how brilliant you are or
whether you're the love child of Bill Joy and Carly Fiorina.

You absolutely must have this book if you want to learn Java, and you
absolutely must have this book if you've been programming for a couple
years but you have to admit deep down you're still a little fuzzy on a
how things really work.

To much funny, not enough fact, March 25, 2006
I really wanted to like this book. I bought the Head First book on design patterns and love it. It was the right mix of irreverance and information. So, I bought this book even though I have been a Java developer for over 5 years. I was excited to see how the Head First authors handled a beginners book for Java.

Not too well, in my opinion. Chapter Three, in particular, was a mess. This chapter introduces the notion of variables yet never explains what an integer variable is. No explanation is given of the float type. We are told that a byte holds 8 bits...but not told what a bit is. We are not told how to assign a hexadecimal value to an int. We are not told that if we assign a numeric value with a leading zero...the compiler will assume that you meant to use octal values. The reader is not told that Strings are immutable. These are all things that will trip up a beginner (the target market for this book). The author of this chapter doesn't even bother to mention that a Java array uses a zero-based index.

Both primitives and the notion of classes are introduced in Chapter Three. Yet, the author doesn't mention that all primitives (except boolean) have wrapper classes. Strings are introduced...but, no mention is made of the StringBuffer or StringBuilder (very useful and often used classes). These items are included in the back of the book in Appendix B.

There are so many things left out that I wonder if the publisher actually had any beginners read this book. Readers of this book will finish this book still ignorant of many Java essentials.

Here is one of their dumbed-down explanations for an object reference:

"Think of a Dog reference variable as a Dog remote control. You use it to get the object to do something (invoke methods). An object reference is just another variable value. Something that goes in a cup. Only, this time, the value is a remote control."

Huh? Granted, they had been using the "cup" metaphor before...but, still I found this book confusing, superficial, and somewhat insulting. It felt like reading a children's Weekly Reader book. (It even has crossword puzzles)

I like the idea of making learning fun. However, in their attempt to make it fun they left out so much info which is pertinent to the beginning Java programmer. Apparently, another rule of the Head First series is that there MUST be a cute picture on every page. Many times, the logical flow of text is hindered because they had to fit a non-illuminating, unnecessary graphic on the page. Many of the pictures are unnecessary and do not help to explain the content at all. Many paragraphs are confusing, unclear, or simply badly structured. The editors were asleep on this one.

Many newbies are giving this book high marks. Unfortunately, they are woefully ignorant of the fact that this book left out a ton of info that is pertinent to actually coding Java well. One poster here raves that he was able to cover 60 pages in one day. In my opinion...ease of reading is not the only criteria for a good programming book.

My recommendations for Java beginners: Beginning Java by Ivor Horton or Core Java by Cay Horstmann.

A great new teaching style, August 19, 2003
Earlier this year I decided to learn Java. Grabbing a copy of 'Learning Java' from O'Reilly I started learning.

Of course, you can't learn Java without a good understanding of object-oriented languages. I made fairly heavy going with 'Learning Java' until I decided to dive in head first, 'Head First Java' that is - I bought this book that has a totally different attitude to teaching than I've seen before in computer books. The style is humorous, full of graphics, cartoons, puzzles, quizzes and crosswords. It reminds me of the textbooks that used to try and teach me geometry and algebra in high school or my daughters elementary books on Roman and Greek history I purchased for her at the British Museum. The style didn't work to teach me much algebra and geometry, but I wasn't anywhere near as motivated. This time, it worked. In a couple of weeks I worked through the book and finally have Java skills where I can branch off and start coding the projects I had in mind (though something more advanced will be required soon.)

In the introduction the authors examine learning and explain why they designed the book as they did. To quote from one section: "Some of the Head First learning principles. Make it visual. Put the words within or near the graphics. Use a conversational and personalized style. Get the learner to think more deeply. Get-and keep-the reader's attention. Touch their emotions." They argue that our brain is tuned to novelty, and that their style provides the novelty to keep your brain turned on. They also provide ten tips for good learning. That's one thing that seems to set this book apart from most other computer books, they say they think of their reader as a learner and indeed that's the way you are treated by the book.

The book also has a good emphasis on test-driven development, a good style to get new programmers started. I also appreciated the excellent chapter on how to package all your code up for release, something that you might expect to be trivial but not quite as easy as expected.

When compared to 'Learning Java' the coverage is not as good, 'Head First' really only covers the basics, up to and including creating a GUI with SWING and then touches a number of others; 'Learning Java' goes on to explore, with a fair depth, network programming, web programming, servlets, applets, Java Beans, XML and other topics that are only touched on briefly in 'Head First.' If the style of learning does not suit you then this will be an incredibly irritating and useless book, I'd give it a try first, though.

This edition also has a fair number of errors, including some in the examples. To this all I can say is "shame, shame, shame." I keep on harping on this in computer book reviews but if you can't figure out a way of including code that compiles and/or runs in your book then give up. The example code is available online - how hard is it to check that it all runs and then include that source directly into the text.

When you get down to it, though, the only way to really decide on the worth of a tutorial is to decide how well it teaches. 'Head First Java' excels at teaching. OK, I thought it was silly, I had a hard time making myself do the exercises, fill out the crosswords and solve the puzzles. Then I realized that I was thoroughly learning the topics as I went through the book. 'Learning Java' was doing the same job, but the dry traditional method wasn't doing as well. Both books are well written, designed and constructed-the style of 'Headfirst Java' just made learning, well, easier.

It would seem to me that the 'Head First' approach is going to work wonderfully for the more 'beginner' topics, books for introducing you to a new style of programming, a new language or a radically different operating system or application. So if you're looking for a book to introduce you to Java then I can recommend 'Head First Java'. Now if I could only find a book as good to introduce me to Common Lisp.

Brilliant Work!, January 5, 2007
I am only 12 years old, and struggled to find a java book that would teach me the language without assuming that I had previous experience with programming. This book was the answer. It was a quick read, and the pages flew by very quickly. The visually enhanced text made learning as close as possible to fun. I would reccommend this book to all who have little to no programming expierience, because it does cover some basic topics that are common to all languages.

Get started with Java here, August 22, 2003
For those programmers that want to learn Java, this book is an excellent resource. It appears to be targeted towards experienced programmers coming from a different language. There is a great deal to like about this book. The content is at an appropriate depth and numerous topics are covered. Most important perhaps is the way that the material is covered. Graphics and text are mixed in such a way to keep the reader visually stimulated. The explanations are very atypical for a book on a technical subject.

The book is organized as a tutorial of seventeen chapters that start with object oriented concepts and progress through graphics, swing, networking, I/O, RMI and deployment issues. I really like the Code Kitchen project. It is built in an incremental fashion on the material covered in the later chapters. In each chapter there is a group of exercises to challenge your retention of the material. But even more powerful are the learning concepts that the book is based on. Kathy and Bert are experienced instructors, but they have taken their knowledge of the content and merged it with the latest information in learning concepts to create a book that is fun to read, but a tremendous teaching tool. Dry and boring authors beware; tedious technical tomes are no longer acceptable, if they ever were.

The book is an excellent investment in time and money for anyone that wants to learn Java, but if you prefer a more serious tone, there is always "Thinking in Java" by Bruce Eckel, another of my favorites. However, we liked the book so much that we bought several copies to start some of our staff down the Java road. One last point, do the exercises. They may seem a little trivial, but like calisthenics, they are very effective.

A converted skeptic, now I'm hooked., July 17, 2003
I was skeptical when I heard about this book, and even MORE skeptical when I saw it (at the JavaOne conference). At first glance, it looks like an explosion at the graphics factory. But it was fun to flip through, so I started looking at some of the pages, and I realized that I was learning things just looking at the pictures, that I hadn't known before. Whoever thinks this is a 'dummies book' hasn't read it, but I can see how it might appear that way if you don't really get into it.
This is a learning book, the authors go to great lengths to make that clear, and to explain the learning principles behind all the visuals. I have read three Java books, and even taken a two-day intro course, but there were still many key pieces that I didn't quite get until I worked through this book. I think its really important to do the exercises (I think the puzzles are optional).
I got through this book much faster than with the other books that cover the same topics (I won't give the book names, and they were very good books, but I can understand them better now that I really learned the topics from Head First Java), and now I understand some things much better than I had before. Things like OO concepts in particular, but also some of the distributed programming topics.
One nice thing about this book is that it makes even the advanced topics seem easy. I have the feeling sometimes that books make things even more complicated than they should be, and I am not sure why that is. Maybe it is because so many text books cover a topic in such detail (and with so many words) that you have a hard time getting just the key points out of it, so that you can understand and it and USE it.
There is a large optional exercise that covers several chapters, that uses JavaSound -- it is a multi-user, networked midi drum machine. If you are not into midi music, you might not want to take the time to go through it (but I think that is why they say it is optional), because it spend a fair amount of time teaching you about something (the sound API) that you will probably never use. But I thought it was a lot of fun, and I learned a lot more Java from it. And I am now building a 'learning music' application as a result of getting started with that.

If you see it in a store, take the time to read some pages, or look at the sample chapters before you say it's a dummies book. It is definitely not a dummies book! I really don't consider myself a dummy, I just prefer it when things are clear.
I guess there are some people who will not like this style, and it does seem geared toward a younger audience (I am 45, but I have teenagers in the house). But it was the right choice for me, and I think it will probably be the right choice for most people trying to learn Java for the first time (or in my case, the third or fourth time). I wish this had been the first Java book I had picked up. Yes, there is a certain amount of 'cute', but I will never forget some of this content simply BECAUSE those pictures are in my head. So in some ways, I guess it like having an annoying radio commercial or song that you can't stop humming. You might not necessarily like it, but you can't forget it.
They claim this is part of the learning principles behind it -- that if you store information as both a picture and text, it is in two different parts of your brain, and doubles your chance of recalling it.

It is a very differrent experience, and I guess that people who are more comfortable with traditional methods might not like it. I happen to like things that are off-beat, and this was the perfect way for me to learn. One problem is that now I am hooked on this style and it's going to be harder for me to go back to learning things with text books. I am waiting for them to apply this format to other things I need to learn. O'Reilly are you listening? ... Read more

Editorial Review

Editorial Review

Get complete coverage of the latest release of the Certified Information Systems Security Professional (CISSP) exam inside this comprehensive, fully updated resource. Written by the leading expert in IT security certification and training, this authoritative guide covers all 10 CISSP exam domains developed by the International Information Systems Security Certification Consortium (ISC2). You'll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the CISSP exam with ease, this definitive volume also serves as an essential on-the-job reference.

COVERS ALL 10 CISSP DOMAINS:

• Information security and risk management
• Access control
• Security architecture and design
• Physical and environmental security
• Telecommunications and network security
• Cryptography
• Business continuity and disaster recovery planning
• Legal regulations, compliance, and investigations
• Application security
• Operations security

THE CD-ROM FEATURES:

• Hundreds of practice exam questions
• Video training excerpt from the author
• E-book

Shon Harris, CISSP, is a security consultant, a former member of the Information Warfare unit in the Air Force, and a contributing writer to Information Security Magazine and Windows 2000 Magazine. She is the author of the previous editions of this book. ... Read more

Reviews

I passed the CISSP using only this book and a TON of preparation, May 30, 2010
There is no simple formula to prepare for the CISSP certification, and no single resource which can guarantee success on the certification exam since every applicant's background is unique. However, this book (fifth edition) was my only resource in preparing for the exam and I passed on my first attempt (April 24, 2010).

I spent 60+ hours in preparation for the exam... that's 60+ hours of DEDICATED individual study using this book and CD, not 60+ hours spent web surfing during lunch hours or commercial breaks. My recent background is in middle management, with 20 years experience in network architecture and data security, so I already had a firm technical foundation for the test areas dealing with protocols and encryption variations. I also have an MS in Computer Science. Nonetheless, the exam was so broad, with topics covering general principles and concepts, that I could have prepared twice as long and still left the exam with questions about the outcome.

My personal opinion is that formal classroom instruction, through one of the many organizations offering CISSP preparation courses, is a worthwhile companion to Shon Harris' book. A study group is also a good idea. You will not obtain CISSP certification if you take the exam without preparation. This book (fifth edition) was sufficient, but not 100% comprehensive, to prepare me for passing the CISSP test.

Note: Some reviewers do not appreciate Shon's frequent analogies and humor. Most of her analogies helped me internalize the complex topics, but that's my personal learning style. The efforts at humor were generally awful, but every once in a while she was subtle and brilliant enough to make me laugh out loud. Working through Shon's unique writing style was not a problem for me... I actually found it refreshing.

Useful, but hardly a technical book, March 26, 2010
From a perspective of preparation for the CISSP examination this book is one of the standard places to start from. In that respect, I would give it a 4-start simply because it follows the core notion of the exam itself in that it is a mile wide and an inch deep.

However, do not expect this book to provide technical details or even technical language consistently. There's a lot of verbiage, needless attempts at humor - which really degrades the overall standing of the book - and just the right amount of information, but no more.

Also, do not make this book the sole resource for preparation. You *may* pass the exam but will be none the wiser for most of what the book covers.

Given that this is a technical examination after all, I would have much appreciated if the author did not try and frame the same statement in multiple ways in the same paragraph, stuck to using consistent technical language and provided more links to resources for additional information. It would also have been nicer if the key technical points, definitions, important values were better highlighted - or even repeated in a prominent tip - after every section so that a second reading becomes a lot less demanding. The exam is challenging in itself and the book and author can do a lot more to make preparation a less demanding experience.

It is difficult to come across books that are worthy of technical appreciation and I am afraid the above points make this a middle of the road effort.

I have no particular affinity to either the author or publication but would recommend giving the Mike Chapple book a shot. You will be a lot less frustrated reading technical matter for a technical examination than with the narrative-style of the Shon Harris book.

Edition comparison, February 24, 2010
I bought the third edition of this book in October 2009 to prepare for the exam. The reason for buying that instead of this fifth edition is obvious. It cost me only $2.95 plus $4.00 shipping. I was a little worry at the beginning because of the new material that was added since 2005. However, I though I can supplement with material in the internet. At the end, I don't have the time because the exam was on January 16, 2010 which gave me less than 4 months. During the exam, I did not see anything that I have not seen in the third edition. If you know something about the exam, you know they are not going to ask you directly about a concept or technology. So, you really have to understand the material. Since CISSP is more about principle and concept and less about specific technology, using a third or fifth edition is not going to make a big different. I passed the exam in one shot. Don't get me wrong. Getting the latest and the greatest is always good and I will consider getting the fifth in the near future when I need to brush up the knowledge. But if you want to save a little of money, consider getting the fourth or the third.

The Gold Standard for CISSP, January 30, 2010
This is the absolute gold standard, the one-stop shopping reference for CISSP certification! The price is economical enough to highlight its passages and put notes in its margins. It is the fifty-dollar solution to the horrifically expensive test.

Every IT professional I met, who passed the CISSP test the FIRST time, credits the Shon Harris CISSP manual.

It is the preferred reference for corporations to hand out free to thier employees.

Shon Harris, CISSP AIO 5th Edition - Great Buy!, January 30, 2010
I find this book to be very well written and contains alot of updated materials. I was getting a bit upset that I couldnt find a updated reference material until I found out about this edition. I would recommend this book to anyone who is attempting to get their CISSP. I've just started reading the book today and managed to get to Chapter 3. This book is very well written, and the cd contains multiple PDF's, that I use to read on my cell phone. I also like how the PDF's are broken down into chapters. It helps set small goals and allows you to feel accomplished after reading a 100+ page chapter!

CISSP All in one Exam Guide, July 6, 2010
I cannot say enough good things about this book. I used this and Exam Cram as my sole sources to prepare for this exam and I passed on my first try. I don't have a very technical background so this book prepared me thoroughly for the exam and also helped a great deal in my work as an IT Security Specialist.

Best written resource to study for your CISSP, March 26, 2010
Shon's fluid writing style is enjoyable to read, and communicates effectively, much better than what I've seen from any other CISSP book. However, it takes some time to get through. I only gave myself a month to read it before the exam and I was CRAZY. I think two months would be more reasonable, but to get it done you really need to come up with a schedule and track your progress. If you don't have time for that, I'd recommend attending a bootcamp.

Superb Domain Coverage, June 10, 2010
I've had the pleasure to attend a CCISP class conducted by Shon Harris. She is an exceptional instructor and her All in One book translates the classroom discussions well to the written form.
Great coverage of all the required domains. Highly recommended!

Provides complete coverage of the latest release of the CISSP exam, May 18, 2010
The fifth updated edition of All-in-One CISSP Exam Guide provides complete coverage of the latest release of the CISSP exam, is written by a leading expert in IT security certification, and offers a course text accompanied by a CD-ROM of hundreds of practice exam questions and a video training excerpt by the author. Both students practicing for the exam and workers on the job need this detailed, in-depth course, jam packed with information and tests to be certain of comprehension.

The Bible for CISSP Certification, April 4, 2010
This Study Guide is the one for CISSP Certification. Almost everyone I've know who has the CISSP certification has this book on their shelf. Shon has struck a homerun with CISSP All-in-One Exam Guide. Jeffrey W. Bennett, ISP author of: ISP Certification-The Industrial Security Professional Exam Manual or How to Prepare for and Pass the Industrial Security Professional Certification Exam;
National Industrial Security Program Operating Manual (NISPOM) ... Read more

Editorial Review

Reviews

This book helped me pass the Windows 7 exam, November 27, 2009
I got this book to help me pass the Windows 7 exam. After reading the book and doing all the exercises and practice test questions I got above 900 when I took the test. This is the first time I have taken a Microsoft exam since Windows XP so I am pretty happy with the result.

The practice tests are similar enough to the exam that they helped me pass. The only thing I didn't like about this book was that some of the exercises take a while and you really need a computer with 4 GB of RAM if you are going to do them using VMWARE. This was okay for me, but might not be good for others. I was able to do all the practices using the RC version of Windows 7 even though they are designed for the real version of Windows 7.

I do not know what book the other reviews are talking about as the text seemed to be clear and I noticed few mistakes. If you want to pass the exam this book will help you do that. If you want to have a book as a Windows 7 reference you should get the resource kit book.

Not perfect, but got me through the exam!, April 15, 2010
This book is far superior to the Odom book, which I also owned. This book does a great job of covering all the bases. There are quite a few typos and errata, however those problems are fixable since the errata is published. I did not see any questions on the exam that weren't covered somewhere in this book. If you study this book, and supplement with some studying of Technet, you should pass. The practice exam that comes with book is too easy compared to the real exam. Microsoft tests are somewhat vague in general, so taking the practice test that comes with the book won't hurt you. Just don't think that the real test is as easy as the practice test.

This book, although flawed, prepared me well for the exam, June 14, 2010
The book covers the exam topics closely, and the timed practice exams on the companion DVD (which also contains the book in .PDF format, and all the chapter review questions from the book in practice test format) closely simulated the exam experience. Each chapter was well-explained, and the practice exercises were well thought out and relevant... not only to exam 70-680, but also for real life Windows 7 tasks.

Bottom line: I spent a weekend plowing through the book, took the Microsoft exam Monday, and passed it. Well worth the money... especially since it included a 15% discount on the exam, making the net cost of the test at Prometric to $106.25... or, if you prefer, making the net cost of the book only about $25.
I just ordered the same book for the 70-685 exam.

Minor quibble: I counted at least a dozen typos in the book, including some in command lines. This cost it one star in my review.
Major quibble: There are even steps left out of the practice exercises. For example, the procedure for creating a Windows PE .ISO file -- a task early in the book that is necessary for other practice exercises -- is missing a crucial step, without which your Windows PE disks will never work. This is below the usual standards of MS Press. When I ran into this error, I chopped another star off this review.

I am shocked, January 23, 2010
I am the type of person that never writes reviews. This might actually be my first.

This is one of the most poorly written books I have ever read. I am only on page 136 and and I am totally frustrated by the amount of errors in this book. I can't get through a single exercise without having to go on the net to find the correct commands to get through the exercise. Did anyone test this out as it was written? I have 7 certifications and have read through many books and never come across a book with this many errors.

