CISSP flashcards

CISSP flashcards – why you need them

This post is all about CISSP flashcards – why you need them and how I passed my CISSP exam first time using them. At the end I will introduce the flashcards that I wrote myself and how I put them together. If you just want to get them now without reading the post (although I recommend you do) you can find them here.

Why you need CISSP flashcards in your study

CISSP flashcards
Click here to buy my set of 550+ flashcards which helped me pass the CISSP exam first time!

The reason that you need flashcards comes down to the actual process of studying. I the past I was pretty bad at exams, in the first year or so of my undergraduate studies my study/revision process went a bit like this:

  1. write some notes,
  2. maybe highlight some of them
  3. read over them a couple of times before my exam.

I passed, but never did very well. Towards the end of my degree I had a course that could decide my overall grade, if I did well it would push my overall grade up. The pressure was on! In addition to studying and revising harder, I also studied smarter. I wrote sets of flashcards as I worked through the material and kept going over-and-over them leading up to the exam to the point where I was almost bored of knowing all the answers. The result? I passed with Distinction. I used the same principle when I studied for the CISSP exam. I was paying for the exam out of my own pocket and definitely didn’t want to have to take it more than once, I passed first time. Why am I telling you all this? Because I want to you pass the CISSP first time too!

The reason flashcards are so important is because they force you to recall information. If you have notes, you can read them as many times as you want but you aren’t practicing how to recall the information. That is what you have to do when you’re taking the exam. You read a question then have to fumble around in the gloomy archives of your mind to find the information that you need to answer it. If you haven’t practiced the recall aspect then you’re going to struggle.

how to write them

CISSP Flashcards iOS AppThis is a topic which really crosses over with how to take notes effectively which I dealt with in detail here. The long and short of it however is that you have to distill the relevant information, noting only material that you think is testable and that you are likely to forget. You’ll notice for example that none of my CISSP flashcards have any questions on what ‘CIA’ (Confidentiality, Integrity, Availability) stands for. Why? Because there’s no way I would forget a fact like that so what’s the point in wasting time revising it?

When you are writing your questions, experiment with giving yourself prompts in terms of how many facts you’re trying to remember. For example, revising: “what are the 4 steps to BCP?” is easier to revise than the open ended question: “what are the steps of BCP?”.  In terms of writing your answers, try to keep them as brief as possible, you’re trying to memorize them so the shorter they are the better. I also like to write my prompts as questions, so that you are clear what information you are supposed to be recalling. Too often I see people’s flashcards with a single word on one side then one of a number of possible responses on the reverse – if I had bought these I would find them very frustrating to use!

Whether you decide to have physical paper cards or use electronic ones is a matter of personal preference. It depends on access and how/where you will be studying. If you will always have the internet available while studying then by all means use an online service (such as the one I’m currently offering my flashcards through). If your access to internet/computer/phone is limited then you may prefer physical flashcards.

how many flashcards should you have?Too many CISSP flashcards

As few as possible. This is the same as notes. If you had notes on everything you would be reproducing your study guide. The aim is to have as few as possible whilst making sure that you’re covering all the crucial facts. I ended up with around 550 – not because I couldn’t think up any more – but because I couldn’t get it any lower without missing crucial material!

my CISSP flashcards and where you can get them

Following my success, I decided to make my CISSP flashcards available to my readers. If you’re planning on taking the CISSP exam I recommend that you make sure you have a good set of flashcards to support your learning and most importantly – your revision. I spent a few weeks typing up my flashcards (wishing that I had typed them in the first place) here are a few examples:

[qdeck] [q] What are the 4 topics of SD3+C?

 

[a]

Secure by: Design, Default, Deployment + Communication

[q] What does STRIDE stand for?

[a] Spoofing, Tampering, Repudiation, Information disclosure, DOS, Elevation (of privileges)

 

[q] What are the 7 phases of the implementation of a classification scheme? [a] 1: Identify a custodian
2: Specify how to classify (criteria)
3: Classify and label the information
4: Document exceptions
5: Select security controls
6: Specify declassification procedures
7: Generate organization-wide awareness [q] What is the formula to work out the number of keys required for n people using symmetric key cryptography?

[a] K = n*(n-1)/2

 

[q] What are multipartite viruses?

[a] Use multiple propagation techniques.

 

[/qdeck]

If you want to get your hands on my full set of over 550 flashcards you can buy them here (via the iOS App or via the web):

get my CISSP flashcards here

You can also preview some of them for each chapter to give you an idea of how you may like to write your own. You can buy them on a chapter-by-chapter basis but I’ve aimed to bundle all 21 chapters together for a discount as you will ultimately need the full set.

I hope that you find my CISSP flashcards helpful and welcome any feedback you may have, good luck with your studies!

Next
Next – How to revise

CISSP Practice Exam – New CISSP Practice app (iOS) to download now!

cissp practice examThe CISSP exam is tough. There are few people who say it’s easy and having been through it myself I can confirm that it’s hard (although I passed first time it certainly didn’t feel like I would at the time). Getting access to good CISSP practice questions isn’t easy and I found that outside of those provided via the Official Study Guide much of what was on offer wasn’t great… and the interfaces were awful on the iPhone. To help you with your CISSP practice exam I have carefully written and tested (with the help of other budding CISSPs) a new CISSP Practice Questions iOS app which you can download right now:

Download from Appstore

Even better, the first volume of questions (totaling 50 CISSP practice questions) is completely FREE! Here is a quick overview of the key features:

  • 50 CISSP practice questions for FREE
  • 250 total questions offered in manageable 50 question volumes
  • Option to unlock each subsequent volume separately or to unlock all volumes at a discount
  • No ads (we all hate ads in apps right?)
  • Clean, easy-to-use interface
  • Questions written by qualified CISSP who self-studied and passed first time

OK, great but there are loads of other CISSP apps right?

Yes, there are. Well, there are some others but although I’m not independent I did try many other apps before deciding to write my own. Without naming names the drawbacks I found with many others were:

  • You had to pay before you could try – I’m rarely confident to pay up-front for an app I can’t try – so why should you?CISSP sample question
  • Some were really expensive – one of the most popular ones you had to pay almost $30 to unlock the full functionality – as an independent developer I’ve aimed to keep the pricing fair and reasonable
  • Poor interface design – some apps I found you had to learn how to use the app before you could actually start to learn and benefit from the content – I have aimed to keep the app as intuitive and easy-to-use as possible and I hope that you find this true of your experience

I’ve tried to keep my own experiences in mind while developing the CISSP Practice Questions app and I hope that you find it supports your learning while preparing for your CISSP exam. If you have any questions feel free to contact me. 

You can download the CISSP Practice Questions iOS app by clicking here.

I wish you all the best with your CISSP exam,

 

Laurie BS CISSP

CISSP Practice Questions app coming soon!

Following the successful release of the iOS CISSP Flashcards app I have spent the last couple of months carefully curating a set of 250 CISSP questions and packaging them into a clean intuitive iPhone app – the CISSP Practice Questions iOS app!

I quickly got frustrated using other sources of CISSP questions and wanted to test myself on more questions to give myself the best chance of passing my CISSP exam first time. A good app which was easy to use wasn’t easy to find – now it is!

I have kept the interface as intuitive and straightforward as possible to prevent the requirement to have to ‘learn’ how to use the app. The questions are broken down into 5 volumes of CISSP practice question and cover a broad range of topics. To keep things challenging not all questions require only one choice – to really make you think, you will have to accurately identify the correct options without knowing how many selections are required on some questions.

