cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
KMarchewa
Viewer

How Relevant is the 2013 CBK to the Current Exam?

Hello,

 

I am currently studying for the exam using the "official" CBK. I know the exam itself underwent a pretty significant revision in 2020 and that this book was never updated to reflect the changes.

 

My question is: how useful is this book for the current exam? Are there any areas in particular that have changed substantially?

 

Thanks.

5 Replies
swh5a01
Newcomer III

Consider the book as the dictionary to let you know the meaning of specific words. The CBK or AIO I am working like this. The most important concepts you really need to know is in the Exam Outline. So, I would suggested to dealing with the book as the dictionaries.

Early_Adopter
Community Champion

It was decent enough 5-6 years ago based on my experience- there are many fundamentals that don’t change or gear up as required by the march of technology.

 

I would expect that there would be more around supply chain security and threats, more DevOps, containerisation etc for workflows etc.

 

A review seminar would likely help, but trainers and question writers are separated with good reason so don’t expect your trainer to know the exam, just the subject.

Steve-Wilme
Advocate II

InfoSec doesn't change massively over time, although the detail of technology does move at a faster pace.  If you consider BS7799 existed as far back as 1995 and was an internal DTI document before that.  Reading it you can still recognise that we practice many of the same things in infosec nearly 30 years later.

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
Songhai
Newcomer I

It's time to update CSSLP CBK. The last version was published in 2013.We need CSSLP CBK third edition. unbelievable we still need to use the CBK textbook from ten years ago to prepare for the exam.

 
 
Steve-Wilme
Advocate II

The CSSLP tends to appear out of date in part due to the uptake of agile practice replacing more traditional software development lifecycles.  The actual guts of the controls described still have some relevance.

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS