cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II

Practice Questions

Right.

 

For (and from) all the newbies out there who want help for studying, there have been numerous questions about, well, questions.  As in, "what's the best set of practice questions to use while studying for the exam?"

 

The answer is, none of them.

 

I have looked at an awful lot of practice question sets, and they are uniformly awful.  Most try to be "hard" by bringing in trivia: that is not representative of the exam.  Most concentrate on a bunch of facts: that is not representative of the exam.

 

So, from my own stash, collected and developed over the decades, I'm going to give you some samples that do represent the types of questions that you will probably see on the exam.  Note that none of these questions will appear on the exam.  You can't pass the CISSP exam by memorizing a brain dump.  These will just give you a feel.

 

For each question I'll give the answer, what type of question this represents, and possibly ways to approach this type of question.

 

I'll be doing this over time, "replying" to this post to add questions.  Others are free to add sample questions if they wish, but be ready to be (possibly severely) critiqued.


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
329 Replies
rslade
Influencer II

> Startzc (Newcomer II) posted a new reply in Exams on 01-05-2021 01:45 PM in the

> "Responsible" always makes me look for the top of the food chain, D.
> in this case.   However, I also think of it in the way that senior managers are
> the ones approving control costs or policies, but not necessarily actually
> verifying that those controls are in place.

Good thinking. Again, this question is poorly contructed/worded. On the real
exam you would probably see a proviso of "ultimately," or "directly," or
"primarily" that would allow you to make a distinction.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
Belief is no substitute for arithmetic. - Henry Spencer.
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
rslade
Influencer II

> kamalamalhotra (Viewer II) posted a new reply in Exams on 01-05-2021 09:45 PM in

> the question does not carry ultimate keyword.

Ultimate Keyword sounds like it would be a great name for a supervillian who
could break into any IT system ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
What is originality? Undetected plagiarism. - Dean William R. Inge
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
rslade
Influencer II

> Startzc (Newcomer II) posted a new reply in Exams on 01-05-2021 10:54 PM in the

> This one is straight out of a Shon Harris book.

As I have pointed out before, I refuse to answer any question that starts out "Shon
Harris says ..."

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
Television - a medium. So called because it is neither rare nor
well-done. - Ernie Kovacs
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Startzc
Newcomer III

I know, that's the only reason I mentioned it. Thanks though.

rslade
Influencer II

> kamalamalhotra (Newcomer I) posted a new reply in Exams on 01-06-2021 07:02 AM

>   I am planning to take membership of CCCure (CISSP test engine). can
> you please help me if I am taking the right decision.

Twenty years ago, CCCure was a really important resource. then it kind of
bacame a victim of its own success. A lot of the people who had benefitted from
it "helped out" by submitting all kinds of test questions--most of them really,
really bad. This contanimated what had been a really great test bank.

If you can register for free (I haven't looked at it in a while) then it *might* be
worth your time.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
A man's riches may ransom his life, but a poor man hears no
threat. - Proverbs 13:8
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
kamalamalhotra
Newcomer III

the word ultimate sounds out to be a brute force attack right to my head.

kamalamalhotra
Newcomer III

In CCCure, you got to pay less than $70 for a month a subscription. however, thanks for the heads up and I will continue to look up this thread for your questions.

Startzc
Newcomer III

What type of access control system is deployed to physically deter unwanted or unauthorized activity and access?
A. Preventive access control
B. Deterrent access control
C. Directive access control
D. Compensation access control

 

Answer: A

 

B-Because Deterrent is not a category, it would fall under the definition of Preventative Controls

C & D-I think it's obvious enough that these are not correct

kamalamalhotra
Newcomer III

there is an access control called a deterrent. The deterrent is just like your traffic signal, it can tell you to stop, however, cant prevent you from not stopping. preventive is a variant of deterrent however it takes an action, just like a cop who stops you if you cut the red signal. the question is very clear, physically stop that is preventive. 

kamalamalhotra
Newcomer III

All the best for your exams. if I am right, you have your exams scheduled this Tuesday. I am sure you will crack it.