Clearly, neither the author of the book, nor reviewer understand web security.
If you want to learn about securing web servers, why not read Ivan Ristic's Apache Security?
Apparently, from the topics discussed in this review, this book has nothing to do with writing secure applications using the Joomla Framework. Seriously, file permission? Using Nmap? Nessus? Talk about using the wrong tools for the job. Not even the Joomla Security page has anything do with actual web application security.
How about going over topics like secure session management, input validation, parameterized queries, output entity encoding, etc?
Take a clue from OWASP and skip this book.