You can still learn from this book and pass your exam but it will just take a lot longer because you have to go online to verify everthing you read.

Not sure about the other Windows 7 study guides but if you are debating between this and others, go with the others.

Best book out there, could be much better, April 24, 2010
I purchase this book and the Odom book. The Odom book wasn't good at all and I ended up using just this book to pass the test. It's a comprehensive, in-depth look at Windows 7.

Problems with the book: Errors when describing command-line input is incredibly frustrating if you're not familiar with what they're trying to teach you and made worse in that subsequent lab exercises might not be possible if you weren't able to successfully complete an earlier one; review questions aren't very good and you can often figure out the answer without even having read the chapter; for a book aimed at a somewhat experienced technician, it goes into great length on some very basic topics such as troubleshooting wireless network connectivity.

Before reading this book, print out the errata guide and mark the pages in the book so you know when you're coming across some not quite correct information.

Excellent book..I passed 70-680 after reading it first try, December 2, 2009
This is an excellent study guide for the 70-680 exam. I spent about 2 weeks reading the book cover to cover and I was able to pass the exam on my first try with a score of 805. I have only been using Windows 7 Enterprise for about a month, so this book really helped me out. FYI the exam has NO SIMULATIONS at this time.

I would most certainly purchase another book by Orin Thomas!

Poor organization, too many errors to count, November 16, 2010
Maybe I was hoping for too much, but this book is very difficult to follow. Information is repeated sporadically throughout various sections without any cohesive step-by-step information. Parts of the book appear to be step-by-step, but either leave out important details or contain completely incorrect information. I couldn't even make it through Chapter 2 without considerable rework and research from other sources.

Good as a training kit, keep in mind it is training.., October 2, 2010

First of all my background: A+, Desktop support for several years, but this was to be my first Microsoft Certification.
By definition, this is the primary source of the objectives and questions covered in the exam. This book and cd used as a training kit, reading, studying, and yes performing the exercises should give you what you need to be prepared for the exam.

In my opinion, the test prep software could have been more like the exam by giving you a number scoring system more like the actual exam.

Everyone learns in different ways. While I would definitely recommend this to be your primary source, I would advise the following to all candidates: watch any and all videos / podcasts on microsoft training and technet, to include silverlight learning snacks. Read forums. Definitely use the test simulation software, but realize to expect different questions and different types of questions as well. I would advise a secondary source of study material as well for most people. Definitely do the exercises.

I would have liked to seen some type of update, or addendums to the book.

Overall good book, but be ready to really ready to dig in. Not for the weak willed.

Helped me pass my 70-680 Exam today with a score of 836!, June 8, 2010
Good news: I passed! I liked the layout of the book. I thought the sections (which follow the exam guidelines) flowed very well. I have worked in the industry for 2 1/2 years now and have taken other exams (Net+, CWNA) and feel like this book REALLY did help me prepare for the exam. Many other exam books I have read don't go into detail about a subject or the important material is not presented in a format that shouts out "hey! you need to know this!" Well, this book does. Many of the questions I was asked on the test seemed to come right out of this book (or vise versa). This book is also helping me a TON at work. Lots of useful information for imaging using WAIK and DISM. Lots of details for performance as well as Group Policy.

Bad news: Who wrote this thing? Seriously!! how can a book get published with this many spelling and grammatical errors! Their are step by steps with WRONG commands as well. I spent hours trying to get my WinPE image to work but then after searching the forums, I came to the conclusion that one of the commands was written in the book incorrectly and it didn't copy the files needed. Once I used the right parameter I was good to go.

Also, The practice tests (Hundreds of questions) are very good and written in a very similar fashion to what was on my exam. I could have swore that a couple of them were actually on my Exam.

Where to start..., October 25, 2010
A+, Network+, this being my first Microsoft exam in about 9 years, I was very disappointed initially with the layout of this book. It's important to know the command line prompts, but the way this book is laid out, it doesn't give you quick reference. I would have liked to of seen a more thorough glossary or at least a quick reference sheet for the terms, commands and the boat load of acronyms you have to keep after. I'm having a lot of trouble following this book due to the spelling and grammatical mistakes that leave you re-reading the same paragraph twice. I'm a technically minded person and the concepts outlined in this book are important. I'm just not really happy with the layout. Bearing that in mind, it is a better study reference than say CBT Nuggets for this particular course. But the important thing is to use TechNet and the errata posted here on Amazon to fact check things if you're not sure they came out right in printing. Bottom line, this book will help you pass the certification, but find more reference if you're put in a position of implementing the concepts in this book. ... Read more

Editorial Review

A study guide for the Project Management Professional (PMP) certification exam, this book provides all the information project managers need to�thoroughly prepare for the test. Review materials cover all the processes, inputs, tools, and outputs that will be tested, and extra help is offered with insider secrets, test tricks and tips, hundreds of sample questions, and exercises designed to strengthen mastery of key concepts�and help�candidates pass the�exam on the first attempt.

Reviews

One-Stop Shop for PMP Certification, May 28, 2003
PASS. First time out. Any questions?

Seriously, I read the PMBOK cover to cover. DENSE. All the information is there, but it lacks several things that are crucial to a successful PMP exam preparation: intuitive organization, practice questions, and real-world applications.

Andy Crowe's book fills the gap. It presents the information in a structured, easy-to-understand format that guides you through the 39 discrete processes, their interaction, and most importantly, what you need to know about each one to pass the exam.

The final exam takes the concepts presented in the book and makes you think about them from yet another angle, and the fact that all the answers are there provides the last step in cementing the information in your head. My score on Andy's final and my score on the PMP exam were within 5 points of each other, so he obviously got it right.

The PMP exam is extremely situational. Some questions have four correct answers! What they want from you is the BEST answer. Many others focus on order of operations and ask what you, as the project manager, should do FIRST. These real-world situations are covered clinically in the PMBOK, but stressed in detail in this book.

Buy it. Read it. And Pass the PMP. I did.

This is what a PMP Prep Book Should Be!, June 30, 2006
After studying Rita Mulcahy's "PMP Exam Prep" book for months, I found myself so frustrated and confused that I started looking for other material. I went online and found the positive reviews of Andy Crowe's "The PMP Exam: How to Pass on Your First Try" and bought the book, and I am SO glad I did!

What took months to understand reading the overly-complex RMC book became crystal clear when I read Crowe's book. Crowe organizes his material well, and at the beginning of each chapter he conveniently defines the material's difficulty, memorization level and importance on the exam in terms of "High, Medium or Low". Each page has a tab on the edge that identifies what process you are in, so if you find yourself deep in concentration and suddenly wondering, "Hey am I reading about Quality Assurance or Quality Control?" there's a large indicator right in front of you to help.

On a purely mechanical level, Crowe went out of his way to make sure this book was organized to help you study. I really appreciated that.

The material itself is excellent. As some have pointed out, it is a little slim in some areas, but the book's purpose is to help you pass the exam and in this regard, Crowe admits that he glosses over some items that tend to appear less than others. I recommend you read this book and refer back to the PMBOK and one additional study guide whenever you are confused or need additional detail.

I did find that PTA (Point of Total Assumption) was covered here, where it wasn't covered in the other material I used. I didn't find any major shortcomings in the coverage of the book.

I have read criticisms of the book's grammar and spelling. I did find a few (under 5) spelling errors, but I honestly appreciated the "big print" type and simplistic words. The material covered on the PMP Exam is pretty complex and tough. And too many PMP education providers seem to think they have to mimic that complexity and difficulty to teach the material. It was incredibly refreshing to find a book that actually went out of its way to make the material simple.

The book was also an easy and fast read, unlike all of the other materials I found. I read the first half of the book (up through the end of the "Time" chapter) in one day, and the second half in another day. I then went through the book with a highlighter and re-read it, in 2 days time again, highlighting all the key points. During each of these passes, I took the questions at the end of each chapter. Finally I skimmed the material several times, only glossing over the highlighted points. Doing this I could flip through the entire book in a day. I did that twice. Finally, two days before the exam I took the entire 200 question test at the end of the book, scoring 90%.

The only suggestion I have to improve this book would be to make the exam questions more difficult, so that they more closely mimic the tough, brutal questions I encountered on the PMP exam.

The free material at the Velociteach website was great. I signed up for the online site two weeks prior to sitting for the exam. The online quizzes were good, but limited. The real benefit for me was the classroom slides which presented the material very well. Even though it was mostly a rehash of what was found in the book, it was slightly different material, presented very well, using repetitive images and phrases that really helped key concepts stick in my head. (After going online, I easily memorized word for word the definition of a "Baseline" as they always referred back to the same images and the same words on certain key points. I found this GREAT for learning!)

I took the PMP Exam a few days ago and passed fairly well, thanks completely to Andy Crowe's book. Crowe explains early on in the book how much weight each process group carries on the exam. Calculating my scores in each process group (Initiation, Planning, Executing, M+C, Closing and Professional Responsibility) x the weight each group carries on the exam, I arrived at an estimate of 75% for my score on the overall exam, passing is approximately 61%. My weakest area was in Initiating by the way, which surprised me. Note that I took the final exam in the book shortly before the exam and scored 90%. I would recommend that you get to an 85% or 95% level on this particular book's questions prior to taking the exam.

I am very pleased with my score on the exam and with this book and Velociteach in general. This is my PMP preparation book of choice and I highly recommend it to anyone who is studying for their PMP credential.

This book really delivers, July 26, 2004
Until you have actually sat for the PMP examination (a grueling 4 hour 200 question computer administered examination), it is really not possible to gauge the value of this book. After taking the test, I can say categorically, that it would not be possible for even the most experienced project manager to pass the test without having read Andy Crowe's book. The Project Management Institute (PMI) has defined a very robust set of processes and knowledge that comprises their view of project management. Often, however, this view is different than the experiences of many long time project managers.

Andy's book logically lays open PMI's view of project management and provides the reader with the understanding of PMI's approach and how it also relates to many of our actual real world experiences. In a carefully planned order, the book covers each process group explaining the key elements and important items that the reader must remember in order to do their very best on the examination. The reader learns the why of PMI's approach so that they (the reader) can apply the "why" to answering the test questions. So, instead of having to memorize answers, the reader understands the underlying philosophy and, therefore, can deduce the correct answer by applying the PMI approach to each question. Although titled as a how to pass book, it really provides a useful guide to applying the PMI processes to any project. Andy gives the reader more than a guide to passing the test - this book is a great reference that will be useful long after the reader takes and passes the PMP examination.

To help the reader with test preparation, the each chapter has review questions as well as a final examination. These questions are very similar to the kinds of questions and subject matter found in the examination that they really help to both assess the reader's readiness for the test as well as to provide an excellent practice tool. The book also provides insight as to the level of difficulty and approximate percentages of coverage each process group will represent in the actual exam. This helps the reader to focus their study time in order to maximize their study effectiveness.

Having never used a "pass the test" book in the past, I was a bit skeptical. This book certainly demonstrated that it is possible to create a book that can actually come through a promise to pass on the first try. I have and will recommend this book as a must to anyone that is planning on taking the PMP examination.

Fantastic book for passing the PMP, January 10, 2005
I passed the PMP exam this morning on my first try. Thanks to this book and Rita Mulcahy's Exam Prep, I passed it with a wide margin. This is my favorite of the two as it gets to the point and really focuses on the key concepts in each knowlege area. I would recommend that you start out with this book as it gives you a good foundation without drowning you with minutia! Then switch to Rita's book to add the polish and finer details.

The questions at the end of each chapter and the Final Exam in the book was a good representation of the actual exam. I really like the fact that Andy added a totally different final exam and didn't reuse any questions from the chapters. In this regard, this book was far above Rita's book.

Summary: No regrets at all about buying this book. Will keep it as a quick reference at work.

One of the Top Three PMP Exam Guides, April 19, 2006
have recently read a few PMP books cover to cover, and I thought I should share my experience with other readers with an intention to help them to find the right books. A brief review of what I think are the top three PMP books follows:

1. This Book: The PMP Exam.
This is a great book and relatively self contained. You can study this book and pass the PMP exam. There are a only a few topics, which are not covered in adequate depth. The material coverage, however, is organized around the knowledge areas while the exam objectives are organized in order of the process groups. That breaks the exam objective coverage into pieces, and may cause confusion. I consider the book price un-reasonably high.
I recommend this book if you are looking for a self contained book to pass the PMP exam.

2. PMP In Depth by Paul Sanghera, Thomson Course Technology.
This book has just hit the market and is relatively unknown. But I found this a rock solid book. Almost all the topics are covered with adequate depth. The material is presented in a logical learning sequence and the presentation is very cohesive: no hopping from topic to topic. It's an easy and interesting read. All concepts are clearly defined and expalined. This makes it a great book for both the PMP and the CAPM exams. I feel that the communication management could have more coverage. Although for the exams, the current coverage is enough.
The material is organized in order of the project lifecycle (the process groups) consistent with the way the exam objectives are organized. Furthermore, exam objectives covered in a chapter are explained in the beginning of the chapter. This makes the exam preparation easier and confusion-free. The book is very reasonably proced.
I recommend this book for the PMP and the CAPM exams, and also if you just want to build a good understanding of the project management basics.

3. The PMP Exam Prep by Rita Mulcahy, RMC Publications.
It is a very good book if you are either taking a course from the author or from an instructor who is using this book as a text book. There are lots of exercises. Unfortunately, this is not a self contained book. Topics are not covered with enough depth. Also there is a poor flow and a lots of hopping from topic to topic. The coverage of topics is organized around the knowledge areas while the exam objectives are organized in order of the process groups. That breaks the exam objective coverage into pieces, and may cause confusion.Moreover, it's outrageously high priced. Too many cross references and over-hyped.
Overall I recommend this book of you are using it in a course.

critical success factor to pass the exam, February 15, 2005
I cleared my pmp exam on my first try yesterday. As you know, PMBOK is a reference instead of a textbook. It is very useful, but definitely not a good starting point to learn about the PMI methodology. I knew I have to turn to other sources, which eventually lead to a procurement process. My requirement is very clear, I need some materials which can enable me to clear the exam ASAP (i.e. a short payback period). The specifications of the materials are as follows:

1. Explain everything straight-forward, so that I can capture the key points immediately
2. Light in weight, so that I can carry it around
3. Without lengthy-case to confuse me, so that I can focus on PMI methodology and principles, not the background information of other companies

According to the comments (expert judgements) here, I "procured" two text books, one by Andy Crowe and another by Rita Mulcahy, the two most popular reference books about PMP. Two books were studied instead of one as I'm not sure whether one book is adequate or not, two books can mitigate the risk, the "unknown-unknown".

I finished both within one month and was fully satisfied with their contents. Their only drawback is, the exercises provided are much easier than the actual exam. But I don't blame on the authors because the objective of these questions is let you verify your understanding (inspection). I checked the questions I missed and clarified my misunderstandings steadily (progressive elaboration). PMBOK is helpful in this stage to provide the official definition of key items. We all know that PMP means Project Management Professional, but it also means Practice Make Perfect. I passed my PMP exam (objectives achieved) as promised by Andy :) Based on the score sheet, I understand that I have some weak areas where I need "continuous improvement". Unlike PMI methodology, there is no closing process in learning. We have many similar idioms in Chinese.

I've cleared the PMP exam on first try with both books. But I still believe that, the critical success factor to pass the exam does not lie on the tools only, but also the methodology how you prepared the exam. There should be many other textbooks available which can help. I am just lucky enough to use some of them.

I passed the PMP using only this book!, May 19, 2003
This valuable guide is worth its weight in gold! This was the only reference I used to study for the PMP exam and like the title says, I passed it on my first try in March 2003 - by a wide margin I might add.

The book reads as if the author were right by your side guiding you through the critical information needed to pass the exam. Instead of simply presenting a large volume of information as other reference guides do, Andy Crowe has ranked and rated all of the information he presents. He has organized the book in such a logical format that not only did I pass the PMP exam, but I really understand PMI's processes and why PMI does things the way they do. That's the real purpose of the PMP certification in the first place, right.

I can't recommend this book enough. If you are interested in passing the PMP the first time and shaving months off your study time, (who isn't) you have to read this book.

Great book to begin with, but..., February 4, 2007
This is the first book I read to study for my exam and I passed today!!! I think it's time for me to contribute and provide comments to the other people. This book is very easy to read; however, YOU CAN'T JUST RELY ON THIS BOOK! I brought the "PMP In depth by Paul Sangher" and it is also a good book to read. In conclusion, please please read the PMBOK after you read this book since you don't want to be like me -- I got very low score and I thought I couldn't pass!! Hope this helps and good luck ;-)

If you want to pass the PMP this will do it, May 30, 2003
If your concern is to pass the PMP exam, as quickly and easily as possible, this is an excellent book. I've spent over a decade as a PM and had just come off a 4.5yr contract. I also spent two years teaching principals of Project Management in the professional certification program at Columbia using the PMBOK as the basis of my curriculum. I was comfortable with my understanding of the basic methodology and the knowledge areas.

My goal was to pass the PMP with the least amount of hassle. I didn't want to learn more about project management, additional theories or examples of excellent new approaches to the different knowledge areas, at least not as part of this process. I didn't want to spend the next six months attending a study group. I wanted to know the mindset of the PMI test developers. I wanted to know their prejudices and attitudes and how these very subjective positions were expressed through the answers they expected and the questions they designed. And since these attitudes and positions tend to change with time, I needed to know what was current right now.

For instance, I tend to solicit team feedback concerning major policy decisions. For the most part PMI doesn't consider that the team should be consulted outside of the estimation exercises. Just knowing this fact allowed me to correctly answer a number of questions on the exam. The issue here is not what approach is best or to debate the question. The issue is what is PMI's position and how does it show up in the test. This is the type of information "The PMP Exam: How to Pass on Your First Try" provided along with the foundation concepts of the PMI methodology.

The book provides the material in an efficient, easy to understand presentation. In addition the book's graphics and memorization aids are both attractive and effective. More importantly they are organized by knowledge area. I read the book in the context of the class Andy teaches. I took a sample PMP test at the beginning of the class and scored in the 50 percentile. When I took the official exam a short time after the class, I scored 81%. The class is great but the book contains the class material and stands on its own.

Very Helpful book, December 21, 2003
Hi all, I just took and passed the PMP test this weekend. I used a few different sources to study. PMBOK, Mr. Crowe's book and another book by Michael Newell. The best source was Mr. Crowe's book. I would have liked a cd with the questions and some of the questions were a bit too easy but on the whole it was a great resource and the one that I recommend the most. I also found a good website that had some sample questions called www.pmboulevard.com.
The book focused on the knowledge you really need and I followed his instructions on what too do when you take the test too a tee. But don't be fooled you must put in some serious study time to pass the test, its not easy and there is a lot too know but this book could be used as a guide.

Good luck everyone. ... Read more

Editorial Review

CompTIA Security+ SY0-201: Get Certified, Get Ahead by Darril Gibson presents a comprehensive and all-inclusive approach for studying, preparing, and mastering the core competencies needed to pass the CompTIA Security+ SY0-201 exam.Learn from an expert in the field with over twenty years’ experience in the IT arena.Over the years, author Darril Gibson has helped hundreds of students get certified, and has included in this text the time-tested information used in his successful classes.This manual covers one hundred percent of all exam objectives and includes real world examples of security principles in action.Also included are over 375 practice test questions with in-depth explanations. Written with clarity and efficiency, CompTIA Security+ SY0-201: Get Certified, Get Ahead is a one-stop shop for any IT professional interested in advancing in the IT field and a must read for anyone striving to master the basics of IT systems security. ... Read more

Reviews

Perfect!!, December 12, 2009
perfect! i love this book. i had the original microsoft security+ book for class, and this book covered WAY more than what that book did, and alot less pages. i'm going to take my security+ certification exam on the 18th of December. i'm feeling very confident, as this book says it covers 100% of the exam. i'm just hoping there's no scenarios on the test =p, just questions about what i learned in the book, lol.

