1 / 13

Practice for the CISSP Exam

Practice for the CISSP Exam. Steve Santy, MBA, CISSP IT Security Project Manager IT Networks and Security. Overview. Exam Overview A Few Words Regarding Preparation and Strategy Practice Questions Answers to Practice Questions. Exam Overview. Covers the Ten CBK Domains:

morrison
Télécharger la présentation

Practice for the CISSP Exam

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Practice for the CISSP Exam • Steve Santy, MBA, CISSP • IT Security Project Manager • IT Networks and Security

  2. Overview • Exam Overview • A Few Words Regarding Preparation and Strategy • Practice Questions • Answers to Practice Questions

  3. Exam Overview • Covers the Ten CBK Domains: • Information Security and Risk Management • Access Control • Cryptography • Physical (Environmental) Security • Security Architecture and Design • Business Continuity and Disaster Recovery Planning • Telecommunications and Network Security

  4. Exam Overview (continued) • Covers the Ten CBK Domains (continued): • Application Security • Operations Security • Legal, Regulations, Compliance and Investigations • 250 Multiple Choice Questions • Must earn a scaled score of 70% or greater • 6 Hours to Complete (including snack and comfort breaks)

  5. Preparation and Strategy • Verify your Eligibility to Become a CISSP • (ISC)2 web site, especially CISSP Candidate Information Booklet • Choose a Study Guide • E.g. (ISC)2 Guide to CISSP CBK • Shon Harris CISSP All-in-One Exam Guide, 4th Edition

  6. Prep and Strat (continued) • Each Book Above Includes a CD-ROM Test Engine • Answer as many as you can • 80% average • Group Study Recommended • Intensive “Boot Camps” • Both official and unofficial available • Lots of $$ • Designed for people who have already studied the material thoroughly!

  7. Prep and Strat (continued) • Exam Grading • You must only get an average (scaled score) of 70% on the entire exam, not a 70% on each CBK domain within the exam. i.e. Your strong areas may very well compensate for one weak area • Try to average at least 80% in all domains when studying / practicing • You must pick the best answer according to (ISC)2; they grade the exam!

  8. Practice Questions • Consideration for which type of risk assessment to perform includes all of the following except: • Culture of the organization • Budget • Capabilities of resources • Likelihood of exposure

  9. Practice Questions (continued) • What are the three types of access control? • Administrative, physical, and technical • Identification, authentication, and authorization • Mandatory, discretionary, and least privilege • Access, management, and monitoring

  10. Practice Questions (continued) • The two methods of encrypting data are: • Substitution and transposition • Block and stream • Symmetric and asymmetric • DES and AES

  11. Practice Questions (continued) • Which of the following is a principal security risk of wireless LANs? • Lack of physical access control • Demonstrably insecure standards • Implementation weaknesses • War driving

  12. Practice Questions (continued) • Computer forensics is really the marriage of computer science, information technology, and engineering with: • Law • Information systems • Analytical thought • The scientific method

  13. References • http://www.isc2.org/ • Official Guide to the CISSP CBK, Auerbach Press

More Related