Key features

The key features of the CISSP Practice Questions app are:

  • Clean, intuitive interfaceCISSP practice questions
  • No ads (no one likes ads!)
  • Free to download
  • No internet connection required while using the app
  • Free first 50 questions
  • 250 total questions covering a broad range of topics from the CISSP syllabus
  • Written by a qualified CISSP who self-studied for and passed the CISSP exam first time

I want to ensure that you get your hands on the CISSP Practice Questions app as soon as possible to give you the best chances of success in your exam I would like to invite you to leave your email address below and I will email you as soon as it’s ready for release. Good luck with your exam!

Sign up below!

 

best CISSP study guide pdf

CISSP study guide PDF eBook – for FREE

I know that people studying for the CISSP exam are by nature very busy people and I recognize that navigating websites trying to find all the advice you need is often a frustrating experience (even where the navigation is good). To give you a leg up I’ve carefully compiled a new 49 page CISSP study guide pdf which you can download for FREE!

best CISSP study guide pdf

CISSP study guide pdf – what’s in it

This study guide covers practical advice for people who are looking to study for and pass the CISSP exam with a view to becoming CISSP certified. This CISSP Study Guide offers guidance on what the CISSP is and reasons why you may decide to pursue it, strategies and tactics on effective study and advice on last minute preparation before taking the exam. Further to that, it also includes guidance on what happens after you pass the CISSP exam with a view to getting your CISSP certification application completed (and what to do if you don’t pass first time).

This guide isn’t just another technical guide – there are other people who have produced comprehensive guides (such as the Official Study Guide from Sybex and Shon Harris’ guide). This CISSP Study Guide covers advice about how to prepare yourself to give yourself the best chances of success in passing your CISSP exam first time. Here’s a sneak preview of the table of contents to give you a flavor of the content:

  1. What is CISSP?
  2. Planning for certification
  3. Study options
  4. Planning your CISSP study
  5. Note taking
  6. Flashcards
  7. How to revise
  8. How to know when you’re ready
  9. 24hrs to go…
  10. My top 5 CISSP exam tips
  11. Passed? – now get certified
  12. Thanks for reading (and where you can get more)
  13. Appendix A – Didn’t quite make it first time? Don’t give up!
  14. Appendix B – List of study resources
  15. Disclaimer

The CISSP Study Guide PDF is structured to read in the order that you progress through the CISSP certification process: from the initial decision to get certified and the requirements to get certified, through planning and structuring your studies, revision techniques, last minute exam preparation  and how to get certified after passing.

I know someone else who would benefit from this CISSP study guide, can I share it?

Yes! Absolutely! The guide is free and I actively encourage you to share the guide with anyone you feel could benefit. The only request that I have is that you include a reference and hyperlink to cyberonthewire.com when you do so.

OK, I want it – how do I get it?

Simply scroll down and fill in your email address in the box below and press the blue ‘Submit’ button – I’ll email you the link where you can download your CISSP Study Guide PDF straight away. Hate being on mailing lists? No problem, every email (including the initial one you’re sent) has an unsubscribe link built in. If you decide to stick around I’ll be pleased to have you on board – subscribers get stuff before everyone else and it gives you a way to email me directly if you have any questions.

Good luck with your studies!

Laurie BS CISSP

pass CISSP exam

How to pass CISSP exam 24hrs to go…

Crunch time, you have put a lot of work into this – most likely you’ve spent months studying hard and searching online ‘how to pass CISSP exam’ in it’s various guises. No doubt you soon found that there aren’t any shortcuts. You have to study hard and smart to be in with a fighting chance. Hopefully you have read the preceding articles (particularly those on revision and my post on how to know when you’re ready). This post is a short one on what to spend your last 24 hours doing up until you step into the exam room. I’ve been (un)fortunate enough to have to take a few exams in the last few years however I understand that for some people it could have been many years since you had to go through this ordeal – if so my sympathies are with you! I’ve also been the position in the past of performing solo classical piano recitals at university so believe me, I know what it feels like to feel under pressure to perform! Remember that this is my advice, if you disagree with it and want to prepare in a different way that’s fine – it’s your exam, not mine.

The day before

how to pass CISSP examThe day before any exam I do no study at all. None. Why? Well actually there are a few reasons. Firstly, you already know that the amount of material that you have to study for this exam is vast. Most likely it has taken you months rather than weeks to get through, so if you really think that studying for a few extra hours the day before the exam is going to make a significant difference to your knowledge you’re kidding yourself. At this point preparation is more about preparing yourself rather than preparing the knowledge. Secondly you are likely to keep going over topics that you struggle with. For example if you’ve spent the last few weeks struggling to remember the numerous key lengths of the various cryptographic functions this is likely to be what you will continue to do for the last few hours. If you haven’t got it by now its better to accept that you wont get it. Accept it rather than punishing yourself and making yourself even more anxious than you are already. Finally, it’s important to rest before taking the exam – it is challenging, it’s long and there are a lot of questions to get through which require your concentration. Don’t put yourself in a poor starting position by staying up late studying the night before. The day before exams I make sure my books, flashcards, apps and Facebook groups are out of sight and out of mind. The final stages in how to pass your CISSP exam are: rest, relax and plan.

Plan?

What do you mean plan? You’ve already said not to study and it’s not as if you know what the questions will be so how can you plan? So this planning is all about putting you in a strong position so that you can give yourself the best chances of passing your CISSP exam. The aim is to reduce your worries and manage the practical aspects of the day to avoid unnecessary stresses. This includes:

  • snacks for CISSP exam planning your journey (Google maps is our friend) – make sure you know exactly how you’re getting to your CISSP exam
  • be generous with time – give yourself a safety margin
  • decide what you’re going to wear – comfort is the key
  • decide what you’re going to eat before you leave – running out of energy isn’t going to help
  • put your ID in a place you can’t forget it – imagine how disappointed you would be to get turned away without even starting
  • consider taking earplugs – noise irritates some people (like me), you don’t have to use them but wouldn’t it be nice to have the option?
  • take food and drink – you won’t be allowed to take it in but can leave it just outside the door and take a break to eat if you want to

It goes without saying that getting a good night’s sleep is important but then we also know that this isn’t always the easiest thing to control. After all, the more you worry about the importance of sleeping the more unattainable it seems to be. Suffice to say that the better you have planned and prepared the less you will have to worry about when you go to bed. Make sure you give yourself at least the opportunity to get plenty of sleep and whatever you do, don’t stay up all night revising!

Day 0

Test day! You thought it would never come, wished it would and now, perhaps wish it hadn’t! The most important thing about test day is not to concern yourself about whether you pass or not – by this stage it’s largely out of your control anyway. You’ve done whatever study you’ve done and the rest is down to what questions you get and your test technique (see next article). Make sure you have a decent meal before you take your exam as the CISSP is long – even if you’re quick. Make sure you take your ID with you as well as your snacks, drink and earplugs. Stick to your plan in terms of travel to make sure you arrive in plenty of time. One trick that I’ve adopted is to get to the building with plenty of time to spare so that I know EXACTLY where it is and then go and have a coffee somewhere nearby. That gives me the option of having a nice big safety margin (if I get delayed I just go straight in) and avoids last minute panic of not being able to find the right building. At the same time it avoids sitting around for ages in the exam building waiting with a load of other worried looking people!

You’ll have to lock up your possessions (including phones) in a locker, then will be provided with writing materials in case you need to make any notes as you go along. You’ll be allocated a computer terminal at which you’ll take your test and then it will be time to start. You have to accept the (ISC)2 terms/conditions before starting your test – this times out and if you don’t accept it in time you cannot sit your exam! From then on it’s just you and 250 exam questions. Make sure that you read the following article in which I discuss some tactical tips and options to help you pass your CISSP exam. If you’re still in the study or revision stages be sure to check out the resources section for materials to support your studies.

