Sponsored links

Valid XHTML 1.0!
Valid CSS!

Product: Book - Paperback
Title: Organizational Patterns of Agile Software Development
Publisher: Prentice Hall
Authors: James O. Coplien, Neil B. Harrison
Rating: 5/5
Customer opinion - 5 stars out of 5
Practical diagnosis and repair for software team dysfunction

The largest piece of value I got from this book was the immediate applicability of the patterns to organizations that are experiencing a form of dysfunction. It's easy to see what applies to you, why the pattern is intended to fix it, and even what needs to be in place in your organization for the change to be effective. Though at the back, you shouldn't ignore the advice on how to actually roll out pattern changes and the additional notes on when your organization needs more basic work on trust before it can start to be more effective.

The major shortcoming (for me) is that a lot of the patterns are interlinked tightly enough that a single read through them in linear order will leave you resolving a bunch of forward references as you continue on. I found I had to read them through twice to make sure I understood some of the more subtle distincions, especially between particular roles like Gatekeeper, Patron, and Matron -- it made me wonder if there wasn't a different order or refactoring of the presentation that would've made it flow more smoothly. Still, a minor nit on such an otherwise useful book.

Product: Book - Paperback
Title: Core Servlets and JavaServer Pages, Vol. 1: Core Technologies, Second Edition
Publisher: Prentice Hall PTR
Authors: Marty Hall, Larry Brown
Rating: 5/5
Customer opinion - 5 stars out of 5
Maciek Brodala

I strongly recommend this book for anyone who would like to learn or run JSP/Servlets courses either for the beginners or intermidate students. I have been using Marty's book for almost 2 years successfully as a textbook in my courses. It is practical with a lot of useful examples. It explains how to set up your environment with different j2ee application servers to get you started coding your own servlets and jsp pages very quickly. It is well-written so you will not get overwhelmed by technical terms that are used only when necessary. It is a great read !

Product: Book - Paperback
Title: CCNA Flash Cards and Exam Practice Pack (CCNA Self-Study, exam #640-801), Second Edition
Publisher: Cisco Press
Authors: Eric Rivard, Jim Doherty
Rating: 3/5
Customer opinion - 3 stars out of 5
A Good Book to Borrow...

The CCNA Flash Card and Exam Practice Pack is just what it's advertised as -- a late-phase add on to ensure all the nitty gritty details necessary for the CCNA are locked into your anxiety-filled mind come test day. While the flash card style is handy for quickly flipping through the information, there is a large amount of information in this book not covered in the CCNA objectives. As someone who took the 801 exam, I can't speak on the usefulness of having a separate INTRO and ICND section in the book... you'll have to determine that for yourself. Simulations on the CD were simplistic, but you can create a practice exam of just simulation questions, allowing you to become very familiar with maneuvering a router and switch, ensuring you have the basics down before you get hit with the real sims. As a late stage supplement to Lammle's Sybex book and CertSim simulations, this book is decent, but nowhere near a primary study guide or proper exam simulation tool.

Product: Book - Paperback
Title: Writing Information Security Policies
Publisher: Sams
Authors: Scott Barman, Scott Barman
Rating: 5/5
Customer opinion - 5 stars out of 5
Brings best practices to small companies

What makes this book an important addition to the IT security body of knowledge is that it makes a case for, and shows how to, create and implement IT security policies in small-to-medium enterprises.
The book itself is a short, somewhat superficial, treatment of IT security policies. It has strengths and weaknesses:
STRENGTHS: It makes a compelling business case for having IT security policies, then leads you through the creation of the more common ones. This material is augmented by the book's accompanying web site that provides all of the sample policies in Appendix C in HTML format (most modern word processing programs, such as MS Word can convert this to their native format without losing any of the embedded styles). Note that the URL given in the book has changed, but it is still active and automatically redirects you to the new URL.
In addition, the book touches on important topics that you may not think of if you're attempting to develop policies on your own. For example, intellectual property rights, law enforcement issues and forensics. These are touched upon, but will raise your awareness of their importance.
WEAKNESSES: The actual development and maintenance of policies is almost an afterthought. Moreover, I thought that a structured approach to threat and vulnerability assessments should have been covered (to be fair, the author discusses major threats on practically every page). I also felt that the policies should have been linked to processes, which is the hallmark of a well written policy, and the importance of clearly defining roles and responsibilities should have been highlighted. I recommend that readers also get a copy of Steve Pages " Achieving 100% Compliance of Policies and Procedures" (ISBN 1929065493) to supplement this book. Page's book is focused solely on policies and procedures development, and will fill in the gaps left in this book.
Overall, this book deserves recognition for raising awareness of the importance of IT security policies to small companies. It also deserves credit for sticking to the fundamentals (cited weaknesses notwithstanding), without overwhelming small enterprise IT professionals who are probably wearing many hats besides IT security. For that audience this book shows the way, and earns my praise.