?
Solved

CISSP Practice Questions

Posted on 2011-02-25
3
Medium Priority
?
790 Views
Last Modified: 2012-05-11
So, I have been studying by butt off for the CISSP exam. I first used the Shon Harris all in one guide, and am blowing away the practice tests. As background, I've been in IT for over 12 years, and have a very broad array of experience. At least 60% of the information in the Harris book is "native" to me.

Then I got nervous about the test because everyone says it is so difficult, so I signed up for the quiz engine at cccure.org. Those questions are COMPLETELY different. They are much more technically complex, and hair-splitting. I feel like I'm heading backwards.

My question, to those who have taken and passed the exam is this: which questions are more representative of the type asked on the actual test?

Thanks for your assistance!
0
Comment
Question by:BleuTango
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
yasserd earned 2000 total points
ID: 34989803
For my SSCP (which is similar to CISSP https://www.isc2.org/sscp/default.aspx) I used www.freepracticetests.org (I think its the same as cccure) to review my knowledge of the subject and I found it very similar to the exam.
0
 
LVL 64

Expert Comment

by:btan
ID: 34990341
CISSP certification is definitively not a technical certification. There wouldnt be too much technical question but also does not mean there is none. The intent for CISSP test cover more than 400 concepts of the 10 domains. The technicalities are just part and parcel for assessing candidates holistically but not the determining factor. Experience help if you have IT Security dealing ... nonetheless, you need to show the pre-requisite in the domains to be certified after passing exam...give yourself some time (if necessary instead of rushing into it)

The focus would be scenario assessment in question for professional to decide the best next step (for incident response, for compliance, for assessment/evaluation). Note that typically the elimination method works well just leaving the two best and it boils down to experience and applied knowledge (sometimes it is logic as long as we apply security by default and strike a balance btw operational and user needs)

Typically the CBK guide and sample question from ISC2 can help. But i must say that we cannot rely on just memorisation the concept which probably will be 20% or lesser. This is inclusive of those "easy kill" like what is meant by this abbreviation but do not expect too many of those.  The repeats that you may see would be scenario crafted differently (from past question) but the response and considerations are the same.  

Check out @ http://certcities.com/editorial/tips/story.asp?EditorialsID=29
0
 
LVL 64

Expert Comment

by:btan
ID: 34994526
Also I understand that each new exam for the CISSP consists of 250 questions, 225 of which are scored and 25 of which are new, “pilot” questions examined for their statistical effectiveness. This process regularly refreshes exams with productive, effective questions, while making those that have outlived their usefulness obsolete. It is keeping its exams in line with the latest developments in information security - hence keeping up to date on the news in IT Security arena can help.

Below are further information that you may interested to know how the qns are being reviewed and newly added ones :

There is internal committee which finalizes an exam blueprint that indicates the domains the content should be classified under, and how many items on the test are derived from each domain. Next, more than 300 CISSP certified exam writers (subject matter experts recruited to help with the test development process) write test questions to enhance the existing item bank.

These questions are pre-tested using  the same cohort of candidates who are to be certified in the respective credential. The questions that “pass” become part of the active item bank. The exam blueprint is then posted and publicized for six months on the (ISC)2 website and on various information security social media sites

In a year, maybe 80 percent of the questions change. There are still some overlapping questions if they are performing well.
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question