An interesting thought that I had was: How different are the older CISSP books to the newer book? If I could only afford to get onto an older book (like a previous version), how different would the new and older versions be?
I have a Shon Harris book from 2016 titled, “All In One CISSP Exam Guide 7th edition.” I decided to look at the differences between that and the current Original Study Guide (9th edition) to see how an older book views some of the same information, which will help identify where the new books and study material is most valuable.
Lets take into account several things when looking at comparing study material:
1) Wording/Verbiage
2) New domain material
3) Processes And Tables
What is important to realize is that between every version of the study materials, the verbiage might slightly change. Differences in writers, editors, study materials, and errors will all result in changes to the material. This will result in several topics being presented differently, such as author A having a mnemonic for the OSI model being something like “” and author B having the OSI model mnemonic as being, “Please Do Not Touch Steve’s Pet Alligator.” They mean the same thing, but the key is to use whichever works for you. The only issue with verbiage being a blocker is when the verbiage in the older book has errors and requires changing. However, for some of the basic and core topics, that shouldn’t change too often.
The first item is the newer versions that are created after an update, the benefit will be that it has new materials, such as SDN and such for the 2021 version. It is important to note that these new topics might be discussed in the older books, but the newer ones will be geared towards the
What is interesting is that the general processes that are on the exam will not change much. The Shon Harris book from 2016 has the Incident Response process as, “Detection, Response, Mitigation, Reporting, Recovery, Remediation, and Lessons Learned.” pages 998 to 1002).
There are errors and changes in how things are worded that are potentially fixed in the new version. However, this isnt necessarily going to be the big enough in versions that are like 5-10 years apart. If you’re looking at a book that has a CISSP version like 30 years ago, there will be a big difference, but for books written in the last 10-15 years, you should be fine.
It was noted by Kelly Handerhan that after she had her certification expire, she found that she could use the older material to study. That is 100% true. If one used the older material to study, one could
Notes: Please be aware, that not everything is going to be exactly the same, and that this is not recommending using older books to study. But this is saying that if you only have the ability to get your hands on an older book, it can be a great starting point. It will not cover everything on the current exam, but provide a great standard.
Citations:
- Chapple, Mike, et al. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide. 9th ed., Wiley & Sons, Incorporated, John, 2021.
- Harris, Shon, and Fernando MaymĂ. CISSP All-in-One Exam Guide. 7th ed., McGraw-Hill Education, 2016.