Next
Next – Top 5 CISSP exam tips

test yourself before downloading the CISSP Flashcards iOS app

It’s not long now until the CISSP Flashcards iOS app is officially launched and I thought that while you wait you would like to try your hand at some Q&As based on some of the selected flashcards, if you want to be notified of the launch and take advantage of a special launch day price to unlock all 550+ flashcards in the iOS app be sure to leave your email address below!

[qdeck random=”true” align=”center”] [q] What is risk?

 

[a] The likelihood that a threat will cause harm to an asset – the combination of a threat and a vulnerability.

 

[q] What does DREAD stand for?

 

[a]  Damage potential, Reproducibility, Exploitability (how hard is the attack to perform), Affected users (as percentage of total users), Discoverability.

 

[q] What does MTD stand for?

 

[a] Maximum Tolerable Downtime.

 

[q]  What act legislated the ‘prudent man rule’ in terms of information security?

 

[a]  Federal Sentencing Guidelines.

 

[q]  Which role has the responsibility of providing users access to a system?

 

[a]  Administrators.

 

[q]  What is Kerchoff’s principle?

 

[a]  That a system ought to be secure even if it’s details/formula are known.

 

[q]  What is the formula to work out the number of keys required for n people using symmetric key cryptography?

 

[a]  K = n*(n-1)/2

 

[q]  What are the ranges of private IP addresses?

 

[a]  10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255

 

[q]  What are polymorphic viruses?

 

[a]  Modify themselves to in order to generate different signatures.

 

[q] What do the letters in ACID relate to in terms of databases/integrity?

 

[a]  Atomicity – transactions are ‘all or nothing’ and can be rolled back, Consistency – transactions begin/end with the database in a consistent state, Isolation – transactions must not overlap, Durability – transactions are preserved (through logs)

 

[x] Exit text
(enter text or “Add Media”; double-click to format)

[/qdeck]

 

 

I hope you enjoyed these sample cards, if you’re interested in getting notified of the CISSP Flashcards iOS app launch to take advantage of the special launch price leave your email address below!

 

CISSP exam questions – practice

CISSP exam questions

These are practice CISSP exam questions written to help you practice for your exam/check your knowledge. You can get hold of further CISSP study materials (including my set of 550+ flashcards) on the resources page.

These practice questions are not taken from any exam paper and are not endorsed/affiliated with (ISC)2 but cover topics that feature in the Official Study Guide. If you would like to be notified when further questions are added SIGN UP FOR UPDATES BELOW!

practice CISSP exam questions part 1

[qwiz repeat_incorrect=”false”] [q multiple_choice=”true”] Sarah has been told that her job as a developer is being terminated due to poor performance. Before leaving she programs malware into the system she was working on that will erase the source code the day after she leaves. Which type of malware is this?

[c] A:Trojan horse

[f] Incorrect. D: Logic bomb –  attack lies dormant until triggered by event (in this case a specific date)

[c] B: Worm

[f] Incorrect. D: Logic bomb –  attack lies dormant until triggered by event (in this case a specific date)

[c] C: Zero day exploit

[f] Incorrect. D: Logic bomb –  attack lies dormant until triggered by event (in this case a specific date)

[c*] D: Logic bomb

[f] Correct. Logic bomb –  attack lies dormant until triggered by event (in this case a specific date)

[q multiple_choice=”true”] John starts his logon by entering a username John1. Which term accurately describes this action?

[c] A: Authentication

[f] Incorrect. B: Identification – is where the user professes to be a specific person/user – by saying I am [name/username/etc] [c*] B: Identification

[f] Correct: Identification – is where the user professes to be a specific person/user – by saying I am [name/username/etc] [c] C: Availability

[f] Incorrect: B: Identification – is where the user professes to be a specific person/user – by saying I am [name/username/etc] [c] D: Authorization

[f] Incorrect: B: Identification – is where the user professes to be a specific person/user – by saying I am [name/username/etc] [q multiple_choice=”true”] A member of staff is spoken to after unwittingly downloading a trojan after following a link in an email. She states that she had no idea that following a link could have such an effect. What type of control should be reviewed to avoid this specific issue?

[c] A: Antivirus – this is a technical issue if the antivirus had been better the trojan wouldn’t have been able to install.

[f] Incorrect. B: careful with the question. Its asking specifically about the member of staff’s lack of knowledge.

[c*] B: Policy controls – by having a suitable policy in place staff members would have their awareness raised of such issues and as a result the member of staff would have been less likely to follow such links.

[f] Correct. B: careful with the question. Its asking specifically about the member of staff’s lack of knowledge.

[c] C: Compensative – if there were a proper compensative control in place any damage caused by the trojan could have been automatically rectified.

[f] Incorrect. B: careful with the question. Its asking specifically about the member of staff’s lack of knowledge.

[c] D: Preventive – if the permissions in place for the member of staff had been more restrictive the trojan could not have been installed via the member of staff’s account.

[f] Incorrect: B: careful with the question. Its asking specifically about the member of staff’s lack of knowledge.

[q multiple_choice=”true”] A free application is downloaded from the internet which promises to improve performance. The application is also recording login data and sending them to another party. This application is best described as which of the following?

[c*] A: Trojan horse

[f] Correct. A: Trojan horse—a software program that appears benevolent but carries a malicious, behind-the-scenes payload that has the potential to wreak havoc on a system or network

[c] B: Worm

[f] Incorrect. A: Trojan horse—a software program that appears benevolent but carries a malicious, behind-the-scenes payload that has the potential to wreak havoc on a system or network

[c] C: Logic bomb

[f] Incorrect. A: Trojan horse—a software program that appears benevolent but carries a malicious, behind-the-scenes payload that has the potential to wreak havoc on a system or network

[c] D: Virus

[f] Incorrect. D: Trojan horse—a software program that appears benevolent but carries a malicious, behind-the-scenes payload that has the potential to wreak havoc on a system or network

[q multiple_choice=”true”] Following a mass data breach the CEO of the company is being held responsible as it emerged that she did not carry out reasonable steps to protect the data. Which rule has likely been broken?

[c] A: Least privilege.

[f] Incorrect. D: Prudent man rule – Senior executives must take all reasonable steps/precautions exercising the same due care that an ordinary prudent man would in the same situation.

[c] B: None, the senior executives have no responsibility in such circumstances.

[f] Incorrect. D: Prudent man rule – Senior executives must take all reasonable steps/precautions exercising the same due care that an ordinary prudent man would in the same situation.

[c] C: 4th amendment

[f] Incorrect. D: Prudent man rule – Senior executives must take all reasonable steps/precautions exercising the same due care that an ordinary prudent man would in the same situation.

[c*] D: Prudent man rule

[f] Correct. D: Prudent man rule – Senior executives must take all reasonable steps/precautions exercising the same due care that an ordinary prudent man would in the same situation.

[q multiple_choice=”true”] An organization has a plan which aims to increase revenue by 15% over the next 6 years whilst improving customer confidence in the security of their data by 30% in the same period. What type of plan is this?

[c*] A: Strategic plan

[f] Correct. A: strategic plans are long term (5+ years) defining long terms goals whereas operational tend to be around 1 year and tactical are reviewed monthly/quarterly.

[c] B: Operational plan

[f] Incorrect. A: strategic plans are long term (5+ years) defining long terms goals whereas operational tend to be around 1 year and tactical are reviewed monthly/quarterly.

[c] C: Tactical plan

[f] Incorrect. A: strategic plans are long term (5+ years) defining long terms goals whereas operational tend to be around 1 year and tactical are reviewed monthly/quarterly.