EDIT: Passed my exam with a 865/900 with this book! About 2-3 tricky questions throughout the entire test but it was ALL familiar. There was absolutely NOTHING unfamiliar on this test that the book didn't cover! Thank you :)

The only book you need!, January 20, 2010
The best thing I like about this book is that it talks to you instead of technically instructing you and it makes for a comfortable read while riding the bus or in bed. Another good feature is the text size is exceptionally larger than Sybex books, which again makes it easier to read. You will pass with book read it cover to cover and once over any areas you dont understand and take all the practice questions(seriously like the real exam).

Hit the Nail Right on the Head!, October 20, 2009
This book is excellent for both real world techniques for employing best practices for security as well as for passing the CompTia SYO-201 Security + Exam. It gets to the main points very quickly and actually is a very easy read...despite the fairly complex subject matter. The author doesn't preach to the choir, nor does he talk down to his audience...but it's almost as if he is engaging the reader in a discussion about various security related topics. The book is very well laid out and has lots of important points pulled out and highlighted in 'Remember' bubbles. Add to the excellent content a liberal sprinkling of Practice Exam questions thoughout the book and you have the perfect blend of study guide and reference book!

This is THE BOOK for nailing the Security + exam!

98 percent complete, August 11, 2010
I just passed the exam with an 868/900 (96%) and I used this book almost solely. I will throw in the disclaimer that I'm a CCNA, MCSA, and VCP (VMWare Certified Professional) with 15 years experience and the real-world experience was actually tested pretty effectively at times. I feel bad for young bucks that have lived in the world of prolific anti-virus software on workstations, servers, and email relays.

I downloaded the Security+ 2008 Exam Objectives directly from the CompTia website and double checked that this book hit on every topic and ever acronym. I'd recommend hitting this same list before, after, and during to make sure you didn't skim or miss anything. If you're very solid on the content in this book and everything on the objective list then you should call yourself "ready for this exam".

I also bought the Sybex CompTIA Security+ Study Guide for the CD with electronic flashcards and a practive exam but the Sybex book and Sybex CD were 70% garbage. I did refer to Sybex in a few cases to get details on IPSec and some encryption algorithms but Wikipedia would have done just the same thing.

Where the book lacked: beware the epic fail on their port/protocol definitions of L2TP and PPTP which is flat-out embarrassing (see errata sheet on website), their mistakenly listing WEP as Wireless Equivalent Privacy in the index which is silly (it is Wired), missing details about the Blowfish algorithm (oddly not on the Exam Objectives list but brought up twice on my exam), the book's website is ugly and worthless aside from the Errata sheet (I had really hoped for new information or sample quesitons), and finally the synonymns of the authenitcation methods aren't all covered (they were mostly common sense on the exam, but not in all cases). That list actually looks more brutal typed out than it should.

The good: the book hit 98% of the questions on the exam, was clear and easy to understand, has terrific font size and spacing for readability, the author has a good non-condescending tone and excellent real world examples (this book reads the way that a good classroom instructor sounds), the acronym list at the end of the book is almost a perfect match to those listed on the exam objective doc on the CompTia website, the practice questions are decent match to the real exam.

For n00bies you should have excellent problem-solving skills, a ridiculously good grasp on security topics (many university courses would meet this criteria), and many hours on exam engines in addition to this book. Seasoned vets should have a big leg up and for sure don't need to drop the insane coin that all these "online training" places want (CompTia being one of them) and they'll be fine with this book.

You won't go wrong with this book if you just read the errata sheet and drill yourself forwards and backwards on it then sprinkle in a little real-world experience and a practice deciphering the hidden meaning in exam questions. I'd recommend it above any other Security+ material out there.

Super Book, May 16, 2010
Three of us in the office have used this publication to pass the Security+ test on the first try. So far with scores of 880. Great book with large print (for us old guys) and no fluff, just the facts.

Simply the only book you'd need, March 8, 2010
The author has a great writing style, keeping the readers engaged all throughout. I have not seen many technical-books do this. Read this cover-to-cover and you are all set.

The Best Tool for the Job!, June 29, 2010
I started to get seriously interested in tackling the Security+ exam when I saw how much coverage of security there was on the Network+ exam. It seemed a shame not to capitalize on the overlap of material so I committed to more or less preparing for both tests together. After trying several other Security+ books I had second thoughts as the subject matter can ramp up quickly in difficulty. Then I found this book at Amazon and saw that everyone rated it 5 stars with glowing reviews. I got it, and as they say the rest is history!

Darril Gibson has taken this complex subject and presented it in a user-friendly, easy to understand way that actually makes it interesting and fun to learn. Mr. Gibson, I hope you are reading these reviews because I want to personally congratulate and thank you for your work. You have a unique talent for teaching - I can not remember ever having read another text book that was so easy to follow and yet so thorough and complete on its topic that it literally is a one stop solution for the test.

The large font, the "Remember" boxes, the chapter reviews, and the truly representative practice questions all combine to make this a noteworthy experience. The depth and breadth of material coverage is perfect - be assured if it's in the book you need to know it, and if it's not you don't. This book is so focused that you can't use the same approach many people use on text books - skimming and highlighting. There is no fat to trim and you really need to know all that is presented. But if you take the time to fully digest it carefully and have a good memory you will pass Security+ "just studying out of the book". I did!

After Exam Review..., November 17, 2010
English is not my first language, with that being said. Time for the review!!! I was actually awaiting after the exam to provide my review so here I go.

If you are looking for a non-boring book and one that give you all the knowledge in non-too technological terms in order for you to understand the material, this is the book for you. I watched all the reviews here prior to buy this book here and since all of them was 5 starts I decided to give it a try.

With Spanish being my first language I was afraid to get lost in a lot of difficult terminologies and stuff like that. Let me tell you something. This Book is magical. Even with only a year with Help Desk IT experience I was able to master all the subjects with this book. Sometime if I don't understand one word, I used to go to "Google Translate" and keep going. This is the best book I come across ever, its really fun to read and the real world scenarios are really helpful to better understand security. The Book is really easy to read (big letters), and it has a lot of practice question after each chapter.

After reading this book for a month, I fell really confident about taking the test. I went last Saturday November 11,2010. And passed the exam at the firs try with a score of 802/900!!! THE BOOK COVERED 100% OF THE EXAM.

I really recommend this book to all the rookies out there like me that are looking forward to pass the Security+ at the first Try. The ratings are 5 starts for a reason.

I'm glad I bought this book. If I could give it 10 starts I would.

Excellent Resource for the CompTIA Security+ Exam!, May 27, 2010
The book is great! It helped me tremendously in preparing for the exam. I read it cover to cover twice. While studying the material, I backed it up with the study questions at the end of each chapter. It's extremely important to understand why the answers are correct, and why the wrong answers are incorrect. Thankfully Darril has included extensive explanations for every practice question in the book. This really drives the points home!

It completely covered the material on the real exam. I sat for the exam and felt extremely comfortable. It made the exam feel easy. Now I'm confident that I know the information for the real world!

The exam is not as bad as everyone says it is. I was fairly new to the information until this year and managed to score a 900/900.

Perhaps that's just a testament to how good the book is; it has a perfect rating for a reason.

The only book you need to pass the exam, November 23, 2010
Note: I've had NO PRIOR NETWORK/SECURITY experience. This book was a Godsend! I only had a weekend to study when I found out about this book. Bought it in Kindle format and read it on my PC with the free application from Amazon. This book is so easy to read, not boring, and the practice tests and answers (with explanations) helped to sink in the concepts even more. Plus, in Kindle form it was way easier to look up something I'd see in practice questions (from other sources) that I didn't remember the definition of, and bookmark those areas to review later. I read the whole book over the weekend, took the test on Monday and scored 828! Best $10 ever spent! ... Read more

Editorial Review

CCNA Official Exam Certification Library, Third Edition, is the newest edition of the all-time best-selling CCNA self-study preparation package. This comprehensive review and practice package is designed for the latest CCNA 640-802 exams. The two books contained in this package, CCENT/CCNA ICND1 Official Exam Certification Guide, Second Edition, and CCNA ICND2 Official Exam Certification Guide, Second Edition, present complete reviews and a more challenging and realistic preparation experience. The books are updated to cover all the new 640-802 exam objectives, such as security, wireless, IPv6, and troubleshooting.

Please note that while this is the Third Edition of the Library, the two books inside are Second Editions. This is correct, and the editions align differently because of changes in the names of the exams, from the old INTRO and ICND to the new ICND1 and ICND2 formats.

What can you do with the CCNA Official Exam Certification Library?

• Assess your knowledge with chapter-opening quizzes
• Review key concepts with Exam Preparation Tasks
• Practice with hundreds of exam questions on the CD-ROM
• Learn about more complex topics with over one hour of video training

• TCP/IP and OSI networking models
• Operating Cisco routers and LAN switches
• Ethernet switch configuration and troubleshooting
• Virtual LANs and Spanning Tree Protocol
• Wireless LANs
• IP addressing and subnetting
• Routing protocols
• Router configuration and troubleshooting
• Static and connected routes
• VLSM and route summarization
• IP access control lists
• OSPF and EIGRP configuration
• WAN configuration and troubleshooting
• Frame Relay
• Network Security and VPNs
• NAT
• IPv6
• Troubleshooting

Reviews

Just Passed Today----Thanks To This Book, January 9, 2008
I just took the test today and I'm still in shock about passing the CCNA. About six weeks ago I decided to get serious and start studying for this test. I bought the Cisco Press books and the 'CCNA for Dummies' book. It turns out that I didn't even use the 'Dummies' book. The Cisco Press Library comes with two books, which I read both cover to cover. After reading both books I moved to the CDs that also comes with this set, which have a lot of useful material. The Boson practice exams that come with the book, I think are the most useful. The questions that the practice exams asks are very similar to the questions that the real test asks. With the combination of both the book and the practice exams you will be well prepared. Practicing with all the tricky questions really makes you learn the material to the smallest detail. The DVDs that come with the book are pretty lame and dry, I didn't even use them. I do what to clarify that I did have previous hands on experience with Cisco routers, but I used a free simulator to brush up on some of my skills. This book set is a must and I probably would not have passed without it. I was really nervous walking into the exam, but the resources that this book set provides prepared me very well for the exam.

Thorough Coverage of CCNA Topics, and a Great Value, May 2, 2008
I'm a full time instructor of Cisco courses and a CCIE. My students sometimes ask for book recommendations for further study and review. So, I hope that this review of Wendell Odom's "CCNA Official Exam Certification Library, Third Edition" will provide some insight for CCENT and/or CCNA candidates considering the purchase of this library. Following are my observations:

- The "library" contains two separate books: (1) CCENT/CCNA ICND1 Official Exam Certification Guide Second Edition and (2) CCNA ICND2 Official Exam Certification Guide Second Edition.

- Unlike some competitive titles you might come across, this CCNA library cleanly divides the topics of the 640-822 (CCENT/ICND1) exam and the 640-816 (ICND2) exam. So, if a candidate wanted to achieve their CCNA certification by taking the individual exams, they could study the corresponding book from the library. Alternately, if they wanted to take the composite 640-802 CCNA exam, they could study the entire library.

- Cisco Press' "Official Exam Certification Guide" series contains several features that readers can benefit from:
o Icons identifying key topics
o A "Do I Know This Already?" pre-test at the beginning of a chapter
o Memory tables
o Identification of key terms

- Each of the two books in the library contains a DVD and a CD. Each DVD contains personal Video Mentor-style demonstrations of topics by the author.

- Each CD allows you to install a corresponding practice exam from Boson, which has a nice testing engine supporting simulation and testlet questions, in addition to the traditional multiple choice questions found in many competing products.

- The author doesn't just hit the high points, but rather provides in-depth treatment to the myriad of topics on the CCNA exam.

- Binary math and subnet masking are major CCNA topics, and one of the CDs contains a binary math game, which plays much like a video game.

The think I find most striking about this library is the price. It includes a total of two books, two DVDs, and two CDs for a list price of $59.99. As an owner of many Cisco Press books, I consider this to be one the best values out there for CCNA prep.

Great New CCNA Study Guides, April 25, 2008
Having taught the Cisco Certified Network Associate Certification class at local community colleges, I am always interested when new Exam Certification material is published. This new CCNA Official Exam Certification Library, which is in its Third Edition, provides the individual who does not have the time or the funds to take an actual class (like I occasionally teach), a complete, step by step approach to studying and passing the current CCNA exams (ICND1-640-822 & ICND2-640-816 or CCNA-640-802). These volumes provide a solid explanation of networking fundamentals and provide a logical progression of topics and understanding, focusing on building an overall solid technical foundation and, of course, passing the CCNA examinations. The current CCNA exams are much more detailed in scope than in past tests, requiring the student to have specific concept and configuration knowledge encompassing internetworking fundamentals and progressing into routing protocols, switching, including Spanning Tree, WAN protocols, Wireless, IPv6, Access Lists, etc. Because the course material has grown in depth and breadth, the book strives to simulate, in some ways, a class environment by having pre-chapter quizzes to allow the student to assess their current knowledge on the chapter's topics as well as a syllabus or foundation topics to review as a roadmap. Included in each chapter are key topic reviews, lists of key terms and command reference tables. These are critical for the self-study individual since there is no teacher to ask questions - and this is where the other features of the book come in handy.

Since I teach, I wanted some true `students' opinions, so I handed off my copy of this Library set to a number of individuals who had either just passed their test or were studying with other materials. I asked them their opinion of this new edition, asking them to look at all the new study materials and features included in these volumes. The comments I received back were very enthusiastic. They really liked the fact that the books contain both DVD and CDrom resources. The DVD has a series of videos on IP addressing and subnetting, while the CD has several practice scenarios with excellent step by step of explanations how the answer was achieved (just like in a class room). There is even a companion book website that assists the student in further clarification of questions in the book and new postings by the authors on relevant topics. One response back on the book especially liked that it spoke clearly to what is on the CCNA exam and the fact that there was an exhaustive table of Exam topics and where in the book the subject was covered. Other feedback from my small group referred to the testing engine from Boson that provides the student a chance to test just like the real thing. Suffice to say, my little group students wished they had had these great resources when studying for the CCNA.

As for my opinion of the book, I think that the writing and clarity of the composition, in logical progression and consistent format, is what I strive to deliver when I teach, so I really appreciate the effort that went into the creation of these books by the authors. I understand the amount of work it takes to create solid educational materials. Lastly, there is a good last chapter that goes into final preparation, including study plans, relating how and what to practice and how to approach the CCNA testing. This is the same advise that I give students when I teach. This new CCNA Library is a great resource and I would recommend it to anybody who is looking for a self-paced, study program or as supplemental material in addition to other CCNA learning materials.

Gary Roesler, CCIE #11451

Really fell short of 640-801 version, November 23, 2007
Just like his previous works, Odom writes a comprehensive but very dry 640-802 Certification Library. Which I have always found a refreshing style. The major problem I have with this edition of the cert library is the lack of after chapter questions that were featured so prominently in the last edition. Basically if you could answer these questions without looking, the CCNA was a piece of cake. You could really tell that care was taken to prepare and pick these questions. Also the new chapters really kind of stick out. There is little effort in them to really reinforce the learning with repeated references to key topics that Odom pulled off so well in previous editions.

Overall the lack of review questions and polish in the new chapters really give the reader a sort of "rushed" feeling.

Informative, but unnecessarily lengthy, March 30, 2009
A group of coworkers, myself included, selected this book as our guide for a CCNA study group. So far, this book has proven informative, yet it reads as if the author had a target number of pages he had to submit (similar to a term paper with a predetermined minimum page count as assigned by your favorite college professor). There are multiple instances where the author will take a 3 or 4 page tangent on a topic without really explaining the topic all that well, and just when you're to the point of complete confusion and wondering what you missed, the author proclaims "don't worry, we'll cover this in chapter such and such." Our general consensus as a group is "why did he even talk about this subject then? Why didn't he just save it for the next chapter instead of punishing us with unrelated information now?"

Other than the obvious attempt to pad the page count (and the distracting nature of his tangents) once you can get past this the book is really quite informative. As a group, we are getting a lot out of it, and his way of explaining subject matter has proven to be thorough. He also doesn't seem to be talking down or assuming you should already know more than you do. I could do without the tangents as previously stated, as well as some awkward attempts at humor throughout the book, but all-in-all, not bad. Then again, we may change our minds depending on how we do on the tests!

Good kit, has flaws; I am CCNA after using them, February 24, 2009
Firstly I am thoroughly convinced that if your sole desire is to become CCNA certifed, this kit has the content you need to pass. If you are diligent, study hard and have the patience to work with the material you won't have a problem passing.

Wendell Odom is a noted authority in the field and I am a huge fan of his.

Having said that, I have done about a dozen certifications and these books are by far my least favorite of any certification books.

A) The logical arrangement and progression of how the material is presented is VERY difficult to grasp at certain points. He makes references to concepts that the reader has yet to study and does not help the reader get "the forest" and instead continues to articulate trees at a slow tedious pace. Even with concepts I already understood, had I not possessed a prior knowledge of that given topic, it was would be difficult to have understood them from the authors explanation.

B) The author is obviously very intelligent but a little out of touch with the needs of a learner that is at the CCNA level.

C) The testing software that comes with the kit, Boson, is full of errors. I have contacted Boson and they have yet to fix any of these. From what I have seen the Boson questions are way harder than the real exam and that definitely helps in the preparation.

If I had to do this over again I would probably stick with these books, since it is the best value for the money and will prepare you to succeed. There is a ton of extra material on the CD's that come with the book. Also the two book set makes it easier to prepare for the ICDN 1 & 2 if you are doing the two exam path.

FYI: I also used CBT Nuggets and Transcender for test prep. Watching the CBT Nuggets before each chapter will help with your reading. Good luck!

Full of Information, but difficult to read., February 14, 2009
I don't recommend this book. The reason why is that the book does not present all the information for the CCNA is a very organized and logical manner. All the information for the exam is in the book, but it doesn't display it in a way that's easy for the reader to understand.

Examples. The book often refers to examples and diagrams througout the book, but often the diagram is not on the same page. It can often be 2 to three pages off causing a lot of flipping which makes associating the information more difficult. This wouldn't be a problem except when most of the example are like this.

Subject Grouping. Subjects are not very easy to understand because they are often spread out through a chapter, or several chapters. For example, the subject of OSPF DRs and Bridge IDs are split up to a degree where it's not easy to see how the two relate to each other. And for those who don't yet know about the two terms, knoing the ID is essential to choosing the DR.

While I believe the book has prepared me for the exam, I do believe I could have gone learning it in an easier fashion. Studying for the exam is already a large task that does not need to be further complicated. I'm giving it a rating of 3/5 because it has all the information one can look for in studying for the CCNA, it's just not sorted very well.

Best alternative to instructor led training, June 3, 2008
I am intimately familiar with these contents, having been the author's technical editor for almost all of the editions of this book (and other Odom titles). I'm also a professional trainer in the computer security arena.

Odom has a remarkably clear way of explaining sometimes complex material. He ties things together and gives good memory aids for remembering related terms and concepts. The books are organized in a logical progression, but the individual chapters do not assume that the reader is treating the book like a novel and reading each word in sequence. You could begin your studies on page one of book one or you could use the book as a reference -- just looking up topics that you're finding difficult while taking a course, for example.

The exam engine is easy to use and the questions are at the right depth for the exam. There are no "gimmes" in the pool (for example, a question with a long answer that's correct and a several short wrong choices). Even a question asking the reader to match a binary number with part of an IP address has 4 good choices (many competitors make elimination easy by choosing an even number in decimal then providing two or three obviously odd numbers -- last digit is 1 -- in the binary answers).

The actual Cisco CCNA tests have simulation questions. Rather than just asking about concepts and syntax, you have to act as if you were connected to a router or switch and configure it. This book has software from Boson that gives you the same experience.

The bottom line is this: When you do these assessment tests, you'll know that the score you get reflects your level of preparation. You'll know your strong areas and you'll know where you need to focus your studies in order to get the cert.

The single topic that most new CCNA candidates have trouble grasping is subnetting. The good news is that once you get it, you wonder what was so hard about it. This book gives you a DVD with Odom explaining subnetting; in less than an hour you'll be in the "that was easy" camp.

This is a highly recommended resource.

It CAN get you through, September 25, 2007
I disagree with some previous reviews: reading this book - and only this one, I mean both tomes of course - will get you through the CISCO CCNA exam. Also, even if you do not want to go through the exam, Odom has written a very good, pedagogical, complete and friendly introduction to networking in general. This is highly recommended to all interested in computer networks - even the newcomers. After this you are ready for the advanced texts from the likes of Comer, Stevens, Radia Perlman ...

CCNA Certification Library, February 11, 2008
These books are very good sources of information for those interested in learning more about internetworking (with Cisco Systems equipment). Although the books are very informative and technically accurate, I think they would be better if there was a lab section at the end of each part of the books (Part I, Part II, etc.) to give the reader some suggested lab activities that reinfore the concepts that were covered in each chapter. There doesn't need to be one lab per chapter, but a lab for each part of the book, which groups chapters logically, would be a nice addition.

This certification library is a significant improvement over the last version of the CCNA Certification Library, including information that is more appropriate for new network engineers and the internetworking problems they will be faced with. Detailed coverage of modem standards, DDR, and physical-layer WAN technologies has been summarized to make room for an introduction to newer topics like IPv6, VPNs and Network Security. ... Read more

Editorial Review

Completely Revised for the New 2007 Version of the CCNA Exam (#640-802)

Cisco networking authority Todd Lammle has completely updated this new edition to cover all of the exam objectives for the latest version of the CCNA exam. Todd’s straightforward style provides lively examples, easy-to-understand analogies, and real-world scenarios that will not only help you prepare for the exam, but also give you a solid foundation as a Cisco networking professional.

Packed with updated topics that have been added to the 2007 version of the CCNA exam, this updated study guide features expanded coverage of key topic areas plus new material on switching, network address translation, and OSPF. Inside, find the complete instruction you need, including:

• Full coverage of all exam objectives in a systematic approach, so you can be confident you’re getting the instruction you need for the exam
• Practical hands-on exercises and labs to reinforce critical skills,
• Real-world scenarios that put what you’ve learned in the context of actual job roles
• Challenging review questions in each chapter to prepare you for exam day
• Exam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the exam

• CD-ROM Includes:
• Chapter Review Questions
• Four Full-Length Practice Exams
• 200 Electronic Flashcards
• Audio and Video Instruction from Todd Lammle
• Full book in searchable PDF format

For Instructors: Teaching supplements are available for this title.

Reviews

THE best CCNA book out there!, September 4, 2007
I own too many CCNA books. I only wish I had started with this one. As a recertification candidate I was floored by the amount of new material covered by the current CCNA exams. Todd Lammle has such a great way of presenting the material as it relates to the Cisco CCNA exam objectives, but also with respect to what we CCNA's do every day. Read this book, listen to Mr. Lammle's guidance, work the labs with real equipment or a great simulator like RouterSim's Network Visualizer, and pass the exam! This book is the best, and in my opinion the only, CCNA book you need.

Excellent study material for the CCNA Certification Test, August 30, 2007
I used this book to pass my CCNA test on August 24th.

This text is much easier to read than the Cisco Press books. The material is easy to understand and Todd had done an excellent job showing the reader his own processes for learning. Two words, Block Size. Who knew calculating subnets could be so easy.

The additional material on the CD (testing questions) are excellent for developing skills as well.

I would recommend this book to anyone who is pursuing a first CCNA or renewing an expired certification.

Highly disappointed, November 22, 2008
I purchased this book since it would be used in an in-company CCNA mentoring program which I had joined. For that reason, I didn't even consider other books.

I read the whole book, and have to say was very disappointed with it. It has a boatload of typos, many of them in the CLI captures shown, which amazed me... I didn't think someone would actually type that stuff but rather just copy and paste it from router lab scenarios. If taken from live routers, how could so many typos be introduced? Beats me. These typos at times really hinder understanding of the concepts (costs for EIGRP topology table samples come to mind). I started making a list so as to provide it to the author, until I realized they were so many that I just didn't have the time to do someone else's job.

I have also found several mistakes, some of those discussed / reported at Lammle's website (load sharing over static routes, admin distance of a static route using exit interface, etc).

In my opinion, content was disorganized in many parts, and didn't follow a logical order.

I understand that many people may like his informal writing style. I wouldn't mind it myself, if it wasn't at the cost of accuracy and
thoroughness, which this book notably lacks in several parts.

For example, in a section describing default routing and the ip classless command, he waved the issue off by saying something like: "use this command, otherwise sometimes default routing will work, sometimes it won't". Come on, we're talking network engineering here, not cooking recipes...

A co-worker started studying for CCNA roughly at the same time I did, and had bought the Cisco Press books (Wendell Odom Official Exam Guides - 2 books). I found myself going to those books time after time to seek clarification for things that were just skimmed over in Lammle's book, were confusing, or were not even mentioned. Particularly after starting my rounds of test questions and finding many questions that had no answers in Lammle's book. I found the Odom books did explain why things happened the way they did, and were real eye-openers. They usually required you to read more pages than the Lammle book, which is not surprising since thorough coverage of subjects does require content be layed out. By the end of my review period, I was sorry about my training book selection.

I was also surprised by the significant percentage of the Lammle book devoted to Cisco's SDM. While the Cisco Press books barely touch on it, and my CCNA exam presented me with no questions on it, Lammle spends dozens of pages on it (each chapter has a good chunk on how the chapter's subjects are done via SDM).

In short, if I were to make a recommendation to someone who was to start preparing for this exam, I wouldn't hesitate in pointing him the way of the Cisco Press books (W. Odom) instead of this one.

I did pass the exam, and with a good grade, too, but I felt the real meat I learned it from the CP books, not from this one.

I'm surprised with the many great reviews the book has here, I guess maybe this book would be considered a good tool by those just starting in the networking arena. But I don't see how it would meet the expectations of anybody with a few years into this and looking for in-depth review of how things work the way they do.

Just my views here... hope they can be useful to future CCNA exam takers out there.

The only CCNA book you need, October 9, 2007
This is the only CCNA book you need to pass the test. Period. I went through the Cisco Press books, did all of the labs, and still failed the exam miserably. This book has everything that you need to know and more. One thorough reading of this book and I passed the exam with a 918! Just KNOW YOUR BLOCK SIZES. Todd Lammle is a networking genius, and a cool guy to boot (I had the pleasure of meeting him recently). This is probably the least dry CCNA book I've come across. Todd's got a way of making light of a very dry and complicated subject. This book actually goes above and beyond the CCNA, covering all of the objectives, even ones not likely to be on the test (and that I personally did not encounter on the test). Pair this book with the router and test sims from Mr. Lammle's company, and I guarantee, you WILL have your CCNA!

This is a great reference tool., October 23, 2007
I can't agree more with the other reviewers. Their reviews is exactly why I bought the book.

The greatest thing about this book is the casual style it's written in. You can read it without feeling like you're reading a text book. It may not be for the person who is masochistic enough to want to be lectured to in written form, but for someone like me who can fall asleep in a second in a text book, it's fantastic.

If only my other text books were written like this...I'd maybe learn a thing.

Disorganized, but not completely useless, March 19, 2008
I found the book to be a bit disorganized and confusing. Many key concepts are not explained well, or are merely glossed over. I found the enthusiastic writing style annoying, and would have preferred a more logical and methodical presentation. Terms and definitions are often presented out of order, with one term being used in another term's definition before the first term is defined itself. The video content is kind of useless as the video is mostly of Lammle sitting in a chair talking. I would have preferred some sort of graphical presentation.

One positive thing about the book is the attention it gives to CCNA objectives. It does a good job of making sure that you are aware of the objectives that will be covered, and what you need to know to pass the test.

If you are studying for the CCNA exam this book will serve that purpose, but if you really want to better understand what you are doing I suggest Gary Donahue's "Network Warrior" book. This book really fleshes out the areas where Lammle's book is lacking.

Beware - not a complete resource!!!, August 8, 2008
I used a previous version of this book to pass the CCNA exam in 2002. It was the only resource I used.

I felt that I could do the same with this book, but this was not so. I've now failed the exam twice (749 and 801) even after supplementing my learning with the free Cisco Learning Network online resource (which I highly recommend).

This book is riddled with grammatical and technical errors. This creates confusion, especially with all the conceptual information to be retained. There's not much help on lammle.com either (as the book would have you believe). Combine this with Cisco's ambiguous testing philosophy and the amount of memorization it takes to do well and you face a very tough testing environment.

I'm an IT professional with over 6 years of Cisco experience. I routinely configure Catalyst switches (4006, 4507) and routers (2600, 3600). I love technology and am not new to working with it. I'm confident that I'll pass this exam, but it's going to take more than reading this book to do it.

It's a decent book, but beware. I feel that these raving reviews are products of bias and disproportionally weighted.

Thanks for reading this and good luck with your CCNA pursuits.

Well written, casual tone, CD-Rom Bonus!, December 19, 2007
This is one of the best tech books you can buy, the casual conversational tone used to present the very technical material is very effective! Read the book, practice the example questions; and start using the CD-Rom right away! It includes an electronic version of the book (indispensible for quick searches), and the Sybex Test engine and flash cards were a real help when I studied and passed my CCNA last week! Subnetting has never been so easy!

Not very good, March 18, 2008
I read all the other reviews and bought this book... it just isn't very good as far as I am concerned. I have found multiple errors where they just updated the old book and didn't bother to proof read: one of the most notable being when they give the definition of a switch as the definition of STP... which is wrong... very very wrong. It's materials are very poorly organized, it gives the definition of a term using a term you have never seen before and won't see again for another 100 pages. In conclusion I am gonna go spend more money on a different product while wishing I hadn't bought this one.

Best book for CCNA, April 14, 2009
I have been teaching CCNA classes in a Cisco Network Academy since 1999 and we use Cisco Press books, but that does not mean that I think that is enough. I always tell my students to get Todd Lammel's CCNA Study Guide and I have 3 different editions on my shelf right now, including the lastest 6th edition.

I feel those that are trying to understand the CCNA should have at least 2 different sources of material, one being Cisco Press and the other being Todd's book. Todd has been doing this book since the CCNA came out and he has been doing it RIGHT!!!! When you don't understand a subject in one book, having a different view of things tends to help. Like I said, the CCNA is not easy, if it was easy - EVERYONE would be a CCNA!!!

I also would like to single out 1 chapter, one of the hardest things people in networking have trouble with is subnetting!!! Todd's chapter on subnetting is the best chapter on the subject, I have had students so lost on subnetting, I tell them again to get Todd's book and USE IT, they get the book, read the chapter on subnetting and then use it for everything else as they work towards the certification.

Now, will 1 book get you the CCNA Cert? Depends on your background but realisticly I feel you need several sources of material as well as TONS of hands-on labs with sims, emulators or best yet - REAL CISCO routers and switches.

It is not that Todd's book is missing anything - it just takes a very good understanding of the material to pass what is a very hard certification exam. I think having a well rounded education from several books as well as lab work will do that for you!

But if I was only going to buy 1 book, it would be Todd's!!!

Hope this helps! ... Read more

Editorial Review

Get ready to take flight as two certified flight instructors guide you through the pilot ratings as it is done in the real world, starting with Sport Pilot training, then Private Pilot, followed by the Instrument Rating, Commercial Pilot, and Air Transport Pilot. They cover the skills of flight, how to master Flight Simulator, and how to use the software as a learning tool towards your pilot’s license. More advanced topics demonstrate how Flight Simulator X can be used as a continuing learning tool and how to simulate real-world emergencies. ... Read more

Reviews

Terrific Resource, January 3, 2008
I'm an instrument-rated private pilot. Although Flight Simulator isn't a perfect substitute for real-world flying, it does have its pros (not least of which is that it doesn't cost $139/hr to rent 'wet.')

I've had this book since October, and I love it. (I would have loved it even more if I'd had it several years ago when I was earning my license and ratings. It's THAT helpful.)

What I'd add to the other reviews is that the two authors -- both flight instructors -- do an excellent job of pointing out where Flight Simulator-flying and real-world flying differ, as, for instance, in ATC communication, available IFR clearances, and the operation of the G1000.

A Must For Serious Flight Sim Enthusiasts!, August 6, 2007
FS Real World Training is an invaluable book. Although I had already 'passed' many of the flight lessons in FSX I still didn't feel confident about my flying skills. There were too many things that were left (excuse the expression) hanging in the air. When I bought this book I started at the beginning feeling like a newbie all over again. Many points that I missed before are explained fully and in detail and finally it is all making sense. As a result I am enjoying my flight simulator more than ever. Aside from the wealth of interesting and informative detail I think the most important thing is that the reader gets to make connections. The information connects from one chapter to the next and consequently, step by step, everything fits together. Going through this book is an immensely enjoyable experience. An added bonus are the generous number of free mission files and charts available on the wiley. com web site which are enjoyable and extremely useful.

For simulator pilots too!, October 3, 2007
Although the title of this outstanding teaching manual indicates it is for real pilots using Microsoft's Flight Simulator as a teaching tool I can enthusiastically recommend it for simulator pilots as well.

I learned so much from the authors who are real world pilots & instructors I hadn't learned from other available sources. I consider when I finish the manual with the missions included I will have completed real VFR & IFR instruction even though I am not a real world pilot & confine my flying to Flight Sim only.

The book is eminently practical as a good teaching manual should be. It offers a stepwise approach to flight training from the Piper Cub to the twin-engine Beechcraft Baron & beyond. A novice completely unfamiliar with simulator flying could use this book from the beginning to become competent in VFR flight before even thinking about sophisticated avionics & instrument flying. It is crammed full of practical tips & offers context for the theory of flight which can be gleaned from other sources.

There is a bunch of extra resources available at the publisher's website which extend the material even more. One can download approach plates & the like for the included missions.

I cannot recommend this book highly enough for simulator pilots; it is simply wonderful!

ABOUT TIME, August 29, 2007
Finally a book that takes nothing for granted and has one eager to get started with FSX. I followed one of their MANY helpful suggestions and took the book out to a flying school. From CFI's, (you'll find out what that is in the first chapter) to students, their praise was unanimous. I'm 77 years old and although I don't plan to take flying lessons, this book whets one's appetite and desire to get started. The book not only covers flying but also gives excellent information on just what power does your computer need to run the program as well as having a section that deals with Windows Vista. Sincerest congratulations to the authors.

MS Flight Simulator X For Pilots Real World Training, June 4, 2008
This is a good book for real pilots who would like to improve their MS Flight Simulator experience, as well as for non-pilots who would like to become pilots. The book is written in simple terms so the new student will understand, but there is clearly enough there to benefit the accomplished pilot both from a aviation knowledge and simulation point of view. I am an ATP and CFI and have found nuggets of wisdom that I will use in flying and teaching. Mostly I am making my flight simulator experience richer and more fun by getting to know the software and online world better. My simulator is complete with yoke, multi-engine throttle quadrant, rudder pedals, multi-function panel, and three monitors. The only disappointment so far in the book is the recommendation that you open multiple views on one screen, without recommending adding another monitor and opening the view there. I have found that with multiple monitors I can effectively fly VFR by looking out the left window (left monitor), placing the instrument panel and forward looking screen on the middle monitor, and radio equipment on the right monitor. This is also ideal for IFR practice, which I do every day. I also use FS2004 (not FSX) and still find the book germane, even though it is not specific to my older version.

Even though I own two airplanes, I still fly MS Flight Simulator because I can practice to perfection procedures that make my real world flying much better. This book helps me reach that goal. I am looking forward to continually expanding my sim experience, and maybe I'll see you online!

I'm not a pilot, December 4, 2007
It's a lie. The title. That's what the lie is.

I'm no pilot and don't play one on TV either. This book is terrific -- accessible, filled with facts any vicarious pilot will love, and filled with information on such things as how to get free aerial maps.

How do those VOR and NAV things work? This book will tell you and entertain you at the same time.

It's a labor of love from two guys who know both the material AND how to present it. This is the one to buy. Outstanding! I can't even begin to offer a suggestion for improving it. And, despite the tone of this review, I'm ALWAYS wishing for things that aren't present when I look at instructional materials.

Right on target for real world flyers!, February 17, 2010
When I first looked at this book what really came out was the fact the authors recognized that Flight Simulator 10 (FSX) offered limited ability to view your surroundings. A reality which resulted in many users of FSX focusing excessively on instrumentation which is the exact opposite of expectations in real world flight unless of course your flying under instrument flight rules.

Upon getting started with the book I decided to take things from the beginning even though I had previously mastered the basics of flying real airplanes. I can without doubt tell you this book brings a new vision to FSX and presents learning how to fly from a far different perspective than the tutorials and missions alone which come with FSX.

The way the authors have presented the material teaches the importance of focusing on whats outside the aircraft. This is so very critical if you plan on flying real aircraft. Critical for your safety, getting to your destination (VFR), and the safety of your aircraft, other aircraft, and everything on the ground including other people.

I can only applaud this approach to flying with FSX. Frankly I believe the way the authors present development of flying skills is a better approach than that deployed with FSX because it brings the importance of focusing on activity outside the plane into primary consideration. Isn't this why we fall in love with flying for the most part anyway? Think about it when you made the decision to learn to fly was it based on the planes dash board and controls or being able to sail effortlessly through the sky and marvel at the beauty of the clouds and the scenery below?

The one thing which I did have a desire to change when first beginning to read the book was to use a different plane other than the Piper Cub. A plane which was more sophisticated, faster, and complex to fly, but that's when the reasoning of the authors became fully understood. Picking the Cub as the trainer was more a necessity to teach us focus on the skill and art of flight and in the real world.

I was also very impressed with the fact that the book went beyond FSX and simulator flight by providing the details of differences between simulators and flying real airplanes. Simple things like the actual engine start procedure for the Cub were pointed out for example as was discussion of back pressure on the stick or yoke differs away from simulation in a real plane. Discussion of readjustment of FSX control settings were presented to help readers master the skills being taught. All of this is essential to those using FSX who desire to fly the real planes. This kind of instruction helps us understand why simulators are a great learning tool and also where they fail to paint the whole picture of flight.

For the downside I felt it would be advantageous to have had color photographs of images in FSX. Those color images however were presented as downloads from the publishers website along with simulation scenarios to be loaded and used while practicing what the book presented.

If the photos had been in color and a few other small details of how to setup of the down-loadable files had been present I would have given the book 5 full stars. Let there be no doubt as to the teaching intent and presentation of the words, for that I do give this book a full 5 stars relative to the audience to whom it is targeted. This is a should read for anyone who has an interest in learning to fly a real plane and who desires to use FSX to help them augment the learning process. Sharing what you are learning with your flight school instructor is a great idea and giving them a copy of the book to read and follow along with you is even better.

This book along with the instruction which came with FSX will go a very long way to helping any new pilot and it is also a good refresher for those who have already learned the flight skills.

Best training book I have, April 17, 2008
My opinion is anybody who gives this book less than five stars is REALLY hard to please or has some pet peeve they can't turn loose of.

I have spent (wasted in many cases) lots of money and time on GA training books in the past and ignored this one for quite a while as "just another book on flying." When I saw the price drop below $20, I decided to take a risk. Wow! This could be the best training book I have every bought. I hate to be dramatic about that but honestly, I probably have fifteen books of this nature and this is the clearest, most well laid out of any of them. I love the way the authors bring FSX into the training as yet another tool to help you practice your technique. The online material (especially the films) are very helpful too. It is obvious these guys did not write this book because they are "professional authors" but because they really do love flight training.

This book is a labor of love and you would do yourself a disservice by passing it by.

Make Your Hobby Take Flight !, May 8, 2008
I think based on the reviews below - you get the drift. Those reviews speak for themselves (and the book). I don't need to repeat every thing noted by the other reviewers. It's a great book and I learned more than I would have ever thought.

