You're absolutely correct. There are a lot of books out there, and I can narrow them all down to three titles. Use them in the order presented:
- CISSP for Dummies -- This book is a quick read that will get your mind going in the right direction. It will never get you past the exam on its own, but it does cover all of the domains from a wide perspective.
- CISSP All-In-One Exam Guide, Third Edition by Shon Harris -- With this second selection, you are now diving deeper into the details of each domain. The material is tougher, but don't worry. Shon has a way of presenting the material in a way that sticks in your head. She is a renowned trainer of CISSP material, and after reading this book, you'll know why.
- Official (ISC)2 Guide to the CISSP Exam -- Now that you've had an overview with the... Dummies book and delved into the details with All-In-One, it's time to focus your brain on the exam from the creators' point of view. Use this book to learn (ISC)2's terminology, buzz-words and way of thinking. If you want to pass an MS exam, you need to think like a Microsoftee. CISSP is no different.
Many more tips, suggestions and some free study materials regarding CISSP are covered in greater detail in my article, Luck, career goals and a CISSP boot camp, as well as SearchSecurityChannel's CISSP Exam Prep Guide.
This was first published in September 2006