[c] D: Technical plan

[f] Incorrect. A: strategic plans are long term (5+ years) defining long terms goals whereas operational tend to be around 1 year and tactical are reviewed monthly/quarterly.

[q multiple_choice=”true”] A staff member was informed that he was to have his job terminated during a meeting with his supervisor at which a representative from HR was present. He was told to clear his belongings and leave at the end of the day. At which point should his user account have been amended and what action should have been taken on it?

[c] A: Once he has left the premises. It should be deleted because he no longer requires it.

[f] Incorrect: C: User accounts should be deactivated at the time they are informed that their work is going to be terminated. By deactivating early they are effectively tipped off, too late and they may cause damage to files/systems.

[c] B: Before he was told that he was to have his work terminated. It should have been suspended/deactivated.

[f] Incorrect. C: User accounts should be deactivated at the time they are informed that their work is going to be terminated. By deactivating early they are effectively tipped off, too late and they may cause damage to files/systems.

[c*] C: During his termination interview. It should be suspended/deactivated.

[f] Correct. C: User accounts should be deactivated at the time they are informed that their work is going to be terminated. By deactivating early they are effectively tipped off, too late and they may cause damage to files/systems.

[c] D: During his termination. It should be deleted immediately.

[f] Incorrect. C: User accounts should be deactivated at the time they are informed that their work is going to be terminated. By deactivating early they are effectively tipped off, too late and they may cause damage to files/systems.

[q multiple_choice=”true”] In software development which of the following terms describes HOW a process runs to avoid memory conflicts?

[c] A: Bounds

[f] Incorrect. B: processes run in isolation which prevents them from sharing memory with other processes preventing conflicts.

[c*] B: Isolation

[f] Correct. B: processes run in isolation which prevents them from sharing memory with other processes preventing conflicts.

[c] C: Star property

[f] Incorrect. B: processes run in isolation which prevents them from sharing memory with other processes preventing conflicts.

[c] D: Need-to-know

[f] Incorrect. B: processes run in isolation which prevents them from sharing memory with other processes preventing conflicts.

[q multiple_choice=”true”] The five elements of AAA services are?

[c] A: Authorization, authentication, confirmation, auditing, accounting.

[f] Incorrect. D: all of the other choices include an item not part of the five elements of AAA services according to the Official Study Guide.

[c] B: Authentication, identification, accounting, auditing, confidentiality.

[f] Incorrect. D: all of the other choices include an item not part of the five elements of AAA services according to the Official Study Guide.

[c] C: Identification, accountability, confidentiality, authorization, authentication.

[f] Incorrect. D: all of the other choices include an item not part of the five elements of AAA services according to the Official Study Guide.

[c*] D: Identification, authentication, authorization, auditing, accounting.

[f] Correct. D: all of the other choices include an item not part of the five elements of AAA services according to the Official Study Guide.

[q multiple_choice=”true”] Where a process is confined to run only accessing specific areas of memory, what are the limits of memory allocated referred to as?

[c] A: Isolation

[f] Incorrect. B: Bounds are the limits set on memory within which an isolated process is confined.

[c*] B: Bounds

[f] Correct. B: Bounds are the limits set on memory within which an isolated process is confined.

[c] C: TCB

[f] Incorrect. B: Bounds are the limits set on memory within which an isolated process is confined.

[c] D: Ringfencing

[f] Incorrect. B: Bounds are the limits set on memory within which an isolated process is confined.

[x] [restart] [/qwiz]

practice CISSP exam questions part 2

[qwiz repeat_incorrect=”false”] [q multiple_choice=”true”] Which of the following radio transmission protocols send in parallel?

[c] A: Spread spectrum, FHSS

[f] Incorrect. B: Spread spectrum and DSSS transmit in parallel

[c*] B: Spread spectrum, DSSS

[f] Correct. B: Spread spectrum and DSSS transmit in parallel

[c] C: OFDM, FHSS

[f] Incorrect. B: Spread spectrum and DSSS transmit in parallel

[c] D: FHSS, DSSS

[f] Incorrect. B: Spread spectrum and DSSS transmit in parallel

[q multiple_choice=”true”] A government organization creates new material, the unauthorized disclosure of which would cause critical damage to national security with significant effects. What is the appropriate classification for this new material?

[c] A: Confidential

[f] Incorrect. B: The definition of Secret material is that it’s unauthorized disclosure would have significant effects causing critical damage to national security (Confidential is not part of the government classification scheme).

[c] B: Top Secret

[f] Incorrect. B: The definition of Secret material is that it’s unauthorized disclosure would have significant effects causing critical damage to national security (Top Secret is ‘drastic effects’ and ‘grave damage).’

[c*] C: Secret

[f] Correct. B: The definition of Secret material is that it’s unauthorized disclosure would have significant effects causing critical damage to national security (Top Secret is ‘drastic effects’ and ‘grave damage’).

[c] D: Sensitive

[f] Incorrect. B: The definition of Secret material is that it’s unauthorized disclosure would have significant effects causing critical damage to national security (Sensitive is not part of the governmental classification scheme).

[q multiple_choice=”true”] A company is concerned that it is carrying too much risk to its data center due to frequent forest fires and are considering implementing a new fire suppression system. The ALE before implementing it is $500,000 whereas after its implementation the ALE would be $50,000. Its estimated that to implement the new suppression system will cost $10,000 per year. What is the value of this safeguard to the company?

[c*] A: $440,000

[f] Correct. A: ALE1 – ALE2 – ACS = $440,000

[c] B: $10,000

[f] Incorrect. A: ALE1 – ALE2 – ACS = $440,000

[c] C: $500,000

[f] Incorrect. A: ALE1 – ALE2 – ACS = $440,000

[c] D: $60,000

[f] Incorrect. A: ALE1 – ALE2 – ACS = $440,000

[q multiple_choice=”true”] The role responsible for creating and testing backups of data as well as managing it’s storage based on it’s classification is which of the following:

[c] A: User

[f] Incorrect. D: Data custodian is responsible for performing backups/testing backups and managing data storage based on it’s classification.

[c] B: Data owner

[f] Incorrect. D: Data custodian is responsible for performing backups/testing backups and managing data storage based on it’s classification.

[c] C: Pentester

[f] Incorrect. D: Data custodian is responsible for performing backups/testing backups and managing data storage based on it’s classification.

[c*] D: Data custodian

[f] Correct. D: Data custodian is responsible for performing backups/testing backups and managing data storage based on it’s classification.

[q multiple_choice=”true”] Grace manages to access encrypted files by using precomputed hashes of common passwords as part of her attack. What are these collections of hashes known as?

[c] A: brute forcing

[f] Incorrect. B: Rainbow tables are precomputed hashes of passwords which can be compared against a system’s password hash in an effort to identify the password used.

[c*] B: rainbow tables

[f] Correct. B: Rainbow tables are precomputed hashes of passwords which can be compared against a system’s password hash in an effort to identify the password used.

[c] C: one-upping

[f] Incorrect. B: Rainbow tables are precomputed hashes of passwords which can be compared against a system’s password hash in an effort to identify the password used.

[c] D: worm

[f] Incorrect. B: Rainbow tables are precomputed hashes of passwords which can be compared against a system’s password hash in an effort to identify the password used.

[q multiple_choice=”true”] A programmer writes malware which overwrites a users files before replicating itself and attaching itself and spreading via FTP. Which of the following best describes this malware?

[c] A: Trojan affecting integrity

[f] Incorrect. D: worms self replicate and integrity is affected through the unauthorized manipulation of data.

[c] B: Virus affecting confidentiality

[f] Incorrect. D: worms self replicate and integrity is affected through the unauthorized manipulation of data.

