exam practice cissp
TRANSCRIPT
-
7/27/2019 Exam Practice CISSP
1/13
Practice for the CISSP Exam
Steve Santy, MBA, CISSPIT Security Project Manager
IT Networks and Security
-
7/27/2019 Exam Practice CISSP
2/13
2
Overview
Exam Overview
A Few Words Regarding Preparation andStrategy
Practice Questions
Answers to Practice Questions
-
7/27/2019 Exam Practice CISSP
3/13
3
Exam Overview
Covers the Ten CBK Domains:1) Information Security and Risk Management
2) Access Control
3) Cryptography
4) Physical (Environmental) Security
5) Security Architecture and Design
6) Business Continuity and Disaster Recovery Planning
7) Telecommunications and Network Security
-
7/27/2019 Exam Practice CISSP
4/13
4
Exam Overview (continued)
Covers the Ten CBK Domains (continued):8) Application Security
9) Operations Security
10) Legal, Regulations, Compliance and Investigations
250 Multiple Choice Questions
Must earn a scaledscore of 70% or greater
6 Hours to Complete (including snack andcomfort breaks)
-
7/27/2019 Exam Practice CISSP
5/13
5
Preparation and Strategy
Verify your Eligibility to Become a CISSP (ISC)2 web site, especially CISSP Candidate
Information Booklet
Choose a Study Guide E.g. (ISC)2 Guide to CISSP CBK
Shon Harris CISSP All-in-One Exam Guide, 4th Edition
-
7/27/2019 Exam Practice CISSP
6/13
6
Prep and Strat (continued)
Each Book Above Includes a CD-ROM Test Engine Answer as many as you can
80% average
Group Study Recommended
Intensive Boot Camps
Both official and unofficial available
Lots of $$ Designed for people who have already studied the
material thoroughly!
-
7/27/2019 Exam Practice CISSP
7/13
7
Prep and Strat (continued)
Exam Grading You must only get an average (scaled score) of
70% on the entire exam, not a 70% on each CBKdomain within the exam. i.e. Your strong areas may
very well compensate for one weak area
Try to average at least 80% in all domains whenstudying / practicing
You must pick the best answer according to (ISC)2
;they grade the exam!
-
7/27/2019 Exam Practice CISSP
8/13
8
Practice Questions
1. Consideration for which type of riskassessment to perform includes all of thefollowing except:
a. Culture of the organization
b. Budget
c. Capabilities of resources
d. Likelihood of exposure
-
7/27/2019 Exam Practice CISSP
9/13
9
Practice Questions
(continued)
2. What are the three types of access control?a. Administrative, physical, and technical
b. Identification, authentication, and authorization
c. Mandatory, discretionary, and least privileged. Access, management, and monitoring
-
7/27/2019 Exam Practice CISSP
10/13
10
Practice Questions
(continued)
3. The two methods of encrypting data are:a. Substitution and transposition
b. Block and stream
c. Symmetric and asymmetricd. DES and AES
-
7/27/2019 Exam Practice CISSP
11/13
11
Practice Questions
(continued)
4. Which of the following is a principalsecurity risk of wireless LANs?
a. Lack of physical access control
b. Demonstrably insecure standardsc. Implementation weaknesses
d. War driving
-
7/27/2019 Exam Practice CISSP
12/13
12
Practice Questions
(continued)
5. Computer forensics is really the marriageof computer science, informationtechnology, and engineering with:
a. Lawb. Information systems
c. Analytical thought
d. The scientific method
-
7/27/2019 Exam Practice CISSP
13/13
13
References
http://www.isc2.org/
Official Guide to the CISSP CBK,Auerbach Press
http://www.isc2.org/http://www.isc2.org/