CISSP Practice Questions
So, I have been studying by butt off for the CISSP exam. I first used the Shon Harris all in one guide, and am blowing away the practice tests. As background, I've been in IT for over 12 years, and have a very broad array of experience. At least 60% of the information in the Harris book is "native" to me.
Then I got nervous about the test because everyone says it is so difficult, so I signed up for the quiz engine at cccure.org. Those questions are COMPLETELY different. They are much more technically complex, and hair-splitting. I feel like I'm heading backwards.
My question, to those who have taken and passed the exam is this: which questions are more representative of the type asked on the actual test?
Thanks for your assistance!
Then I got nervous about the test because everyone says it is so difficult, so I signed up for the quiz engine at cccure.org. Those questions are COMPLETELY different. They are much more technically complex, and hair-splitting. I feel like I'm heading backwards.
My question, to those who have taken and passed the exam is this: which questions are more representative of the type asked on the actual test?
Thanks for your assistance!
Who is Participating?
LVL 10
For my SSCP (which is similar to CISSP https://www.isc2.org/sscp/default.aspx) I used www.freepracticetests.org (I think its the same as cccure) to review my knowledge of the subject and I found it very similar to the exam.
CISSP certification is definitively not a technical certification. There wouldnt be too much technical question but also does not mean there is none. The intent for CISSP test cover more than 400 concepts of the 10 domains. The technicalities are just part and parcel for assessing candidates holistically but not the determining factor. Experience help if you have IT Security dealing ... nonetheless, you need to show the pre-requisite in the domains to be certified after passing exam...give yourself some time (if necessary instead of rushing into it)
The focus would be scenario assessment in question for professional to decide the best next step (for incident response, for compliance, for assessment/evaluation). Note that typically the elimination method works well just leaving the two best and it boils down to experience and applied knowledge (sometimes it is logic as long as we apply security by default and strike a balance btw operational and user needs)
Typically the CBK guide and sample question from ISC2 can help. But i must say that we cannot rely on just memorisation the concept which probably will be 20% or lesser. This is inclusive of those "easy kill" like what is meant by this abbreviation but do not expect too many of those. The repeats that you may see would be scenario crafted differently (from past question) but the response and considerations are the same.
Check out @ http://certcities.com/editorial/tips/story.asp?EditorialsID=29
The focus would be scenario assessment in question for professional to decide the best next step (for incident response, for compliance, for assessment/evaluation). Note that typically the elimination method works well just leaving the two best and it boils down to experience and applied knowledge (sometimes it is logic as long as we apply security by default and strike a balance btw operational and user needs)
Typically the CBK guide and sample question from ISC2 can help. But i must say that we cannot rely on just memorisation the concept which probably will be 20% or lesser. This is inclusive of those "easy kill" like what is meant by this abbreviation but do not expect too many of those. The repeats that you may see would be scenario crafted differently (from past question) but the response and considerations are the same.
Check out @ http://certcities.com/editorial/tips/story.asp?EditorialsID=29
Also I understand that each new exam for the CISSP consists of 250 questions, 225 of which are scored and 25 of which are new, “pilot” questions examined for their statistical effectiveness. This process regularly refreshes exams with productive, effective questions, while making those that have outlived their usefulness obsolete. It is keeping its exams in line with the latest developments in information security - hence keeping up to date on the news in IT Security arena can help.
Below are further information that you may interested to know how the qns are being reviewed and newly added ones :
There is internal committee which finalizes an exam blueprint that indicates the domains the content should be classified under, and how many items on the test are derived from each domain. Next, more than 300 CISSP certified exam writers (subject matter experts recruited to help with the test development process) write test questions to enhance the existing item bank.
These questions are pre-tested using the same cohort of candidates who are to be certified in the respective credential. The questions that “pass” become part of the active item bank. The exam blueprint is then posted and publicized for six months on the (ISC)2 website and on various information security social media sites
In a year, maybe 80 percent of the questions change. There are still some overlapping questions if they are performing well.
Below are further information that you may interested to know how the qns are being reviewed and newly added ones :
There is internal committee which finalizes an exam blueprint that indicates the domains the content should be classified under, and how many items on the test are derived from each domain. Next, more than 300 CISSP certified exam writers (subject matter experts recruited to help with the test development process) write test questions to enhance the existing item bank.
These questions are pre-tested using the same cohort of candidates who are to be certified in the respective credential. The questions that “pass” become part of the active item bank. The exam blueprint is then posted and publicized for six months on the (ISC)2 website and on various information security social media sites
In a year, maybe 80 percent of the questions change. There are still some overlapping questions if they are performing well.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
-
Course of the Month4 days, 22 hours left to enrollMonitoring and Operating a Private Cloud with System Center 2012 R2 273 lessons