[c] C: Multipartite virus

[f] Incorrect. D: worms self replicate and integrity is affected through the unauthorized manipulation of data.

[c*] D: Worm affecting integrity

[f] Correct. D: worms self replicate and integrity is affected through the unauthorized manipulation of data.

[q multiple_choice=”true”] Which of the following is not a recommended measure to mitigate DoS?

[c] A: Disable echo replies

[f] Incorrect. D: Whitelisting is not listed as a measure used to mitigate DoS.

[c] B: Disable broadcast features

[f] Incorrect. D: Whitelisting is not listed as a measure used to mitigate DoS.

[c] C: Block spoofed packets
[f] Incorrect. D: Whitelisting is not listed as a measure used to mitigate DoS.

[c*] D: Use a whitelisting policy for applications

[f] Correct. D: Whitelisting is not listed as a measure used to mitigate DoS.

[q multiple_choice=”true”] Which of the following are typical states reported from a port scan?

[c] A: open/filtered

[f] Incorrect. C: states that a port can be in are open/closed/filtered.

[c] B: closed/open
[f] Incorrect. C: states that a port can be in are open/closed/filtered.

[c*] C: open/closed/filtered

[f] Correct. C: states that a port can be in are open/closed/filtered.

[c] D: open/closed/filtered/connected

[f] Incorrect. C: states that a port can be in are open/closed/filtered.

[q multiple_choice=”true”] A backup is being run overnight which copies only those files which have been changed since the most recent full or incremental backup. Once the files are copied the backup resets the archive bit to 0. What type of backup is this?

[c] A: Differential

[f] Incorrect.  C: Incremental backups copy files changed since last full or incremental backup and reset the archive bit afterwards.

[c] B: Partial

[f] Incorrect.  C: Incremental backups copy files changed since last full or incremental backup and reset the archive bit afterwards.

[c*] C: Incremental

[f] Correct. C: Incremental backups copy files changed since last full or incremental backup and reset the archive bit afterwards.

[c] D: Full

[f] Incorrect. C: Incremental backups copy files changed since last full or incremental backup and reset the archive bit afterwards.

[q multiple_choice=”true”] Access to encrypted material is gained through a technique that relies on hash collisions. What type of attack is this?

[c*] A: Birthday attack

[f] Correct. A: An attack that relies on hash collisions is a Birthday Attack.

[c] Zero day exploit

[f] Incorrect. A: An attack that relies on hash collisions is a Birthday Attack.

[c] Meet in the middle

[f] Incorrect. A: An attack that relies on hash collisions is a Birthday Attack.

[c] D: Man in the middle

[f] Incorrect. A: An attack that relies on hash collisions is a Birthday Attack.

[/qwiz]

practice CISSP exam questions part 3

[qwiz repeat_incorrect=”false”] [q multiple_choice=”true”] A company has a directory of it’s staff members on a public facing part of its website, the information includes staff members dates of birth and home addresses. What level of sensitivity is this data and at what level is it being treated?

[c] A: This information is Confidential but is being treated as Public.

[f] Incorrect. C: The information is Private but is being treated as Public.

[c] B: This information is Private but is being treated as Sensitive.

[f] Incorrect. C: The information is Private but is being treated as Public.

[c*] C: This information is Private but is being treated as Public.

[f] Correct. C: The information is Private but is being treated as Public.

[c] D: This information is Sensitive but is being treated as Public.

[f] Incorrect. C: The information is Private but is being treated as Public.

[q multiple_choice=”true”] The system for categorising non-governmental information based on it’s sensitivity from most to least sensitive is which of the following?

[c] A: Sensitive > Confidential > Private > Public

[f] Incorrect. B: Confidential > Private > Sensitive > Public

[c*] B: Confidential > Private > Sensitive> Public

[f] Correct. B: Confidential > Private > Sensitive > Public

[c] C: Public > Private > Sensitive > Unclassified

[f] Incorrect. B: Confidential > Private > Sensitive > Public

[c] D: Proprietary > Sensitive > Private

[f] Incorrect. B: Confidential > Private > Sensitive> Public

[q multiple_choice=”true”] What is STRIDE?

[c] A: A guide developed by IBM to assist in server log analysis.

[f] Incorrect. C: A guide developed by Microsoft to assist in threat analysis.

[c] B: A software development model which is commonly adopted by teams who advocate an Agile development style.

[f] Incorrect. C: A guide developed by Microsoft to assist in threat analysis.

[c*] C: A guide that can be used to assess threats developed by Microsoft

[f] Correct. C: A guide developed by Microsoft to assist in threat analysis.

[c] D: An acronym that is used to assist with asset valuation.

[f] Incorrect. C: A guide developed by Microsoft to assist in threat analysis.

[q multiple_choice=”true”] What does STRIDE stand for?

[c] A: Software, Timing (attacks), Repudiation, Integrity, Damage, Escalation

[f] Incorrect. D: Spoofing, Tampering, Repudiation, Information disclosure, DOS, Elevation (of privileges)

[c] B: Spoofing, Tampering, Repudiation, Integrity, DOS, Elevation (of privileges)

[f] Incorrect. D: Spoofing, Tampering, Repudiation, Information disclosure, DOS, Elevation (of privileges)

[c] C: SPAM, TOCTOU, Repudiation, Integrity, DOS, Elevation (of privileges)

[f] Incorrect. D: Spoofing, Tampering, Repudiation, Information disclosure, DOS, Elevation (of privileges)

[c*] D: Spoofing, Tampering, Repudiation, Information disclosure, DOS, Elevation (of privileges)

[f] Correct.D: Spoofing, Tampering, Repudiation, Information disclosure, DOS, Elevation (of privileges)

[q multiple_choice=”true”] After having taken on a new job following successfully passing your CISSP exam you’ve been asked to completed an assessment using DREAD, what task is this likely to help you with?

[c*] A: Rating and prioritizing threats.

[f] Correct. A: Rating and prioritizing threats.

[c] B: Identifying threats.

[f] Incorrect. A: Rating and prioritizing threats.

[c] C: Assessing the effectiveness of safeguards.

[f] Incorrect. A: Rating and prioritizing threats.

[c] D: Conducting BIA.

[f] Incorrect. A: Rating and prioritizing threats.

[q multiple_choice=”true”] A technician has developed a remote access system which relies on PAP for it’s authentication. What is the main drawback of this?

[c*] A: In PAP credentials are transferred as ‘clear text’ and are not encrypted

[f] Correct. A: In PAP credentials are transferred as ‘clear text’ and are not encrypted

[c] B: Although passwords are encrypted, in PAP usernames are always unencrypted

[f] Incorrect. A: In PAP credentials are transferred as ‘clear text’ and are not encrypted

[c] C: PAP is used for checking integrity using ‘hashing’ and is not used in remote communications

[f] Incorrect. A: In PAP credentials are transferred as ‘clear text’ and are not encrypted

[c] D: PAP is slow

[f] Incorrect. A: In PAP credentials are transferred as ‘clear text’ and are not encrypted

[q multiple_choice=”true”] An organization intends to support remote working for some of it’s employees and is considering what options there are for users to access the company network whilst maintaining an adequate level of security. Which select the option that would both support such an arrangement while at the same time maintaining security?

[c] A: Only allow connections via VPN but allow authenticated users access to the same parts of the network as they would access while in the office.

[f] Incorrect. D: Force connections to be made using a VPN and ensure that devices carrying only whitelisted applications can be used while preventing all access to highly sensitive material.

[c] B: Support browser based access using the HTTP protocol ensuring that access is straightforward for staff and provide guidance on how to maintain security.