Don't let the 800 pages scare you off. The diagrams and the tutorial flights are just awesome. I have been flying MSFS since way back in the early days. The interest over the years has come and gone and I would skip a version here and there... then FSX hit the market. I since have turned this interest into a full fledged hobby. Everything from a TrackIR, Matrox (3 screens), Rudder pedals, yokes,good PC and a full set of navigational charts and IAPs - I thought I had it all together and knew everything there was to learn. What I found out from this book, I had barely scratched the surface. What I was missing was real world knowledge. This book has tied it all together and has made my hobby seem almost as authentic as the real deal. Now I can go any place at anytime in any aircraft.

Great great book! Do yourself a favor and invest the tiny expense (relative to the rest of this hobby) and enjoy. Remember, it's all about the journey and not the finish line. Soak up the knowledge that these authors have penned for your simming pleasure!

If you would like more information or would like to discuss simming in general feel free to contact me at fly-bman2006@hotmail.com

Bman.

Near Perfect Complement to IFR Training, April 12, 2008
This book is what I was looking for and did not find in Bruce Williams'Flight Simulator as a Training Aid. The authors are Real Pilots who have painstakingly incorporated their vast experience into a very readable and often entertaining soup to near nuts FSX-based teaching tool. I have been using the book for the last three weeks in preparation for a ten day intensive IFR training course. The proof of the West Cummings book's success will come with my flying pudding a few more weeks hence when I get checked out. I get the feeling I'll do ok which will be in no small measure due to the comprehensive and well organized approach taken in the book.
Hightly Recommended for real or simulated piloting. ... Read more

Editorial Review

All-in-One is All You Need

Get complete coverage of all the material included on the latest release of the CompTIA Network+ exam inside this fully updated, comprehensive resource. Written by CompTIA certification and training expert Mike Meyers, this authoritative exam guide features learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations. Designed to help you pass the CompTIA Network+ exam with ease, this definitive volume also serves as an essential on-the-job reference.

Covers all exam topics, including how to:

• Build a network with the OSI seven-layer model
• Configure network hardware, topologies, and cabling
• Connect multiple Ethernet components
• Configure wireless networks
• Work with network protocols, including TCP/IP, DNS, SIP, and IMAP
• Configure IPv4 and IPv6 routing protocols
• Share and access network resources
• Interconnect network operating systems-Windows, Mac OS, UNIX/Linux
• Set up clients and servers for remote access
• Monitor and troubleshoot networks
• Secure networks with firewalls, packet filtering, encryption, authentication, and other methods

The CD-ROM features

• Hundreds of practice questions
• Video introduction to CompTIA Network+
• A collection of Mike's favorite shareware and freeware networking tools and utilities
• Complete electronic book

Reviews

Good, but may need more resources, November 23, 2009
Having read through this exam guide cover-to-cover, and having over 20 years of networking, internet, and telecommunications experience, this is a solid book for preparations to take the CompTIA Network+ exam. However, if you don't have significant experience in the area of networking or internet, you will need to increase your chances for passing the new 2009 Network+ exam by visiting other sites on the Internet particularly in the following areas:

* subnetting
* network security
* Local area network concepts

These topics can be researched very easily with an advanced Google search on the listed topics.

The rest of the topics for the 2009 CompTIA Network+ exam appear to be adequately covered. Mr. Meyers did an excellent job on the book, and should be commended.

I rate the book: 8 out of 10.

Read This Book First, September 5, 2009
OK, I read some sections and skimmed other sections in the Exam guide (Fourth Edition). It is the best of the three latest Network+ guide books that I've read. I wished it was my first. It is well-rounded in emphasis, introducing the subject material in an easy-to-grasp way. There seemed to be enough Mac/Linux info. I liked the well descriptive illustrations. I also liked that the material was not introduced before its time, but was described enough at the right time. This book doesn't have any bullet points at the end of the chapters. Though other exam guides are better to cram with, this guide makes a better introduction.

Of the big three Network+ exam guides out there, this is the best and most reliable. I found very few typos (4), and only three areas of conficting detail info. The good news is that none of the questions/answers in the book or in the one practice exam (50 questions) were found to be wrong (and I did all of them). I would recommend this book over the other 2 that I read.

Mike Myers vs Lammle, November 7, 2009
Because of DOD 8570 directive, to keep my present job, I have to pass the Network+ certification. I've worked in the IT industry for 20+ years, however my expertise isn't really related to networking. I have experience with the network, but do not administrate it at all. I bought Lammle's book first. I liked it very well. There are times when he's too vague or over my head with his information. After browsing through the few pages I could see of Myers' book through Google books, it looked to me like he was a little more simple with his explanations. So I bought this book hoping that I could understand places that I couldn't understand with Lammle. The two books work wonderfully together, i think.

While Lammle is straight forward and high level, Myers' clears confusion by bringing it down to my level. The only problem I have with Myer's book is that he gets way too deep into the most simplistic things. I glazed over often when he went into great detail about security and how it works. Yes, security is a vital part of your network, but really I don't want to know the intricate details of how encryption works, I just want to know when and how to use it properly. I could care less about the conversions of a series of ones and zeroes.

And with Lammle's book, I was able to subnet after reading the chapter on it about five times, but I was still struggling with it. He used a term something like 'interesting octect'. I never did get that. I couldn't tell what made any part of the address 'interesting'. I was really hoping Myers's book would clear that up for me. But Myer's lesson on subnetting was horendous. I couldn't follow it and it made absolutely no sense at all. So I'm in the dark for that information. I'm hoping with what I picked up from Lammle that I'm able to get pass any questions on subnetting.

All that being said, I would've been disappointed if this was the only book I bought to get ready for my test. It is good, it just needs more, and more test related information. I did like the way he pointed out exam objectives and included 'Exam Tip' information, but when I try to compare the exam information to the information in Lammle's book, I think Lammle will have more information that I will use in the exam itself. However, he didn't point it out as nicely as Myers' did.

It's not a Magic Wand, but it's good for what it is..., May 14, 2010
OK, if you are reading these reviews, it's likely that you are trying to decide... "Which Network+ Book should I buy to prepare for the Network+ exam?"

I'm deliberately writing this review at this very moment as I passed (almost perfect score) the 2009 objectives Network+ exam just a few hours ago. So while the test is still "fresh" in my mind, I'm going to evaluate the book I used to study for the test...and compare it to other likely suspects, based on my own reading of many reviews.

My honest opinion is this...as long as the book you choose covers the CURRENT Network+ exam objectives, it really shouldn't matter which book you buy. Now, you might be wondering why I would say that it doesn't matter which book you choose. There's a good reason I say this. While I was still studying for the Network+, I read one Network+ book review which stated (basically) that if you don't have significant professional experience supporting computer networks, you wouldn't pass the Network+ Exam just by studying from a book. I was very skeptical, AT THE TIME. I was thinking that there is no way that the Network+ exam (being multiple choice) could possibly be that ummmm...practical.

After taking the Network+ test though, I have to say that I probably would not have passed the Network+ exam without significant (professional) network support experience to draw on. Regardless of what book I studied from.

Now, I had to sign an agreement stating that I wouldn't divulge what is on the actual Network+ exam. However, in general terms...about HALF of what was on the Network+ exam was centered around networking terms and concepts that are covered (pretty well) by this particular book, the one I'm reviewing by Mike Meyers. The other half of the Network+ exam was centered around practical network admin./support skills... skills that can not be learned from a book. (not from any book)

This kind of makes sense, seeing as CompTIA general guidelines (not required, but suggested)say you should be A+ Certified and have a minimum of 9 months' professional experience in network support or network administration before testing for the Network+ Cert. The test I took (today) was obviously geared toward testing the practical skills of professional network administrators. Even Mike Meyers at some point in this book (forgot exactly where) comments that the exam covers practical skills...or words to that effect.

Half the Network+ test is PRACTICAL. Either you have the professional experience you need to handle this half of the Network+ exam, or you don't.
For the other half of the test, this book or the one by Lammle (from other reviews I've read) would do a good job of helping you prepare for the Network+ exam.

To put it simply...if you absorb all you can from this book or Lammle's book (or whatever), you might get half of the Network+ exam questions right. You can't pass with a ~50% equivalent score, obviously. So if your professional experience is enough to cover the other half of the test, then what book you choose to review with should not matter. Assuming one book is (subjectively) "better" than another, it still won't significantly affect your score.

Knowing what I know now, I'd say buy whichever Network+ book is cheaper, of the top rated books that cover the current objectives. But don't spend too much time on it. If you have the practical skills to pass the Network+ exam, you shouldn't need to spend more than a few days studying a book like this one I'm reviewing.

Now that you know the book itself isn't THAT important...any comments I'd have to say about this book would pretty much mirror many of the other reviews I've read. Yeah, there's some errors in there, some typos. But I don't feel this is significant. The book doesn't cover everything you need for the exam (no book could), so it's not a big deal if a particular book
on this subject is not perfect. This book is good, for what it covers.

Great book, May 2, 2010
I am almost finished with this book, and have been for the most part very pleased with it. Meyers does a great job of explaining things in an easy-to-understand way, while still getting in to the nitty gritty. For the most part, I think the pictures were a tad too simple, but others seem to like them.

I have read Lammle's Network+ 2009 ed book twice, so I have been mentally comparing the two the whole time I have been reading this. First off, I think that over all this book takes first place. It just does a much better job of explaining things, and doesn't introduce too many concepts without actually explaining them (Lammle likes to introduce a topic and then not explain it until much later in the book). I really liked that there were whole chapters dedicated to DNS and IPv6- Lammle's had a just little blurbs for both. This book seemed to do a much better job describing cabling standards as well. Meyers book doesn't seem to have many low points. Lammle's started off strong, but the last, shall we say, quarter of the book felt weak; it felt extremely brief like he was trying to cram a lot of high level information into a small amount of pages. I haven't noticed this while reading Meyers book.

The only areas that I think Lammle tops is routing and subnetting. I tried reading Meyers subnetting section, and it pales in comparison. I also liked how Lammle lets you know early on in the book that hubs are old news, and doesn't waste a lot of time on them, instead hammering away over and over again that switches are king. Meyers book (even if just for simplicity's sake) focused a lot on hubs early on, and kind of gave me the feeling of an outdated networking book.

Bottom line- this is a great book, and will aid in becoming Network+ certified. I'd still suggest taking a peak at Lammle's book, even if just for a few chapters (routing and subnetting). It helps to get information from multiple sources.

Very useful., October 5, 2009
Purchased this item, read through and studied from it for two weeks, and took the exam. Passed with an 885. I did have prior networking experience, but you are supposed to when you pursue the Network+. If you have any working knowledge of networking, this book is all you need to pass the exam.

Great Book, Below Average CD, November 30, 2009
Fantastic book with great explanations that include helpful drawings. It covers everything you need to know in an easily-readable fashion. I would have given this book 5 stars hands down, but the test engine in the book was not good. It has good questions but only 1 practice test and one regular test. I found out there are only 50 questions loaded and it shuffles them for the different tests. I did pass the Network+ first try but I was very nervous due to the lack of questions I had. I would recommend using additional software or focusing heavily on the in-book questions. The CD questions are very good; there just aren't many of them.

All-In-One does not mean All Inclusive, July 9, 2010
Just finished up taking (and passing) the Network+ exam using this book as the sole reference material. I will say that the book was written pretty well and was easy to comprehend. I do know that if you are looking for a one stop reference guide to passing the Network+ exam, this book by itself could work, providing you also have quite a bit of network hands-on experience. If you are relatively new to the IT certification realm, then I would strongly suggest augmenting this book with other material(s).
Pros: Easy to read, easy to understand, made complicated concepts easy to learn.
Cons: Editing mistakes, not all actual exam questions/topics were covered in this book, review questions at end of each chapter although helpful with understanding the concepts..do not apply directly to questions on the exam. Also the CD with the practice test (includes a practice exam and a "final exam") use the same questions for each one with no variation.
Overall: Decent reference book and should help most with the exam.

Go ahead and add this one to your cart., June 30, 2010
My background: I am a network administrator for a very large DoD network. To prepare for the N+ exam I read this book and took a few online practice tests. The book itself is very thorough and uses humor to explain certain concepts. I think it is far more entertaining to read than some books from other competitors are. As we all know, if a book actively engages you it is easier to comprehend the subject matter. You can throw the CD it comes with in the trash because it is worthless (unless you like to read e-books). The N+ exam tests you on a very broad spectrum of topics and this book does a great job of covering the information in enough detail to enable you to pass.

Mike Meyers Network + - 4th Edition, February 8, 2010
I am, right now, still in the middle of reading and studying for the Network + Exam, but I would recommend this book to anyone who is wanting to acquire this certification. I read his A+ study guide and passed that exam with flying colors.

What I like specifically is he separates history and concept info separate from the exam material. So you get a good overview of all concepts so that you better understand it. But because he does highlight the material that actually will be on the exam, you don't spend hours memorizing things....only to find out they weren't even on the exam.

... Read more

Editorial Review

The Ultimate Real-World Reference for Revit Architecture

This comprehensive guide has been completely updated to provide the most modern, detailed, and in-depth coverage of Autodesk's leading building information modeling software. This packed new edition features clear discussions of core topics that are reinforced by compelling examples and tutorials to guide you to Revit Architecture mastery.

The expert authors use real-world workflows to show you how to immediately implement and use Revit Architecture 2011 with spectacular results. They delve deeply into every crucial topic, including how to most productively use the interface, how to create fantastic building designs with Revit, and how to produce solid documentation. They also explore such advanced topics as using Revit Architecture during construction and how to leverage the API.

Coverage includes:

• A thorough, complete overview of the Revit Architecture tool chest

• Advanced modeling and massing using the Family Editor

• Designing simple and complex walls, curtain walls, roofs, floors, stairs, and railings

• Preparing your designs for presentation with color fills, animations, visualizations, and more

• Using the Revit API to create custom applications

• Performing various types of sustainable design analysis

• Advanced topics not covered anywhere else, including modeling for construction, and Revit for film and stage

• Other critical coverage such as managing Revit projects, family creation, office standards, and more

Quickly Become Productive Using Core Revit Features and Functions

Document, Detail, Annotate, and Present Your Designs

Improve Your Workflow with Worksharing and Collaboration

Explore the Essentials of Sustainable Design

Prepare for the Revit Architecture 2011 Certified Associate and Certified Professional Exams ... Read more

Reviews

The best, July 19, 2010
This book is a MUST HAVE if you are new to Revit or if you are an advanced user looking to pick up new tricks. Well written, great diagrams and by authors the certainly know their stuff. Hands down, the only Revit book you'll ever need.

Throw out the other books..., August 26, 2010
I have all of the books, being self-taught up until recently. But this one is by a far, far distance better than any others. Every time I pick it up (and I actually enjoy reading it) I get something significant from it. Autodesk basically has a scam to get you to pay almost two hundred an hour to their dealers for training because they give you squat for support, and no old-fashioned manual.
Before I bought this I had hit a wall, paid for about a thousand bucks worth of training with a more reasonable dealer out-of-state, got alot out of it, then this book came along. I would advise both the book and the training, as an advanced user. The key is that the dealers are hungry. The small ones will negotiate. You should be paying less. Try Caddcenters of FL over the net. Really good. BTW I get nothing out of saying that. Period. Just want to save you time.
But buy the book first!
Also, if you are using Autocad anymore, you are wasting your time. Or keep doing it, as Revit passes you by at a hundred miles an hour. Just trying to help.

Excellent Publication Y'all!, July 20, 2010
This book is a wonderful resource for not only beginners, but also for advanced users and managers who want to understand information modeling and VDC (virtual design and construction). There are sections on using formulas, advanced modeling, elaborate write ups on family editing and so much more. I have been referencing several manuals over the last seven years since I started using Revit, but this one is hands down a complete package. This is because most manuals barely skim over these topics but never help one understand it step by step. But the authors in this manual have taken the time to target audiences of varying understanding and it truly works, in my humble opinion.

I've known Eddy and Phil for a little over a year as my seniors at HNTB and these guys are always available and willing to help out and share expertise. This is exactly what the book is all about! The other really good thing about this publication is that it covers how to set goals, how to adopt BIM for new users/companies and move onto advanced integration from a Business management standpoint. If this was not enough there are elaborate sections of BIM application in other industries like Film & Stage and Fabrication. More! Design Options has always been my Achilles Heel. Not anymore! All in all this book is packed with goodies for one and all who want to better understand and become experts in this new realm of Architecture.

So I recommend this book without any reservation! My heartfelt kudos to Eddy,Phil and James for taking such sincere effort in sharing all their experience and expertise. Pick it up if you are as excited about Revit Architecture 2011 as I am! :)

Up to expectations, October 13, 2010
The book provides real life examples for work flow and deals issues met in everyday processes. It gives important guidance as to the cross platform use of data so that things would happen easier.
Finally shows how no software is still enough to pull off the whole of the design, either because of design philososphy or because of company tactics. It is much better though even for beginners as similar books tend to present the possibilities of a software instead of helping the user. I would definetly reccomend this to coleagues.

Mastering Autodesk Revit Arch 2011, November 3, 2010
The book is comprehensive and contains solutions or at least leads to solutions to almost all the issues I had in my project. I am a student and first time user of Revit. Although I also have Introduction to Autodesk Revit Architecture 2010, I have relied on the Mastering Revit Architecture 2011 a lot more considering it is much more detailed, with more tips.

I have yet to thoroughly read and do sample exercise from this book. Nevertheless, by jumping from chapter to chapter, I managed to finalise a design of intermediate level of difficulty in one month. I found Mastering Revit Architecture 2011 a great resource and easy to use despite its volume!

More than just learning the software., November 1, 2010
I just put this book down long enough to put in my 2 cents-worth. What is nice about this book is that it is more than learning the Revit Architecture software. The authors understand architecture and the process of creating it. This is what is important to me. I do not want to learn Revit just so I can tell a potential employer that I can use it. I want to learn Revit so I can use it as a tool to design a building. This book addresses that aspect of the software as much as it addresses creating walls, doors, windows and all the objects that make up a building.

This is THE Revit guide, September 24, 2010
It's my third revit guide and this book is perfect if you want to understand more of Revit and get what comes "out of the box". The chapter on stairs and railings is worth a book by itself, simply wonderful!

Great Revit Book Reference, August 28, 2010
This is the "BEST" Revit book reference for serious or advanced users.
Plenty of "real world" examples and helpful tips from seasoned architects.
Note:
If you are a beginner with Revit, try with another "step by step tutorial style" book.

A must have for Revit users (beginner or otherwise), August 17, 2010
I was very impressed with the book, I've bought others over the years (never by these authors) and this is by far the best. The setup is great, enough information to get your mind going, and not too detailed to make it boring. The explanations provide understanding of the tools but also get you thinking of what more to do with it. There is so much information packed into it, it isn't just about Revit tools, but about a whole project put together. Plus, you get extras that were unexpected; Revit for fabrication, and film and other great topics, that is a great read, also gets you thinking of many ways to use the program.
I have to say I am very happy with this book, it shows there was a lot of work put into it, it is very much appreciated. Thank you for putting this book out.

Awesome book for people who know the basics!, September 21, 2010
I am 31 yrs old and am an advanced user of CAD. I first got introduced to Revit in version 11 and drew up a simple plan. I found it frustrating at first cause I didn't know how to do simple things like detail a section dwg so I wasnt sure I could handle a "real" project.

Well, with this book I now feel comfortable taking on a full blown job. Its very informative in many ways and a perfect guide for anyone who knows the basics.

I look forward to using this book as a guide and I enjoy reading it also because I feel like I'm actually learning something new!

The only thing I didnt like was the fact that the illustrations were in black/white and sometimes the authors reference colors when explaining something (i.e. datum colors, selected/unselected objects)....so it doesn't really make sense in that aspect. ... Read more

Editorial Review

The Best Fully Integrated Study System Available--Written by the Lead Developers of Exam 310-065

With hundreds of practice questions and hands-on exercises, SCJP Sun Certified Programmer for Java 6 Study Guide covers what you need to know--and shows you how to prepare--for this challenging exam.