[f] Incorrect. D: Force connections to be made using a VPN and ensure that devices carrying only whitelisted applications can be used while preventing all access to highly sensitive material.

[c] C: Ensure that users connect using a VLAN and limit their access to sensitive data.

[f] Incorrect. D: Force connections to be made using a VPN and ensure that devices carrying only whitelisted applications can be used while preventing all access to highly sensitive material.

[c*] D: Force connections to be made using a VPN and ensure that devices carrying only whitelisted applications can be used while preventing all access to highly sensitive material.

[f] Correct. D: Force connections to be made using a VPN and ensure that devices carrying only whitelisted applications can be used while preventing all access to highly sensitive material.

[q multiple_choice=”true”] A company has ensured that the transmission of all sensitive data is encrypted using the industry standard levels of encryption. However a backup disc has been stolen containing the same sensitive data which was not encrypted. An investigation into this incident found that a policy was unclear when it came to distinguishing the two types of data encryption. What are they?

[c] A: Data in motion and data on disc

[f] Incorrect. B: Data at rest and Data in motion

[c*] B: Data at rest and Data in motion

[f] Correct. B: Data at rest and Data in motion

[c] C: Sensitive data and non-sensitive data

[f] Incorrect. B: Data at rest and Data in motion

[c] D: Still data and moving data

[f] Incorrect. B: Data at rest and Data in motion

[q multiple_choice=”true”] A network administrator is concerned about malicious actors conducting reconnaissance on the network. In an attempt to identify such actors she has allocated a section of the network: 192.168.10.x behind an IDS. None of these IP addresses are used by business. What has she created?

[c*] A: Darknet

[f] Correct. A: Darknet

[c] B: Padded cell

[f] Incorrect.A: Darknet

[c] C: Honey net

[f] Incorrect. A: Darknet

[c] D: Honey pot

[f] Incorrect. A: Darknet

[q multiple_choice=”true”] You have been asked to select a backup site to run the business out of should the primary site be struct by a disaster. The site must be running within 2 hours although you’ve been told that there is no requirement for copies of the company’s data to be held there. What type of site is required?

[c] A: Warm site

[f] Incorrect. D: hot site (due to time requirement, their stipulations about data are irrelevant).

[c] B: Fast warm site

[f] Incorrect. D: hot site (due to time requirement, their stipulations about data are irrelevant).

[c] C: Cold site

[f] Incorrect. D: hot site (due to time requirement, their stipulations about data are irrelevant).

[c*] D: Hot site

[f] Correct. D: hot site (due to time requirement, their stipulations about data are irrelevant).

[/qwiz]

practice CISSP questions part 4

[qwiz repeat_incorrect=”false”] [q multiple_choice=”true”] A malicious user has managed to bypass a company’s firewall successfully despite not being authorized. However they have been automatically transferred into a virtual network without their knowledge where they cannot damage real assets. What has happened?

[c] A: They have been attracted by a honey net

[f] Incorrect. C: They have been moved to a padded cell.

[c] B: They have been intercepted by antivirus

[f] Incorrect. C: They have been moved to a padded cell.

[c*] C: They have been moved to a padded cell

[f] Correct. C: They have been moved to a padded cell.

[c] D: They have been moved to a botnet

[f] Incorrect. C: They have been moved to a padded cell.

[q multiple_choice=”true”] An unauthorized user has identified that a server is actively listening for Telnet connections on port 23 following a port scan. This is despite a policy which states that only required ports ought to be active. The user successfully connects to the server using Telnet and having logged in is greeted with the banner: “Welcome to xyz company!”. The user goes on to delete files which ought not be stored on a public facing server. What is the main legal challenge in prosecuting this person?

[c] A: The policy prohibiting leaving port 23 open wasn’t followed

[f] Incorrect. D: The banner appears to welcome the user to the server

[c] B: It will be hard to link the user to the deletion of the files evidentially

[f] Incorrect. D: The banner appears to welcome the user to the server

[c] C: It is not an offence to connect to a port which is clearly open and accepting connections

[f] Incorrect. D: The banner appears to welcome the user to the server

[c*] D: The banner appears to welcome the user to the server

[f] Correct. D: The banner appears to welcome the user to the server

[q multiple_choice=”true”] A system is designed so that objects at one level are prohibited from reading from a level which is classified at a higher level of sensitivity. On the other hand the same objects are allowed to write up. They are blocked however from writing down to levels of lower sensitivity. Which model is this system based on?

[c] A: Clarke-Wilson

[f] Incorrect. C: Bell-LaPadula

[c] B) Biba

[f] Incorrect. C: Bell-LaPadula

[c*] C) Bell-LaPadula

[f] Correct. C: Bell-LaPadula

[c] D) TCB

[f] Incorrect. C: Bell-LaPadula

[q multiple_choice=”true”] Which of the following describes the elements of patch management in the correct order?

[c*] A: Evaluate, Test, Approve, Deploy, Verify

[f] Correct

[c] B: Notify, Test, Deploy, Document

[f] Incorrect. A: Evaluate, Test, Approve, Deploy, Verify

[c] C: Identify, Test, Authorize, Deploy, Document

[f] Incorrect. A: Evaluate, Test, Approve, Deploy, Verify

[c] D: Test, Evaluate, Authorize, Deploy, Document

[f] Incorrect. A: Evaluate, Test, Approve, Deploy, Verify

[q multiple_choice=”true”] Common Criteria methodology of evaluation has several objectives which of the following is not one of these objectives?

[c] A: Cost effectiveness.

[f] Incorrect. B: Support CEO’s and directors in their responsibility for due diligence is NOT one of the objectives of CC.

[c*] B: Support CEO’s and directors in their responsibility for due diligence.

[f] Correct: B: Support CEO’s and directors in their responsibility for due diligence is NOT one of the objectives of CC.

[c] C: Avoid duplication of evaluations.

[f] Incorrect. B: Support CEO’s and directors in their responsibility for due diligence is NOT one of the objectives of CC.

[c] D: Promote evaluation and increase availability of evaluated products.

[f] Incorrect. B: Support CEO’s and directors in their responsibility for due diligence is NOT one of the objectives of CC.

[q multiple_choice=”true”] After a flood damaged the servers of an organization it became apparent that there had been no contingency planning to allow the business to continue to operate under such circumstances. Which of the following ought to have avoided this situation?

[c] A) BCP

[f] Incorrect. B – DRP

[c*] B) DRP

[f] Correct. B – DRP

[c] C) BIA

[f] Incorrect. B – DRP

[c] D) Remote mirroring

[f] Incorrect. B – DRP

[q multiple_choice=”true”] A senior executive is seduced online by someone called Joanna who from her profile picture looks very attractive (although ‘she’ is in fact a man). Through befriending him she gets access to his social media account from which she identifies a photograph containing location data taken of him at home. This data is used to assist in identifying his home address which is then used to exert influence over him by threatening to show his wife what he has been doing online. What attack technique has been used and how could it have been potentially avoided?

[c] A) This is a SPIT attack which could have been avoided by a more effective firewall/IPS/IDS

[f] Incorrect. B – This is a form of social engineering, the effectiveness could have been reduced by having geolocation turned off on his camera device

[c*] B) This is a form of social engineering, the effectiveness could have been reduced by having geolocation turned off on his camera device

[f] Correct. B – This is a form of social engineering, the effectiveness could have been reduced by having geolocation turned off on his camera device

[c] C) This is attack could have been prevented through having better privacy setting on the social media site. This is not an ‘attack’ and is just carelessness on the part of the executive

[f] Incorrect. B – This is a form of social engineering, the effectiveness could have been reduced by having geolocation turned off on his camera device

[c] D) This is a salami attack where it was built up in stages, disabling geotagging along with a programme to build awareness is the best solution

[f] Incorrect. B – This is a form of social engineering, the effectiveness could have been reduced by having geolocation turned off on his camera device

[q multiple_choice=”true”] A switch has two devices connected to it on separate VLANS. Which of the below is correct?

[c] A: the two devices are in the same collision domain and broadcast domain

[f] Incorrect. C: the two devices are in different broadcast and different collision domains

[c] B: the two devices are in the same collision domain but different broadcast domains

[f] Incorrect. C: the two devices are in different broadcast and different collision domains

[c*] C: the two devices are in different broadcast and different collision domains

[f] Correct. C: the two devices are in different broadcast and different collision domains

[c] D: a switch is always a layer 2 device and cannot affect broadcast domains

[f] Incorrect. C: the two devices are in different broadcast and different collision domains

[q multiple_choice=”true”] The role responsible for creating and testing backups of data as well as managing it’s storage based on it’s classification is which of the following:

[c] A: User

[f] Incorrect. D – Data custodian

[c] B: Data owner

[f] Incorrect. D – Data custodian

[c] C: Pentester

[f] Incorrect. D – Data custodian

[c*] D: Data custodian

[f] Correct. D – Data custodian

[q multiple_choice=”true”] A first responder comes to you to report that an external threat has attacked a company resource via the internet. He provides the following details that he has identified in his investigation: attack came via port 22, attack came from IP address 172.31.124.5, resources attacked are protected by strong authentication/authorization protocols and policies. Which of the following would be an appropriate assessment of this?

[c] A) Port 22 relates to telnet – this service is inherently insecure and ought to be disabled

[f] Incorrect. C) The IP address cannot be an external entity and as such an internal threat is in existence and must be investigated (private IP address)

[c] B) Port 22 relates to FTP and means that malware may have been transferred as a file

[f] Incorrect.  C) The IP address cannot be an external entity and as such an internal threat is in existence and must be investigated (private IP address)

[c*] C) The IP address cannot be an external entity and as such an internal threat is in existence and must be investigated

[f] Correct.  C) The IP address cannot be an external entity and as such an internal threat is in existence and must be investigated (private IP address)

[c] D) Port 22 relates to SSH someone has accessed logged in from the internet using this protocol to undertake the attack

[f] Incorrect.  C) The IP address cannot be an external entity and as such an internal threat is in existence and must be investigated (private IP address)

[/qwiz]

CISSP exam questions – what next?

CISSP flashcards
Buy my set of 550+ CISSP flashcards that I used to pass the CISSP exam first time here!

I hope that you found these practice CISSP exam questions useful and have signed up to get updated when there are new ones. If you haven’t already make sure that you make use of the Sybex questions that come with your Official Study Guide. You can access them here.

Remember that practice questions are important to test your progress but make sure that you keep going over your flashcards to keep the relevant knowledge fresh. If you want to use the set of flashcards I wrote based on the Official Study Guide you can get hold of them here.

CISSP exam questions

Top 5 CISSP exam tips – it’s a question of multiple choice

This post aims to give you 5 simple CISSP exam tips that you can put to use while answering those 250 multiple choice questions. This is how I approach multiple choice exams and these tips have served me well – I hope they do the same for you. If you pass your CISSP exam first time and use these please let me know!

1 RTBQ!CISSP exam tips

A favorite of my old math teacher – Read The Bloody Question! Exams are stressful and the CISSP exam is no different but before you race onto the options in a rush to get to the next question, take the time to properly read what  you’re being asked. It might seem obvious but out of all the CISSP exam tips you get, if you get this right you’ll massively improve your performance. I read exam questions at the speed that I would if I were reading them aloud. Usually twice.

2 spot the key words

In my experience the CISSP exam isn’t as bad as some others I’ve taken for this but there are certain words that you should be training yourself to watch out for because of the effect that they can have on the meaning of the question (and hence the answer that you choose). Words such as ‘can’ mean literally ‘is it possible that…’ – not ‘is it usually true that…’ if you say no then you’re answering that the statement you are being asked about is impossible. Another one is ‘always’ – remember that this means ‘without exception’ – if you can think of a situation, however unlikely that goes against the statement in the question then ‘always’ doesn’t apply.

3 eliminationmultiple choice questions

This is a good technique both for when you’re unsure of the correct answer and to double check even when you are sure. If you aren’t sure of the correct answer, go through each option and see if you can eliminate it. Rather than asking yourself: is this answer right? Ask yourself: is this answer wrong? Remember that to begin with if you don’t know the right answer your odds of guessing it correctly are 25% (1 in 4) if you can eliminate two answers that you know are wrong, even if you still aren’t sure which of the two remaining options are correct at least you’ve improved your chances of guessing it to 50%.

Even if you’re confident that you’ve got the right answer, sometimes it pays to go over the remaining choices to satisfy yourself that they are all incorrect before you continue – you might catch a couple of mistakes that you would have otherwise missed by doing so!

4 flagging

As you may be aware, while taking the CISSP exam you have the option of flagging a question to come back to later. I recommend making good use of this option with one small extra exam tip – select your ‘best guess’ at the time you flag. Although many people find that they barely need half of the allotted time you don’t want to be going back to reread and answer questions with only seconds to go so if you have a question that you’re not comfortable about, select your best guess, flag and move on. You may even find that a question further into the exam might give you a tip in answering the one you flagged. Flagging is there to help you, so use it!

5 rely on the Official study material

Best CISSP flashcards
Click here to get hold of my CISSP flashcards

Although there is a certain amount of using your mind to apply the knowledge don’t make the mistake of trying to ‘do the job’. This is an exam which is based on official study material. Answer accordingly. The questions you are being asked aren’t a real-life situation where you’re being consulted for advice, it’s an exam to test your knowledge. Every question you read first ask yourself: what have I read that covers this?  Answering a question whilst thinking “well this is what we normally do at work” may well not be correct according to the study material. Oh and if you haven’t yet, make sure you’ve got the Official Study Guide. I based all my flashcards directly off the official material.

CISSP exam tips conclusion

So, there you have it 5 CISSP exam tips that you can put into practice immediately. If you find any of them helpful please do leave a comment below or drop me a message. If you have any other tips related specifically to how to approach the questions I’d love to hear the too! You can also check out my resources page where you can get your hands on the flashcards I used to pass my CISSP exam first time.

Taking the plunge diving in

CISSP exam – how to know when you’re ready

The purpose of this article is to give you some guidance in deciding whether you’re ready to take your CISSP exam. There are a few hurdles which can make this a difficult decision to make, but my aim is to help you make that decision in a systematic manner that is personal to you. If you’re looking for resources to help pass your CISSP exam be sure to check out the resources page.

Factors – knowing you’re ready for your CISSP examhow to pass CISSP exam first time

So here are the factors to consider when deciding if you’re reading to take your CISSP exam:

  • performance on practice questions
  • confidence/familiarity with your knowledge
  • cost
  • time sensitive factors
Practice questions

There are a few things which make it hard to decide whether you’re actually ready. One of which is a lack of accurate practice CISSP exam questions. You know roughly what style the questions will be (multiple choice, scenarios, drag-and-drop) but although people can’t discuss their exams it’s common to hear the complaint that the questions weren’t really similar to any that they’d practised. All you can really do is make sure that you’ve practised plenty of questions ideally from multiple sources. Certainly make use of the online practice tests that come with the Official Study Guide and seek out some others as well (I intend to provide some on here in the not too distant future – sign up for updates below and I’ll email you when they’re done). In order to pass you effectively need to be comfortably hitting over 70%. I would recommend that you ensure that you’re in the 80%s before taking your CISSP exam.