• 100% complete coverage of all official objectives for exam 310-065
• Exam Objective Highlights in every chapter point out certification objectives to ensure you're focused on passing the exam
• Exam Watch sections in every chapter highlight key exam topics covered
• Simulated exam questions match the format, tone, topics, and difficulty of the real exam

Covers all SCJP exam topics, including:

Declarations and Access Control � Object Orientation � Assignments � Operators � Flow Control, Exceptions, and Assertions � Strings, I/O, Formatting, and Parsing � Generics and Collections � Inner Classes � Threads � Development

CD-ROM includes:

• Complete MasterExam practice testing engine, featuring: Two full practice exams; Detailed answers with explanations; Score Report performance assessment tool
• Electronic book for studying on the go
• Bonus coverage of the SCJD exam included!

Bonus downloadable MasterExam practice test with free online registration.

Reviews

Good book, lousy e-book, August 15, 2008
Readable, approachable, perhaps even to a fault, this study guide does a good job of describing and preparing a ready for the SCJP exam. The book occasionally obsesses on what I'd call trick questions which delve a little too deeply into syntactic molasses. Concepts like multi-dimensional arrays, run-time versus compile-time, and variable arguments are often tested in a single question.

I took one star away for the CDROM content, specifically the e-Book. The content looks like it came directly from a Distiller-like product with zero treatment at all. A html "Table of Contents" is unreasonably course. It only list chapters. An index is unavailable. The e-book is split by chapter. Security prevents cutting or pasting, printing, or re-distilling into a one-stop searchable monolithic source. So really, the e-book has been castrated into something completely unusable. In short, why bother?

Oracle now owns Sun--exam changes afoot?, February 18, 2010
I bought this book several months ago and finally spent enough time plowing through it to be ready to take the exam. Which I took today and passed. Glad that's out of the way, as it's a really obnoxious exam. (I took the 1.4 version in 2006.)

Many of the test questions rely on misdirection/trickiness, as opposed to getting plainly at your understanding of Java itself. Several questions only test brute memorization of APIs. There are not enough questions, so the categorical results given to you afterwards have little meaning (50% in concurrency! Meaning probably 2 out of 4 questions--on a topic covered in 80 pp in the book!). You can get for example 3 possibilities correct out of 7, but miss a 4th, so get the whole question wrong. At least they have drag-and-drop now, which they didn't have in the 1.4 exam.

It is, in short, a poor design. Given that, this book does do a good job of preparing you for the mess. The book mentions "toughening you up" for the exam and I think that's accurate. One problem is that there is no published errata, and the errata, particularly in the mock exams will drive you crazy. The website Java Ranch is a good place to check when something seems like a typo.

There's really no short cut to 1.) reading the thing front to back 2.) going through the questions and answers at each chapter's end 3.) going through the provided mocks and 4.) writing dozens of little programs that mimic the points in the mocks.

But be aware: Oracle now owns Sun, and has announced a new "Sun Java Programmer Plus Certification", which they call Sun's first "performance-based" Java certification exam. It's apparently in beta. It may make this version of the SCJP 6 obsolete. Good riddance I say!

So, if you haven't signed up with Sun to take the SCJP 6 yet, and haven't bought this book yet, it may be worth holding off until the dust settles. Currently they're saying they'll have a beta version of the new exam ready in March 1, 2010. That seems a bit too quick. The cost of this exam (SCJP) has doubled since 2006, to $300, so it may be worth waiting to take this "Plus" version instead. It's hard to find info about the beta on the Oracle site, though you can follow news at Java Ranch in the SCJP forum, under the topic Regarding SCJP Plus. Those guys are on it like rats on cheese.

Of course where would any certification exam be without its associated lucrative cottage industry of prep books! They may delay release of a new test, until they have big fat exam books like this one ready to publish.

excellent way to reacquaint with basic comp sci topics, August 7, 2008
Even if you're not interested in becoming an SCJP, this is a wonderful book for reviewing basic concepts that may have become a little foggy with time.

One of the nice things about Java is that their certs are really about programming and OO. I took and passed the Java 2 exam many years ago and it was tough compared to the Microsoft (MS) exams I did for VB6 and later, when I got my MCAD in C# technologies.

The authors are a little cutesy sometimes and this might annoy some, but the material is dry and benefits from some light humor. The review questions are really good and are tricky enough that they will make you re-think and review several times before stumbling off to a testing center.

Sun's objectives are covered section by section and the authors address very thoroughly the goals/requirements using examples that can be typed easily into your favorite IDE.

:( The sad part about the SCJP is that more employers in my city (Atlanta) don't put any stock in them. If you're finding the same blank stares from recruiters when you mention the SJCP, then don't despair. You can still benefit by having this book close by, as a reference and as a source for technical interview questions.

All you need, October 11, 2008
An excellent, effective Java guide that I would recommend even without regard for the certification. It has all you need to know to pass - just make sure you go through the end-of-chapter quizzes.

Warning to Mac Users relying on CD of this book!!!, May 11, 2010
The book seems great for reading, but the nitty gritty of this book (practice exams, training) are all in .exe- which are windows extensions. I was expecting to find 2 types of files. Did I miss something in the description of this book that the CD only works on Windows?

NOTE TO AMAZON: Please put the requirements of the CD install in your description!!!! It isn't until you unseal the CD, load it up, that you see a Readme.txt file that states the System requirements are only for Windows. Frankly, my main purpose for buying this book was the for the training and practice exams.

So, if you have a Mac, this will not run unless you download something to allow .exe to run on Macs- which I find almost the opposite of what the Java language has been pushing- it runs on all platforms. Why does the author assume only Windows users will be needing to learn Java? Bad, Bad, Bad....

Unfortunately, I read a few chapters, did some highlighting before loading the CD. Therefore, I cannot return it. Hopefully, this review will spare some Mac users.

overall a good book, November 7, 2010
I studied this book for the Sun (now Oracle) Certified Java Programmer SE 6 exam (Exam 310-065). I thought I knew how to program in Java before but I found that I learned quite a lot from the book. It goes through the subjects covered on the exam and explains them and gives sample code.

There were a few times when I thought it could have been better organized, but overall the organization was OK. The main drawback I found was that there seemed to be a few details it left out. There were a number of times as I was doing the practice questions that I came upon some rule that had not been covered in the text. I even rescheduled my test because I was missing so many of the questions. That is the main reason why I'm giving it four stars and not five. In their defense, it is difficult to write a text that exhaustively covers everything in a language as large as Java. I did pass the test, but I'm just wondering if I could have passed the test earlier and with less time spent studying had they explained a few things a little better.

Despite a few small flaws, I ended up passing the test with an 85%, 27% more than the required 58%. The only training I did was studying this book, doing the practice questions, writing lots of sample programs, and occasionally looking at the online API. Oh, and I did consult another book about threads but I ended up not needing to because the questions on threads on the exam were not very hard. So this book did it's job. The questions on the test were easier than the book's practice questions.

I would recommend that someone wanting to pass the exam get this book, read it, take notes, and do lots of little programs as the authors recommend in the forward. Start by copying the sample code in the book, then tinker with it to see what happens when you change this thing or that thing. Then write a few of your own programs, changing various parts to see how it changes the output. And then take all the sample questions at the end of the book, and then do the sample quizzes and tests on the CD. Start the quizzes several weeks before the test, not a week before like I did, so you can have plenty of time to go back and study the areas where you are weak. When you miss a question, find out why you missed it, and go back later after you have forgotten the specific answers and try it again. And don't stress too much because like I said I found the actual test to be easier than their practice questions. If you combine careful study of this book with writing code and doing the quizzes, you will almost certainly pass the test.

More than you could expect from an exam prep book, August 19, 2009
First of all, it worked. I studied until I knew the content of this book, and I passed the exam. I scored 52/60, the minimum passing score was 35/60.

But more than that, I learned a lot. I understand generics, inner classes, and concurrency much better than I had from other books and tutorials. Bates and Sierra have a knack for presenting complicated concepts (or syntax) in an enjoyable and easily understandable way.

The tone can be whimsical at times, which may not suit some, but these authors are very serious about covering all of the material you need for the exam in a thorough and approachable way.

Each of the ten chapters has challenging review questions, and the book comes with three full computer tests. By the time you have come to understand the correct answers to all of these, you will be ready for anything that the real exam could throw at you.

Unrealized potential, January 21, 2009
This could have been a great book, if only the authors and publisher had paid more attention to quality control.

First, the good:

The book covers everything you need to know to pass the exam, including advice on preparing for the exam, and a fairly detailed description of the exam itself. The language is clear and precise, with occasional attempts at humor which unfortunately fall flat more often than not.

The accompanying CD contains not only the full text of the book, but eight additional chapters on the SCJD exam, which as far as I can tell are not available in print.

Then the bad:

There are numerous typographical errors, both in the text and in the exercises. The text is sometimes ambiguous due to inconsistent use of monospace for keywords and class / variable / method names.

There are also errors in the index.

The exercises at the end of each chapter are riddled with errors. Some questions are impossible to answer correctly due to errors in the question itself or in the offered alternatives. At least one requires knowledge of material which is not covered by the book.

As other reviewers have pointed out, the electronic version of the book found on the accompanying CD is awkward to use, due to being split into separate files for each chapter, which makes it difficult to search the entire book.

The CD also includes two test exams, with the option of registering online for a third. The user interface for these exams is extremely uncomfortable, especially on a high-resolution screen. The main window is small--sometimes too small to hold the question and the choices--and can not be resized or maximized. The small proportional font, black-on-gray color scheme and lack of vertical space make the questions hard to read, even with 20/20 vision.

The test exams do not include any drag-and-drop questions, which according to the book constitute 20-25% of the actual exam; the book itself has only three, out of approximately 150 exercises.

As in the book, some questions are impossible to answer correctly due to errors in the text.

I'm sure the authors and publisher spent a lot of time and effort on the companion CD. If only they had spent that time on proofreading instead, this could have been a great book, instead of a mediocre one with a nearly useless companion CD.

The CD is a joke!, August 6, 2010
The book is very good but get this--THE CD ONLY WORKS WITH WINDOWS!!!

Ummm Java is write once/run anywhere?!?!? And the CD only works with Windows?

Now if that isn't the ultimate irony I don't know what is...what, they couldn't write the CD content in, oh I don't know, JAVA?!?!?!

One of the best to books to prepare for the exam, December 28, 2010
This book really help in succeeding in the OCJP exam, I got 90%. If you can score high in the mock exams or in the simulator, you are ready to take the real exam.

This book has been a classic and it will help even after taking the exam. This book and Mughal and Rasmussen's are the two books I recommend a lot for practicing for the real exam. ... Read more

Editorial Review

Reviews

Every PM will love it!, October 12, 2010
I purchased this item after I passed the PMP exam .. I can see how much I needed something like that for final review .. However, I loved it! I am keeping it on the top of my work desk for quick reference. It is handy, dense, brief, the print is perfect, and the lamination keeps it safe from coffee accedents. Finally, I think evey PM will love it. Thanks Andy Crowe!!

Excellent Reference Tool and Study Aid, November 8, 2010
I bought this along with Andy's book, "The PMP Exam: How to Pass on Your First Try, Fourth Edition." This guide is a great study aid and reference tool. Prior to taking the test, I used this as a handy reference for refreshing my memory on key inputs, outputs, and processes and also for mathematical formulas. The guide is actually a laminated tri-fold guide, with a total of six pages (three sheets, front and back). It's well-organized and extremely helpful. Now that I've taken the test, I'll keep this handy for everyday reference.

PMP Quick Reference Guide, November 11, 2010
When I got this in the mail I was disappointed. It's really too small to read and I ended up discarding it. ... Read more

Editorial Review

Reviews

Good Study Aid, November 8, 2010
These are really good flash cards and there are enough of them that you can study them with the appropriate amount of detail. Like all flash cards, set aside the ones that you don't need and focus on the ones you have trouble with.

I used "The PMP Exam: How to Pass on Your First Try, Fourth Edition" with these flash cards, along with the other Velociteach study aid and had no surprises when I took the PMP exam.

PMP EXAM Flash Cards, October 27, 2010
Product is wonderful, am currently studying for the PMP and these cards are quickly becoming a must have tool in our study group.

Excellent study aid, December 7, 2010
Nothing beats flash cards for memorization, and a lot of memorization is required for the PMP exam. These cards also have the knowledge areas printed on them, which makes it easier to sort them for focused study on a particular area.

Note that some of the process cards list "key" inputs, tools, and outputs. "Key" means they're doing you a favor and helping you focus on the stuff you are most likely to be tested on. I was annoyed by this at first, but came to see the value of these focused lists for study purposes. ... Read more

Editorial Review

More than 80,000 HR professionals having earned the Senior Professional in Human Resources (SPHR) or Professional in Human Resources (PHR) certification, and another 20,000 are expected to take the exam in 2009. This complete update of the bestselling guide to HR certification contains additional coverage of new HR policies and standards, as well as updated practice exam questions and real world scenarios. Key topics include strategic management, workforce planning and employment, compensation and benefits, employee and labor relations, and Occupational Safety and Health Administration (OSHA) regulations. The CD-ROM contains two bonus exams (one each for PHR and SPHR) as well as flashcards and an electronic book.

Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file. ... Read more

Reviews

Good General Reference & Introduction - Not a Test Prep System, December 30, 2005
I just took the SPHR exam this morning (and passed), but I have to give this book a mixed review. It is essentially a general introduction to HR and its various specialities - what you might expect to find in a college-level "Intro to HR" textbook, with a chapter that explains the SPHR / HRCI, etc. In the author's defense, that is all she claims the book to be. The problem is, if you are seriously contemplating taking the SPHR exam, you are probably beyond needing a introduction to the field. In my opinion and experience, in order to pass the exam, you need to take practice tests. This book does come with a CD that contains flashcards and 4 practice tests (2 for PHR and 2 for SPHR), but they are only 55 questions each and thus a bit too narrow to really prepare you for the 225 question exam. I found the practice test available from certgear.com to be an excellent resource (best $60 I ever spent) and an excellent tool to combine with this book - just don't count on this book alone. Again, the author says pretty much the same thing - this book is an HR reference and introduction to the SPHR exam, not a "test prep" system. HJC

A Very Useful Resource!!!!, January 22, 2004
I was fortunate to be one of the pilot readers of this book. I found it very interesting and informative. I think that the PHR/SPHR: Professional in Human Resources Certification Study Guide is the book for which many of those preparing for the PHR/SPHR Certification Exam have been waiting! This study guide is a welcome addition to the materials already available. It is a clear and concise review of the Body of Knowledge. At first reading, it is quite apparent that Ms. Bogardus not only understands the material, but also presents it in such a manner that it is easy to comprehend the application of the terms, theories and procedures. The study guide includes cross-referencing, indicating where additional information and clarification may be found, and the self-assessment questions help the learner review the materials. In addition, excellent examples are presented, and the "Real Life Scenarios" assist even the seasoned professional in confirming his/her grasp of the application of the information. In my opinion, I believe you will find this Study Guide to be very beneficial in your preparation for the PHR/SPHR Certification Exam.

Good as a Supplement, June 7, 2006
Anne M. Bogadus' Study Guide for the Professional In human Resources Certification is a useful supplement to use when studying for the exam. More than anything, it acts as a review for things the HR Professional should know. It definitely would be more useful for the PHR than for the SPHR because the strategic elements of Human Resources were not given much emphasis.

The accompanying CD with practice tests and flash cards was useful in helping to cement definitions clearly in my mind-- but at the same time, that is my main complaint about the book. It's usefulness was mainly in providing definitions and very basic information. In terms of putting that information to use at a higher functioning level, the guide was not helpful. The questions on the SPHR tend to be complex situational questions and this book was not adequate preparation for those questions. There were also several key issues that were covered on the SPHR exam, but weren't even mentioned in this book. (By the way, I passed the SPHR so this is not sour grapes.)

All that being said, if you are studying for the PHR or SPHR, you should use several different study guides to help in your studies. If you can only afford to purchase one guide, do not purchase this one.

It's all you'll need!, May 6, 2005
I passed the PHR exam on the first try with the help of this book. No study groups, no paid crash courses, no help from my neighbor, just this book! The CDs that come with this book are excellent, it includes flashcards and practice tests. Take them over and over, it represented the actual test questions well. Since I have minimal experience in this field, I am convinced that anyone can pass the PHR exam if they spend a little time snuggled up with this book.

Excellent study guide, July 11, 2004
I passed the SPHR examination in June 2004, after only a month and a half of preparation (besides years and years of experience) and credit the study guide with making it possible for me to acheive that result.

Anne Bogardus' book is not intended to be nor does it pretend to be a complete reference book for the entire body of HR knowledge. It is an excellent study guide and it provides references for the student to use for additional study in each of the six functional areas, should the results of the study guide's exams (three overall assessments plus one exam for each functional area) indicate that more work is needed before taking the certification exam.

Great Resource, June 14, 2007
I used this book to study for the PHR exam. I took the exam in June 2007 and passed!

Let me give you some background. I have an MBA in Marketing and have 2.5 years of experience in recruiting and staffing. So, I do have HR experience, but not generalist experience. In other words, I have a pretty good knowledge of staffing and recruiting, but cursory knowledge of the rest of the HR world.

I bought this book because a friend of mine was using it as 1 of many resources in a prep course at a local jr. college. I only used this book, along with the practice exams from certgear.com. I had a very systematic way of studying. First, I printed out the 2007 Handbook from HRCI. Before I read a chapter on one of the Bodies of Knowledge, I read the Handbook section about learnings and competencies. I then read the chapter and took the test for that chapter that is on the included CD. I then repeated the process for the next chapter, except that I took the test for the previous chapter again. So, I read Chapter 2, took the test for Chapter 2, read Chapter 3, took the test for Chapters 2 and 3, etc. After I read the entire book (not an easy read!), I took the 2 extra PHR exams included on the CD. After that, I purchased the PHR practice tests from certgear.com and went through them.

I dedicated a month to this process. I probably put in 2 hours every day. I finished going through the certgear test a final time on Sunday night and then took the test Monday morning.

This process may work for you, but then it may not. In all, I think it has a lot to do with dedication, your comfort level with computer-based tests and your ability to absorb and apply principles. I hope this helps!

Very resourceful book, June 16, 2004
I took the SPHR exam in June 2004 and passed, with the help of this book most definitely. In order to pass the exam, I highly recommend using numerous resources, because HRCI uses different terms that may not be found in any one book/resource. I used this book as a primer, and also used the SHRM Learning System, along with HR Management by Mathis, and began studying 6 months prior to the test date. This is a valuable book, and the test questions were helpful, but don't think that this book is the one and only resource that will help you pass the exam, because it won't suffice on its own. Another helpful hint: the practice questions in this book (and the practice questions in the SHRM Learning System) are MUCH easier than most of the questions on the exam, so be prepared!

Worked like a charm, July 1, 2007
I just passed the PHR a few days ago, and I owe it all to this study guide. My HR experience is somewhat limited in scope, and this book filled in all the gaps. I plan to keep this book and continue to use it as a reference guide for things that come up in the workplace.

I read and studied from this book for about 2 weeks. The great thing is that this edition of the book has a CD with a full pdf version of the entire book, as well as electronic flashcards. When it was not convenient to read the book, I could read it on the computer or my PDA. Each section has practice tests and review sections, and the author knows her stuff - all of the material and special highlights are very relevant to the exam.

If you're limited on time, I don't recommend skimming. Rather, I suggest a focus on reading the one or two sections where you need the most work.

I recently read that the pass rate for the PHR is something like 2/3 or 66%. I think that if everyone used this guide, that number would go up dramatically.

Passed using only this book, January 13, 2005
I took the PHR exam today and passed on my first try. The only source of information I used was this study guide. Many of the questions on the exam read exactly like the review questions from the book. I highly recommend using this guide over some of the more expensive options.