Confidence in your knowledge

Your revision phase should also be giving you a good idea as to how well you know the material. In addition to using practice questions you should also be utilizing flashcards, as they are excellent at reinforcing learning and keeping your knowledge fresh. When you’re presented with a practice question, because it’s multiple choice, you are being shown the answer. Whether you can correctly identify it or not is another matter. But you are mostly recognizing rather than recalling which are different. This is particularly the case where you are going over practice questions more than once. You will very quickly recognize a particular scenario and remember the answer from before, even if you don’t actually have the knowledge that the question is asking about. Whatever way you decide to structure your revision, you need to feel confident that there are no major holes in your understanding. Because you will be going over your flashcards repeatedly, you need to be getting over 90% of them right before taking the exam. You can get hold of my flashcards here.

Costcost of CISSP exam

This is something that will depend on your personal circumstances but if you’re paying for your CISSP exam out of your own pocket the chances are that you won’t consider it to be cheap. At the time of writing the US cost for the exam is $599, or to put it another way – if you fail the first time you’ll end up paying at least $1,198 in total to pass! In the UK the cost was £415 when I took my test and there was no way I was going to fail and have to retest for a total of £830 of my own hard earned cash (if you live in a different area or want to see current prices see here). If however you’re being sponsored by your company, this may not be such a concern. Because you can cancel the your exam very close to the date this does mean that you can set a date and book your exam, then as it gets closer if you don’t feel confident you can always cancel it and reschedule at no extra cost. By having a date set it gives you something to work towards which should help you keep motivated. You can also download my free study planner to help you set targets for your study here.

Time sensitive factors

This aspect depends on your life events and what you have going on. Do you need the certification in order to be able to take new role on a specific date? Are you on a contract that is ending soon and want to be CISSP certified when looking for your next job? In that case there are reasons specific to you that will encourage you to get the CISSP exam under your belt sooner rather than later. Other time sensitive factors may be things that impact your ability to study. For example if you’re currently busy with a project at work you may not have the time to study effectively and may plan to pick up your CISSP studies at a later date. On the other hand if you are expecting a baby it may be wise to try and pass your CISSP exam before you’re kept up all night with a crying child!

Taking the plungeTaking the plunge diving in

The questions you need to be able to say yes to before taking your CISSP exam are:

  1. Are you hitting over 80% in your practice tests?
  2. Are you confident in your overall knowledge of the material to the point where you’re getting more than 90% of your flashcards correct?
  3. Are you clear on the exam costs if you don’t pass first time?
  4. Have you taken your own personal time sensitive factors into account when setting a date for your exam?

If the answer to all these questions is ‘yes’ then you should consider yourself ready! Don’t forget to sign up for updates and please leave a comment below with your thoughts or feedback. If you’re looking for study resources be sure to check out the resources page!

Next
Next – How to pass CISSP exam – 24hrs to go
CISSP revision

CISSP study – how to revise

Following a poll I ran asking you, the readers which topics you wanted covered, the majority of you said that you wanted to see more about the actual revision process of CISSP study. My intention is to try and keep this post brief, breaking the subject into 5 topics, as if you are actually revising now, you probably feel under pressure and I understand that time is precious! If you’re looking for study resources to support your learning be sure to check out the resources page!

1 know your enemy (and make friends with it)

The first thing that we need to recognize is that in order to revise (read: prepare) effectively for anything, we need to know what we are revising for. By this, I don’t mean simply ‘an exam’ or ‘the CISSP exam’ but rather what style of exam is it? What type of questions could we reasonably expect? And what knowledge are we going to need for it? Do your best to research question styles so that you at least have a rough idea of what to expect. The bottom line is that the CISSP exam is multiple choice. This points to two particular skills that will really help you out: recognition and tactical elimination:

  • recognition – by going over notes/using flashcards there will be some answers that should jump out to you as being familiar (and likely correct provided you check the question carefully)
  • tactical elimination – for questions where you are uncertain which the right answer is you can narrow the choices by eliminating those that you know are incorrect

I will go into the actual taking of the exam on a later date but for now it’s important to know what you’re revising for in advance.

2 refresh your overview

Before you start freaking out that you can’t remember how many bits there are in a MAC address (48) you need to review your high level overview of the CISSP material. The temptation is to dive into the detail headlong (especially if your exam date is looming) but it really helps to start by taking a step back to look at the broad topic structure. The main benefit of this is that by having a broad structure in place in your mind its easier to:

  1. structure the topics so that you can add/link the detail that you revise in the next section (as the information ‘goes in’)

    CISSP revision

  2. provide a map which can help signpost your recall to the detail that you require when answering questions (as the information ‘comes out’)

This doesn’t need to take long, especially if you’ve taken good notes you can probably list the main topics and sub-topics within a couple of hours.

3 revisit the CISSP study topics in reverse order

This the last time that you’ll review the material without a pointer (see below). This isn’t simply about reading the book again, it’s a chance to review the material to check that you haven’t missed anything in your notes – it’s a ‘skim read’ if you like, paying extra attention to things like lists of contents, bullet points and end of chapter review sections. If there are any topics that stand out as being weak areas, now is the time to pause and revisit material before completing this phase. The reason for going through chapters in reverse order is that when you finished th

e book the first time, chapter 1 was a long time ago, I feel that by switching it up you’re giving yourself a better chance of keeping an equivalence of ‘freshness’ across the topics (this may seem illogical as I realise that the you now have the reverse problem but try it and see how you feel)!

4 keep your knowledge fresh (using flashcards)

CISSP flashcards
Click on the image for details of how to get my set of 550+ CISSP flashcards!

As I’ve mentioned in another post, for me, flashcards were a real lifesaver. They force you to actually use your mind to recall information and help prevent you from getting lazy. There are several ways you can use them, but other than reinforcing your learning, they will quickly highlight weak knowledge areas acting as a ‘pointer’. Concentrate on these weak areas (by going back to your CISSP study guide if necessary) until you are confident. I would keep them with me and do short bursts (say 5 or 10 at a time). You may decide to go through them at random, or by topic, or you may separate those you manage to answer and those you struggle with so that you can continue to concentrate on the ones you’re finding difficult.

5 have a schedule but be flexible

This is perhaps the most crucial point. How long it will take you to revise is personal and not an exact science. The fact that you can cancel the exam close to the date without penalty is both a blessing and a curse. If you couldn’t cancel it, you would just have to do your best up until the day, then cross your fingers. Now its up to you to decide whether you’re ready for the CISSP exam, which isn’t always easy. The approach I took was once I had finished my initial CISSP study, I estimated roughly how long it would take to revise and booked the exam accordingly. That way I had something to work towards, after you’ve put so much work into your CISSP study it would be a shame to lose momentum during revision, have second thoughts and back out. Map out your revision schedule allocating yourself time for each section (which you mapped out in phase 2) plus a safety margin prior to your exam date. Based on your levels of success using your flashcards and utilizing online practice questions you will be able to decide whether you feel confident to take your CISSP exam. Having a schedule for your revision should help you avoid the need to cram at the last minute which is both stressful, and according to an article on the Guardian less effective than spacing your revision out.

Summary

Revision is crucial to all exams but perhaps is particularly important in studying for the CISSP – its an exam which relies largely on being able to recall/recognize information and unlike some exams there is no real practical element which you can ‘work out’ as you go. The amount of material to cover is vast and the length of the exam is similarly gargantuan (although you’re unlikely to need the full 6 hours).

If you have any other tips that you think will help people in their CISSP revision please feel free to leave a comment below and check out the resources section for CISSP study materials to further support your learning. I wish you the best of luck in your CISSP study!

Next
Next – How to know when you’re ready