Passed SPHR 1/26/06 first time, with THIS book, February 1, 2006
I studied like mad two weeks prior to taking SPHR and would have to agree with B.Kwon's 12/05 review (below) that with HR experience, this was the only resource I needed to pass on first try. Got it on recommendation of a recruiter at work who definitely had less HR experience than I, and she not only passed but got an amazing if not dubious promotion out of it. Looked into certgear.com and instead plunked $45 or so to take HRCI's online practice exam. This book prepared me well enough to sail through HRCI's prep test; go ahead & get it. Just study like mad! :] ... Read more

Editorial Review

Your all-in-one kit for the skills measured by the core exams for Microsoft Certified IT Professional: Enterprise Administrator certification and on the job. Covering Exams 70-640, 70-642, 70-643, and 70-647, these four official Microsoft® study guides provide in-depth exam prep plus practice tests to help maximize your performance.

This kit comes packed with the tools and features that exam candidates want most including self-paced training based on final exam content; rigorous, objective-by-objective review; exam tips from expert, exam-certified authors; and customizable testing options. It also provides labs and exercises for skills and expertise you can apply to the job.

Focusing on Windows Server 2008 enterprise administration, topics include configuring, managing, and supporting user accounts, computer accounts, groups, Domain Name System (DNS) zones and client settings, group policy objects, Active Directory Lightweight Directory Service, and Active Directory Rights Management Service; configuring remote access, Network Access Protection, Network Authentication, IPv4 and IPv6 addressing, and DNS Replication; working with Terminal Services, Web services infrastructure and security, Media Server, Windows SharePoint® Services server options, File Server, Print Services, network maintenance, and Simple Network Management Protocol; planning networks and application services; designing core identity and access management components; implementing PKI; and designing virtualization strategy.

You ll work at your own pace through the lessons and hands-on exercises. Then assess yourself by using more than 1200 practice and review questions on the CD, which features multiple, customizable testing options. Choose timed or untimed testing mode, generate random tests, or focus on discrete objectives or chapters. You get detailed explanations for right and wrong answers including pointers back to the book for further study. You also get an evaluation version of Windows Server 2008 Enterprise Edition and an exam discount voucher making this kit an exceptional value and a great career investment.

Key Book Benefits

 Excellent value: Four official Microsoft study guides covering the core requirements for MCITP: Enterprise Administrator certification all in one box  In-depth coverage of exam objectives and sub-objectives plus instructive case studies and troubleshooting scenarios to enhance your performance on the job  1200+ practice and review questions  Test engine that enables customized testing, pre-assessment and post-assessment, and automated scoring and feedback  Handy exam-mapping grid  Evaluation version of Windows Server 2008 Enterprise Edition  15 percent exam discount voucher from Microsoft (limited-time offer)  All four study guides in searchable eBook format ... Read more

Reviews

If you've made it this far, you probably know what to expect from an MS Press book, August 18, 2008
If you've used MS Press before, you will experience more of the same in this book. I read the book, used the practice tests, and bought the Self-Test software. I snuck by with a 752 to earn my Enterprise Administrator. The book (and test) focuses on design, and gives you some very nice real-world advice on how to design complex Microsoft-based Networks. It even gives you some managerial advice, which actually gives you a nice sense of pride as you read the book and know what a great certification you're about to earn.

There's no magic to taking MS Exams - my formula for every exam in the Enterprise Admin track was:

1. Read a book. Don't stress over nailing every concept. I used the MS Press books. Just read it leisurely to learn.
2. Go through the practice test CD in the book. Be able to score 80% consistently.
3. Buy a second practice test (I like Self-Test). Be able to score 80% consistently.

For the practice tests, focus on the incorrect answers as much as the correct answers. Know WHY an answer is right/wrong. I don't even use the real cert mode on the tests, I just use the practice mode and learn why the answer is what it is.

Good luck! You'll like the book if you've made it this far.

MCITP training kit, November 6, 2008
Great study guide and resource!
In many cases, a Self-Paced study guide is mainly useful for preparing for the test and once you have passed the test, the book becomes a dust collector. This is not case with this book. The authors have done a fantastic job of not only covering the exam objectives, but have also written a book you will find very useful as a reference source and for providing real-world guidance as well.

Many IT books are written by individuals who are obviously subject matter experts, but write in such a convoluted fashion that it is difficult if not tedious to read their book. The authors, in this case, have written an easy to read and follow book. They have done a superlative job of presenting complex subjects in an easy to read manner (try talking about NAP to someone that makes it sound REALLY exciting!).

The book is logically broken down to cover all of the exam objectives - in fact a reference chart is included which breaks each chapter and lesson down according to the relevant exam objective. Each chapter gives numerous real-world examples to emphasize the points covered as well as detailed exercises to reinforce the concepts presented. The authors also include numerous references to Microsoft Best Practices - a nice touch that will prove beneficial to many.

All in all - I would highly recommend this book - not only as a study guide for the 70-647 test, but also as a reference source and even a best practices guide.

70-643 Gotcha, November 19, 2010
This book has a lot of detail and makes a great reference for any of the topics covered. It gives you very detailed instructions. That being said, it makes for a horrible study guide for the 70-647 Exam, which was my intended use. It goes way deeper than necessary to cover the exam topics and is hard to get through more than 10 pages at a time. For Microsoft Exams, I usually study the Exam Cram book(s) as my primary, coupled with the MS Training Kit, and some sort of practice test software... I have had good luck with this combo. For whatever reason, it seems that Exam Cram decided not to write a book for Exam 70-647... this book is a poor substitute for Exam Cram for sure! ... Read more

Editorial Review

This book is a practical guide to discovering and exploiting security flaws in web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications.

The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.

The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger", Dafydd developed the popular Burp Suite of web application hack tools. ... Read more

Reviews

Everything You Need to Know, January 16, 2008
This is the most important IT security title written in the past year or more. Why? Custom web applications offer more opportunities for exploitation than all of the publicized vulnerabilities your hear about combined. This book gives expert treatment to the subject. I found the writing to be very clear and concise in this 727 page volume. There is minimal fluff. While everything is clearly explained, this is not a beginners book. The authors assume that you can read html, JavaScript, etc... Usually with a book like this there are a few really good chapters and some so-so chapters, but that's not the case here. Chapters 3-18 in this book rock all the way through. Another huge plus is the tools in this book are free.

The first few chapters provide context and background information. Chapter 3 on Web Application Technologies provides particularly useful background info. The next 666 pages of the book are all about attacking the applications.

There next five chapters cover mapping application functionality, client side controls, authentication, sessions, and access controls. The coverage is comprehensive. I'm not new to these topics, but I learned so much in every chapter. The depth of coverage is amazing.

The next six chapters are the heart of this book. They cover injection, path traversal, application logic, XSS and related attacks, automating attacks, and information disclosure. You'll find full treatment of attacks we're all familiar with like SQL injection and cross site scripting as well as many that most of us haven't heard of before. The danger is real and these chapters need to be read.

The final next four chapters cover attacks against compiled applications, application architecture, web servers, and source code. The final two chapters are more useful as a quick reference. They provide an overview of the tools covered throughout the book and describe attack methodology discussed throughout the book for exploiting each technology.

This book scores five easily based on the relevance and value of the information.

Excellent resource for both developer and security pro, November 6, 2007
First off - I will come clean and admit that this review is biased on several levels. Since the public facing web application security community is small, any published work or presentation will draw the attention of others in the field and often conversations/reviews/blog comments will ensue. Why mention this? Well, Dafydd reviewed XSS Attacks on his blog - a book I co-authored along with other much bigger players in the field. I also have a bit of admiration for Burp, a program Dafydd wrote and is highlighted in most any valuable web app book. So, to say I have no connections to the authors would be misleading - to say the least.

Now, for the book - just buy it, you won't be disappointed. As I read through the book (scanning some of the familiar parts), I was overwhelmed with the fact that a full time web application penetration tester has to known A LOT - all of which this book touches on in one way or another. I really can't think of any other book that can compete...

For those new to the field, either as security professionals or as web developers, this book will most likely leave you a bit reeling. It does a good job illustrating and demonstrating the many facets of secure web app development. For the more seasoned professional, this book will no doubt serve as a resource to refresh your memory on a trick or technique you forgot about. I know it has already served this purpose for me...

So, where do I start with a more detailed expose on the book? Personally, I would start by reading chapter 20 - A Web Application Hackers Methodology. By doing this, you will get a look into the minds of the authors who spend a significant part of their lives breaking web apps. You will also gain an understanding as to why the book is laid out the way it is - simply because it is how an attack/penetration test is performed. Don't expect to understand everything in detail as this will come later. However, you should quickly get the feeling that this book is going to be an interesting read that you can quickly turn into practical coding/attack techniques.

The book is broken down in to several big parts. The first section will acclimate you to the terms, concepts, and environment that the rest of the book builds upon. This includes a brief look at each of the main sections of the server technology, how a web application functions, and an overview of the attack surface you are about to be exposed to.

The second section starts to take a look at the web application from an attacker's point of view by illustrating numerous ways that an application can be mapped for later analysis. If you are a web developer, chances are you will find that one or more of the techniques discussed will cause a bit of a concern as to how information is stored on your site - you can never assume anything on your web server is safe.

The big section of the book is where you find the fun stuff. Basically, the authors walk through the following stages of a web application attacks - authentication, session management, access control, code injection, web server bugs, logic errors, and compiled application reverse-engineering. In each section, you get a really in depth and comprehensive look at most every attack vector and technique that web application hackers (both good and bad) use to meet their goals.

One of the nice things about this book is that it is not just all theory. They include practical and pointed examples that illustrate the problem, but don't waste your time with pages and pages of source code that serve no purpose but to fill space. At 736 pages, the book doesn't need filler.

In addition to the exploit examples, the authors also provide the much needed `protection' aspect so web developers know how they can shore up their applications against the specific attacks. In my experience, knowing how to secure a web application is often harder than knowing how to break it - so seeing this in the book is a indication of the insight of the authors.

There were three sections that I paid close attention to - partly because I have a vested interest in the subject, and also because it is how I like to present concepts. The first was chapter 11, which covers Attacking Application Logic. In this chapter, the authors used a Function - Assumption - Attack process to outline the problem and how it was exploited. Since logic errors are 100% based on human error, it is very hard to categorize and illustrate without a good example. So, not only did I get to see how others failed, and how this failure resulted in an attack, but it read like a story.

The next section was chapter 12 - Attacking Other Users. This section dove into subjects like XSS, XSRF, and the like - all of which I enjoy as indicated by my work on XSS Attacks book.

And last, but not least, I really liked that the book discussed one aspect of web application security that is often overlooked - reverse-engineering of client side `thick client'. Whether this is a Flash, Java, ActiveX or C++ coded program, it is possible to reverse-engineer the client side code to inject unexpected content into a web based application. So, kudos to the authors for presenting this attack vector.

So, is there anything wrong with the book? Well, except for the fact that it could be bigger - no. This book is an excellent way to understand most every attack out there and it will be a valuable resource for any web developer/security professional. If you want more specific details on a subject, you can find that material elsewhere - Cross Site Scripting Attacks: XSS Exploits and Defense, The Database Hacker's Handbook: Defending Database Servers, and Exploiting Online Games: Cheating Massively Distributed Systems (Addison-Wesley Software Security Series) are a few examples.

Let's sum this up. The Web Application Hackers Handbook is a worth while investment, so go buy it.

Excellent for both beginners and the experienced, November 14, 2007
Before you even read a word, "The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws" should catch your interest for two reasons. The first is that, by name and cover art, it is being presented by Wiley as the web security counterpart of "The Shellcoder's Handbook", which I have already given a positive review. The second reason, which I did not realize it until the book arrived, is that one of the authors, Dafydd Stuttard, is the author of the excellent Burp Suite tools for exploring and exploiting web applications. I use the proxy features of it frequently, and I often tell people it's the only reason I install a Java VM on my laptop. I was very excited about reading a web application security by the author of such a great set of tools, and it did not let me down.

I will admit that I haven't read any other books that focus on attacking web applications, so I do not have anything to compare it to. I can say, however, that this book has very complete and thorough coverage of the topic, from mapping the application to exploitation. While a number of common attacks are covered (such as cross-site scripting and SQL injection), the real value of the book is in the way it teaches the process of finding vulnerabilities. Armed with this, you can more effectively discover problems that involve logical errors unique to the application you're looking at. The book reads very well cover-to-cover, with each chapter building up another step in a complete web application hacker's methodology that the authors have put together.

The topics covered encompass most of the vulnerabilities you'll see disclosed in applications daily on the mailing lists. Rather than having chapters for specific attacks, the authors gather them up into meaningful categories to present related content together. For example, SQL injection and remote-file-inclusion are rolled into a chapter titled "Injecting Code". Similarly, cross-site scripting attacks, session fixation, and request forgery are covered in "Attacking Other Users". There is introductory material in an early chapter on "Web Application Technologies", however I would recommend that anyone picking this book up be at least somewhat familiar with how web applications work, either from the viewpoint of a developer or understanding the basics of attacks. The questions at the end of each chapter are designed to test the reader's understanding of the chapter's material, and I found it helpful to at least read over them and give them some thought. Someone just getting started with web security would probably get a lot of value out of focusing on each question.

For such a large book, it is a very pleasant surprise to say that I ran across no obvious errors. The website for the book is very complete, and contains answers for all of the questions at the ends of chapters, the source code for a tool developed in one of the chapters, a list of tools described in the text, and a checklist for the methodology presented in the final chapter. If you have an interest in web application security, I would highly recommend picking up a copy of this book, especially if you're interested in being able to audit applications for vulnerabilities. Even for a web application developer, however, the book has a lot of merit. It's important to understand the ways in which your application will be attacked, and mitigation strategies are presented in the book for each attack.

I enjoyed the book, found the techniques presented to be very useful, and I plan on making use of the methodology presented.

A Truely Excellent Resource for any Professional Web Hacker!, January 25, 2008
If you do any type of professional Web Application Assessments then this is your bible. I have read many books on web app assessments and perform many Web Application Assessments for many large companies and government agencies and this is an excellent resource. I use Dafydd's Burp Suite and I can not say enough about it. If you are serious about Web Application security then this is a must read. Thanks to Dafydd and Marcus for a great book.

Kevin

Best Web Application Security Book, November 10, 2007
This is by far the best book I've ever read on web application security. The authors do a great job of describing everything involved in analyzing the security of a web app, both from an attacker's point of view and in terms of what web developers can do to build their apps in a secure way.

The book is very well organized, and the sections about attacking other users and testing for logical security issues are important areas that not many other books cover in much detail. I especially liked the questions at the end of each chapter - they really make you think and test your understanding of the content that was covered.

I agree with the previous reviewer's comment about web application scanners being just one piece of a thorough security assessment. The chapter on web application scanners did a great job describing the strengths and weaknesses of these products and didn't include any marketing fluff.

Serious candidate for Best Book Bejtlich Read 2009, October 24, 2009
The Web Application Hacker's Handbook (TWAHH) is an excellent book. I read several books on Web application security recently, and this is my favorite. The text is very well-written, clear, and thorough. While the book is not suitable for beginners, it is accessible and easy to read for those even without Web development or assessment experience.

At 736 pages, TWAHH is the sort of book that one needs to read more than once in order to digest its contents. At every turn I perceived the authors to be experts and I trusted their advice. Their "Hack Steps" sections nicely summarize key points for operators. The authors integrate explanations of HTTP as a protocol into their text, without boring readers already familiar with the protocol. They also also demonstrate their subject using code snippets for multiple languages and products.

While I considered almost all of the book to be equally helpful, I'd like to mention three specific chapters or sections. First, chapters 1-3 provided a great technical overview of the subject. Chapter 11, Attacking Application Logic, featured examples from the authors' consulting experience which really resonated with me. Finally, I liked the recognition of the importance of locally-written applications, called "bespoke" applications, in chapter 13.

I struggled to find much to complain about in TWAHH. My only concern appeared early in the book, when the authors talked about "all user input is untrusted." They really meant "all user input is untrustworthy," or they should have said "Web developers should consider all user input to be untrusted, but they often trust it." The difference between "untrusted" and "untrustworthy" is subtle, and I still understood the authors' point.

I strongly recommend TWAHH to anyone with a role in defending Web applications. The authors have set a very high standard with this book. Great work!

An excellent thorough resource for web application security, January 20, 2008
This is a great read for anyone interested in the security of modern web applications. It covers the hacking process from mapping the attack surface to exploiting input validation, access control, session management, and authentication vulnerabilities using real-world examples and diagrams. There is an in-depth 100pg chapter on injecting code(e.g. SQL, OS, script, etc injection) and a 95pg chapter on attacking other users(e.g. XSS, request forgery, etc attacks). There is information about bypassing common sanitization techniques in cases where user input is sanitized. The book also covers how to write your own scripts to automate complex attacks. At the end of each section are the steps necessary to defend your application against the attacks that were described with an emphasis on "defense-in-depth"; an approach where one tries to prevent the compromise of the whole application even if one component of it is already compromised.

This book is extremely up to date with its coverage of new AJAX and XSS-type attacks while still covering the relatively old vulnerabilities like buffer overflows and sql injections.

The authors are both professional penetration testers which gives them credibility over the information they provide in this book, and one of them is the author of the excellent free web application hacking tool called Burp Suite.

I would recommend this book to anyone that has a basic knowledge of how the Web works (http, javascript, cookies, html, and basics of a programming language like php or java) although you could learn these technologies as you are reading the book which would take some more time.

Finally someone writes a good web app testing book!, October 24, 2007
When I first saw the title of this book I groaned. "Not another lame hacker book. I really should write my own." Then I saw who was writing it and thought it might not be that bad. I saw the table of contents and got excited. Finally someone is writing a web application security book that covers the space in depth, at least the testing part. I immediately pre-ordered it from Amazon and my copy arrived yesterday.

The book weighs in at 727 pages so I think it is safe to say I will never read it all the way through. I cherry picked a few chapters to see if the authors "got it right".

What I love about this book is that it covers the theory and the practice equally well. No other book I have seen does that very well, they are all stuck on the practice side. Chapter 8 >Attacking Access Controls is a gold mine filled with great nuggets of information of not only how to attack access controls but great explanation of why and the steps you take to figure out what lines of attack to take.

The Hack Steps sections are nice short guides to the methodical breaking down of a vulnerability and the attack you would launch to find it. They are short and sweet, a great way to go from zero knowledge to at least some understanding of an issue.

My other favorite chapter is Chapter 12: Attacking Other Users. I don't recall seeing this topic covered in such a clear and concise way. I often see these types of laws in web applications and it is a area no web application scanner scan cover effectively.

Speaking of scanners, anyone that still thinks running a web application scanner alone solves your web application security issues needs to read Chapter 19 and the section on web application vulnerability scanners. The authors do a excellent job outlining the limitations of scanning tools. I am so excited to see someone put it down in a book so I don't have to keep explaining it, I can just tell them to RTFB (Read The F***ing Book)

I can't recommend this book enough for anyone who wants to understand what web application security is all about. You are not going to get a lot of help fixing these issues after you find them from this book. I am glad the authors did not try as that subject could easily fill 10 other books. Staying focused on the testing side makes this a must have book.

Best text on subject, December 4, 2007
This is by far the best text I have ever come across on the topic of web application vulnerability exploits. Although this is a 10+ year old topic, it is just now moving to the forefront of security professionals minds everywhere. This book goes into extreme detail and theory on every facet of web application exploitation that I have or have not heard of in my experience. At times it was a bit beyond my understanding as I am not a professional coder but it was still reasonably clear where the author was going. Hey, it's not his fault I am not at the same level right? Which is why I am reading his book. If you are not familiar with the Burpe suite of tools, and you should be if you are considering reading this book, the author is also the author of that application. So it is used or referenced in the book often. It is a GREAT tool set for this type of assessment. If you don't have it... get it... it is FREE and you will need something to follow along and try out the examples as they are presented, which is exactly how I recommend you read this book. There is so much presented that if you do not actually try out each scenario when it is presented in the text you will not remember it by the end of the chapter. The only thing that I would have liked to have seen was the use of a specific exploit from start to finish. If you read any of my other book reviews on similar topics, you will know that I say this in every review. No one does this. Why? I have no idea. It is painfully clear that the author can carry out these exploits, why not show one from start to finish. From the initial thought process or feeling you get when you go to a site and just "know" something is not right. Someone needs to walk people through a real exploit, that is hopefully patched now, step by step. This is essential to the mass learning process. Not everyone can extract this information and "know-how" from all theory and vague examples. Even in this great book they missed the boat there. I guess the problem is that it takes a great deal of time to really develop to the point of the author or any other similar professional, however security professionals need this information and know-how today, not next year, to really make an impact on this form of exploitation. Often many organizations do not have the resources or cannot justify the resources to put an expert(s) into this position, so they call upon an existing staff member to fill the role. That staff member needs to be up to speed now, immediately. This is just my opinion, but hey... what do I know right?

Perfect for auditors, less useful for developers, March 9, 2009
I was hoping that this book would give me a clear conception of how to secure my web applications against potential attackers. It did, but only peripherally. Many of the book's pages are dedicated to hands-on examples of using tools to discover and exploit vulnerabilities. This also means that it's obsessed with the flaws in yesterday's technologies (e.g. older versions of ASP) that I would never touch for a new app.

Still, if you're developing a web application, this book is worth at least skimming through. And if you're in charge of patching up a legacy system, this should be your bible. ... Read more

Editorial Review

The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security. ... Read more

Reviews

Interesting & timely about the dangers of social engineering, October 14, 2002
Kevin Mitnick says "the term 'social engineering' is widely used within the computer security community to describe the techniques hackers use to deceive a trusted computer user within a company into revealing sensitive information, or trick an unsuspecting mark into performing actions that create a security hole for them to slip through." It's suitable that Mitnick, once vilified for his cracking exploits, has written a book about the human element of social engineering - that most subtle of information security threats.

Some readers may find a book on computer security penned by a convicted computer criminal blasphemous. Rather than focusing on the writer's past, it is clear that Mitnick wishes the book to be viewed as an attempt at redemption.

The Art of Deception: Controlling the Human Element of Security states that even if an organization has the best information systems security policies and procedures; most tightly controlled firewall, encrypted traffic, DMZ's, hardened operating systems patched servers and more; all of these security controls can be obviated via social engineering.

Social engineering is a method of gaining someone's trust by lying to them and then abusing that trust for malicious purposes - primarily gaining access to systems. Every user in an organization, be it a receptionist or a systems administrator, needs to know that when someone requesting information has some knowledge about company procedures or uses the corporate vernacular, that alone should not be authorization to provide controlled information.

The Art of Deception: Controlling the Human Element of Security spends most of its time discussing many different social engineering scenarios. At the end of each chapter, the book analyzes what went wrong and how the attack could have been prevented.

The book is quite absorbing and makes for fascinating reading. With chapter titles such as The Direct Attack; Just Asking for it; the Reverse Sting; and Using Sympathy, Guilt and Intimidation, readers will find the narratives interesting, and often they relate to daily life at work.

Fourteen of the 16 chapters give examples of social engineering covering many different corporate sectors, including financial, manufacturing, medical, and legal. Mitnick notes that while companies are busy rolling out firewalls and other security paraphernalia, there are often unaware of the threats of social engineering. The menace of social engineering is that it does not take any deep technical skills - no protocol decoders, no kernel recompiling, no port scans - just some smooth talk and a little confidence.

Most of the stories in the book detail elementary social engineering escapades, but chapter 14 details one particularly nasty story where a social engineer showed up on-site at a robotics company. With some glib talk, combined with some drinks at a fancy restaurant, he ultimately was able to get all of the design specifications for a leading-edge product.

In order for an organization to develop a successful training program against the threats of social engineering, they must understand why people are vulnerable to attack in the first place. Chapter 15 explains of how attackers take advantage of human nature. Only by identifying and understanding these tendencies (namely, Authority, Liking, Reciprocation, Consistency, Social Validation, and Scarcity), can companies ensure employees understand why social engineers can manipulate us all.

After more than 200 pages of horror stories, Part 4 (Chapters 15 and 16) details the need for information security awareness and training. But even with 100 pages of security policies and procedures (much of it based on ideas from Charles Cresson Wood's seminal book Information Security Policies Made Easy) the truth is that nothing in Mitnick's security advice is revolutionary - it's information security 101. Namely, educate end-users to the risks and threats of non-technical attacks.

While there are many books on nearly every aspect of information security, The Art of Deception is one of the first (Bruce Schneier's Secrets and Lies being another) to deal with the human aspect of security; a topic that has long been neglected. For too long, corporate America has been fixated with cryptographic key lengths, and not focused enough on the human element of security.

From a management perspective, The Art of Deception: Controlling the Human Element of Security should be on the list of required reading. Mitnick has done an effective job of showing exactly what the greatest threat of attack is - people and their human nature.

Interesting cons, but repetitive and ego-trippy, March 24, 2006
Mitnick has his own reputation to live up to with this book, which sets a pretty high bar for the audience who knows him as the "World's Most Notorious Hacker." Unfortunately, while he knows the material cold, his skills as an author are less stellar.

The vignettes describing various cons are, in the large, very entertaining. They're fictionalized, and sometimes the dialogue feels artificial. This book is supposed to convince us how easily people are victimized by social engineers. When the victim's dialogue plays too obviously into the con man's hands (for the purpose of illustrating the point relevant to the enclosing chapter/section), this goal is to some extent defeated. It's too easy to read unnatural dialogue and use that as an excuse to tell oneself, "I don't have to worry about that sort of attack -- I'm not that dumb!" More effort could have been expended in fictionalizing these scenarios without making them so difficult to relate to. Seeing how a con is performed is kind of like learning how a magic trick works -- it holds a similar fascination. Imagine seeing an amazing magic trick performed on television, wondering how it was possibly accomplished, and then learning that the trick was all in the video editing. That really sucks the fun out of the magic -- analogously, when the "trick" in one of these cons is just that the victim does something obviously stupid at just the right moment, the believability and enjoyment are damaged.

Despite what I've said, the cons are definitely enjoyable to read and do offer some genuine insights. Not all suffer from believability problems. However, the supporting material discussing these scenarios is pretty weak. There's a rigid format ("Analyzing the con," "Preventing the con," etc.) which leads the author to repeat the same points over and over again with very little variation, at times seemingly just to fit the format. The purpose of all this material is to give useful security recommendations and proper motivation for following them. The recommendations are on-target, but repeated ad nauseum.

The descriptions of social engineers also suffer from a tendency to stroke the author's own ego -- the bigger the con, the thicker the language about how smart, handsome, and clever the con man is. I'd like to be convinced by facts, not hyperbole.

I think this would really have worked better as two books, for two different audiences. One for entertainment, to read about all the cons and how they work, to get a little history of social engineering. And one for serious security discussion. The blend of the two leads to a schizoid work that's simply mediocre.

Amazing! This book will make you think, October 9, 2002
I went into this book thinking I knew a fair amount about security in general. You know, don't leave your network password on a post-it on your bulletin board, be aware of strangers in your office, that kind of thing. Then, I finished reading the book, and realized that it challenged all the assumptions that I had about the way I react in these situations. Mitnick's right - we as human beings are conditioned to be polite and trusting, and as horrible as it seems, that's not always right. But you don't have to become nasty and distrustful, just aware. That's what this book is talking about. The examples are wonderful - they really do read like a mystery thriller. And the advice is really sound. It doesn't mention it here, but there is a great flowchart in the back of the book that I've copied for everyone in my office. It details what to do if someone calls you for information that you are not sure they need or should be getting. All in all, The Art of Deception is a must read for many of us.

Great Book for Stopping Hackers and Social Engineers!, October 15, 2002
Now that Kevin Mitnick is out of prison he has written "The Art of Deception". I rate this book as four stars. Has good insight regarding how Kevin was able to gain large company employee's trust by using social engineering methods. He gives great examples of how he would simply use a telephone to gain user id's and passwords, even from high tech security departments.

Most employee's don't think they are allowed to say 'no' to giving out information over the phone or email in the name of great customer service. There may be company policies but they 'still try to do the right thing' to help a co-worker regain access to the system, when in fact the person is a hacker.

Many solutions are offered to help small and large companies balance the choice of customer service over security and trust. One funny chapter was how Mr. Mitnick's used the same social engineering methods in prison to get additional phone calls, better food, and increase family visits. Classic... He didn't stop even in prison.

I recommend this book.

Cuts to the chase, and exposes the weakest link..., October 16, 2002
This book cuts to the chase, and exposes what was, currently is, and will continue to be the weakest link in computer security... the human element. Historically, people seem to take the path of least resistance. Give them a reason to believe you are who you say you are, and they will accept it. Give them a reason to think you're helping them (even with a problem they never knew they had until you pointed it out to them), and they will put at your disposal all their tools and information. We won't be able to make much inroads into security (of any kind) until we being to change the essence of human nature... and that, my friend, is unlikely to change. Kevin Mitnick tells it like it is -- from the voice of experience. As obvious as some of the pretexts are, they worked for him... and will likely continue to work for the next generation's social engineer. Remember, the difference between truth and fiction is but a state of mind. Persuasion is still the key element... one that Mitnick has mastered. Read, learn, and avoid the simple mistakes of others. Thanks for the book, Kevin.

There are lessons here ..., October 13, 2002
While it's a temptation to impose value judgement about the author who is a convicted felon, I strongly urge anyone who is involved in security (IT and corporate), internal auditors and fraud prevention specialists to suspend any opinions of the author and to carefully read this book.

What we in the IT world call 'social engineering' is nothing more than a con that exploits human trust. Mitnick was highly effective at social engineering and this book provides a wealth of information regarding his views of 'social engineering' vulnerabilities and how he exploited them. He exposes the details of some of the most effective techniques used by those who use social engineering to accomplish their goals - whether those goals are as sinister as corporate espionage or fraud, or merely to prove that they can gain access to systems and information. While some of the recommended countermeasures in this book may seem Draconian there is middle ground to implement effective controls that do not hamper business processes or impose overly restrictive policies.

The bottom line, though, is to learn from this book and distill the key lessons into knowledge throughout your organization. Awareness is one of the most powerful security tools, and this book promotes that. Also, while this book is ostensibly about IT security, the lessons imparted are as applicable to any other aspect of a business as they are to IT - in many ways there are even more applicable because the exploits are based on effective con games that were in existence long before computers came on the scene.

Great book that shows what is possible!, October 30, 2002
I waited for the book of the famous hacker Kevin Mitnick for a long
time, checking my mailbox every day after my pre-order was
completed. The book was almost worth the wait!

Its a fun book with lots of entertaining and education stories on what
is possible by means of social engineering attacks. The characters
clearly push the limits of this "human technology".

One of the articles I have read on the book called it "Kevin Mitnick's
Latest Deception" due to his downplaying of technology security
controls and emphasizing people skills and weaknesses. However, the
human weaknesses do nullify the strengths of technology defenses and
humans are much harder to "harden" than UNIX machines.

The attack side is stronger in the book than the defense side,
naturally following from the author's background. However, there are
some great defense resource on policy design, awareness and needed
vigilance. However, there is this "minor" issues with defense against

social engineering: one of the definitions called it a "hacker's
clever manipulation of the natural human tendency to trust". The word
"natural" is key; if we are to believe the definition, all defenses
against social engineering will be going against _nature_ and, as a
result, will be ineffective for most environments. Author also
advocates social engineering penetration testing, which appears to be
the best way to prepare for such attacks. Security awareness, while
needed, will get you so far.

The book's stories show examples of hackers defeating firewalls,
passwords, token and two-factor authentication systems, multi-layer
defense, financial institutions security, armed guards and many other
commonly believed to be effective security controls. While some of the
stories first seem to defy common sense, upon more detailed
investigation there are clearly believable. Dialogs, stories,
situations are described with terrifying reality behind them: "So what is the money transfer code for today? - Its this-and-that..." Social
engineers bravely attack and conquer on the pages of this great book!

The book will give lots of ideas to those involved in penetration
testing. Using the book, it is possible to extract a structure of a
successful attack, gather some target selection criteria, learn how to
combine social and technical attacks and then use it for the
pentesting.

The biggest shortcoming of the book is that it has no "attack HOWTO"
part. It has zero content on developing, improving and polishing the
social engineering skills. While it might seem that natural ability is
all it takes, the author _knows_ that there are methods to develop
social engineering skills, but chose not to disclose them and I regret
his decision to withhold such information.

Anton Chuvakin, Ph.D., GCIA is a Senior Security Analyst with a major
information security company. In his spare time he maintains his
security portal info-secure.org

Scary Stuff, October 27, 2002
When I picked this book up, I thought it was going to be an apologia from Mitnick for his prior life's work: cracking into supposedly secure phone and computer systems and networks. I read the book just before Hallowe'en, and that was appropriate, because the stories Mitnick recounts are really scary. Instead of wasting words explaining his own actions, Mitnick gives scores of fascinating examples of how most "security" proved to be simply non-existent. In the end, all security systems depend on humans, and therein lies the weakest link. The books shows how easy it is to gain people's trust- over the phone- and by getting them to reveal little bits of seemingly harmless information, gaining complete control over any data the con man (or woman) wants to get.

The book sets out security policies, and there's also a whole chapter on security training. One of Mitnick's recommendations is for companies to supply each employee with a copy of the book. Normally I'd dismiss this as blatant self-promotion. But believe me, in this case, the more people share the book's stories with each other at the water cooler, the closer the company will come to being a secure environment.

Mitnick makes it clear that everyone in the company has to be aware of security issues, and of the many types of attacks he describes so well, and know how to react to any demand for information, even from someone who appears to be an insider. By the time you finished the book, you'll be a believer, and you'll think two or three times before giving out information. And company security officers may want to stop simply sending e-mails about security, and get all employees (including the receptionists!) into classroom training.

The only problem I had with this book was Mitnick's use of the term "social engineering" to describe the manipulation of employees and security systems. Social engineering is what the conservatives accuse the liberals on the U.S. Supreme Court of doing.

But that's a minor item in an otherwise overwhelming and totally convincing book.

A Must Read for security professionals, November 12, 2002
If you have any interest in IT Security, you need to study Social Engineering, and this book is a great resource. It's truly amazing how effective Social Engineering can be against security systems of any kind.

I was a former victim of Kevin's exploits. He gained access to our network through an elaborate pretext; gaining access to systems that were secured by firewalls, dial back modems, extensive security policies and (unfortunately) many humans like myself. Everything but the humans worked flawlessly.

The art of the con is as old as anything. Con artists know that any system, yes ANY system, can be compromised as long as humans are involved. All the technology in the world (alone) isn't going to stop a creative and motivated social engineer.

Sadly, the focus of IT security today is on technology and technology alone. Very little attention is paid to the topic of social engineering and how to mitigate this threat. `Human nature' is, once again the culprit here, as people view controls that reduce social engineering threats (strict process controls, seemingly redundant and repetitive procedures) as unnecessary or overly paranoid.

This book goes a long way to illustrate the wide applicability of this type of threat, even describing social engineering attacks against the traffic court systems and the Social Security Administration.

This book is a `must read' for any serious security professional, and a very interesting read for anybody wanting a look at the way a real hacker's brain works.

A ground-breaking book that is certain to be unheeded, January 2, 2003
After all the media hype and disinformation surrounding his past "hacker" exploits, it would have been easy for Kevin Mitnick to just sell out and pen a cheesy "How To Be a Hacker" book, or even a simple autobiography setting an objective balance to sensationalist Mitnick-centered books such as John Markoff's "Cyberpunk" and "Takedown". Thankfully, Mitnick has instead seized a brilliant opportunity to fill a gigantic hole in the vast library of thoroughly redundant "information security" books currently flooding the market.

"The Art of Deception" is, by default, the definitive and authoritative reference work on the subject of "social engineering". No author has ever tackled this tremendously important--and consistently ignored--aspect of information security with the same amount of depth, specificity and firsthand knowledge that Mitnick documents in this book.

Despite the book jacket's description of Mitnick as a "legendary hacker" and "cyber-desperado", this book is decidedly NOT about "hacking" in the purest form in the word. In fact, it's rather ironic that for most people, the name "Kevin Mitnick" is synonymous with the profile of a stereotypical "master hacker", because he is much less regarded in the underground hacker scene for his technical skills than for his adept social engineering skills. Some would even say that without his social engineering chops, Mitnick would have been nothing more than an average geek with knowledge of common computer intrusion techniques.

Even if you accept that opinion as true, it truly underscores the very real threat social engineering poses to ANY organization, and also proves one of the underlying themes of this book, which is that an attacker doesn't need to possess exotic and hyper-advanced "hacking" skills (or in many cases, even a computer!) to get at your company's sensitive data. All it takes is a phone call and gullible employees who aren't aware that answering a caller's seemingly innocuous questions can ultimately compromise the security of the entire company. Like the blurb on the book jacket says, "the gravest security risk of all is human nature."

The renowned cryptographer Bruce Schneier once wrote, "security is not a product, it's a process". "The Art of Deception" bolsters that notion, and completely shatters the myth that technological measures can ensure information (or even physical) security. If anything, a company's security technology can be artfully used against itself in ways that completely negate its effectiveness. There is a very enlightening section on Caller-ID spoofing which will definitely open the eyes of anyone who thinks that a Caller-ID display is positive proof of a caller's identity and location. Mitnick claims a 100% success rate in getting information out of people using a spoofed internal company Caller-ID name and number. Because of this, he continually reminds the reader of the absolute worthlessness of Caller-ID as a security mechanism. I'm glad he does this, because almost no one outside of the hacking and phreaking scene even realizes that Caller-ID spoofing is possible, and the more this fact can be beaten into the heads of I.T. or security managers, the better. You can have millions of dollars of firewall products, encryption technology, password policies, and intrusion detection systems in place, but if I can simply call up your company's new intern on the phone (using spoofed Caller-ID, of course) pretending to be a company executive, and social engineer him into divulging information or even sending out sensitive files or faxes directly from internal computers, then that "technology" is nothing more than a heap of black boxes with lots of pretty blinking lights. An iron door on a cardboard house.

There are many people who have automatic biases against Mitnick (due to his past record as a convicted felon) and will cast off this book as nothing more than a how-to manual on conning corporations out of their data. The debate on whether he deserved the treatment he received from the U.S. Federal Government and Justice Department, and whether he is truly a "criminal" or not, is completely ancillary to the value and legitimacy of this book. It is not an I.T. or con man's version of "The Anarchist Cookbook". He devotes 78 pages at the end of the book specifically outlining recommended corporate security policies. The book is always written from the perspective that the social engineer is the "bad guy", and Mitnick makes no concerted attempt to justify social engineering as a legitimate activity.

The only problem I see with "The Art of Deception" is, ironically, not the book itself. It is with the very people whom this book seeks to educate regarding the dangers of social engineering. No doubt, most IT managers will come away from this book as if they had a religious epiphany. However, knowing the time and budget constraints placed on employees by many companies, I am extremely skeptical that you can instill the same sense of urgency and vigilance in employees who don't have a direct, firsthand reason to care about information security. If you can social engineer the overnight janitor to turn on a restricted development server, or get an intern to divulge the name and internal phone extension of a project manager, then you're still screwed. It's difficult to see how it's possible to effectively guard against all forms of social engineering without making every single employee in a company act like an annoying paranoid twit in response to even the most truly innocuous situations.

Regardless, this book should be required reading for all company executive and managers, in both large and small organizations. When it comes right down to it, "The Art of Deception" is fundamentally a book on psychology than actual information security techniques, and as such, the principles demonstrated within are equally applicable to any company that has information or resources that need to be protected from outsiders. For example, Mitnick explains a hilarious, and ridiculously simple social engineering scheme that can get your traffic tickets dismissed. And with no computers required from the social engineer's end. The book is at least funny, if nothing else. ... Read more