Practice for the CISSP Exam - PowerPoint PPT Presentation

1 / 13
About This Presentation
Title:

Practice for the CISSP Exam

Description:

Practice for the CISSP Exam. Steve Santy, MBA, CISSP. IT Security Project Manager ... Try to average at least 80% in all domains when studying / practicing ... – PowerPoint PPT presentation

Number of Views:424
Avg rating:3.0/5.0
Slides: 14
Provided by: ssa86
Category:
Tags: cissp | about | all | exam | practice | steve

less

Transcript and Presenter's Notes

Title: Practice for the CISSP Exam


1
Practice for the CISSP Exam
  • Steve Santy, MBA, CISSP
  • IT Security Project Manager
  • IT Networks and Security

2
Overview
  • Exam Overview
  • A Few Words Regarding Preparation and Strategy
  • Practice Questions
  • Answers to Practice Questions

3
Exam Overview
  • Covers the Ten CBK Domains
  • Information Security and Risk Management
  • Access Control
  • Cryptography
  • Physical (Environmental) Security
  • Security Architecture and Design
  • Business Continuity and Disaster Recovery
    Planning
  • Telecommunications and Network Security

4
Exam Overview (continued)
  • Covers the Ten CBK Domains (continued)
  • Application Security
  • Operations Security
  • Legal, Regulations, Compliance and Investigations
  • 250 Multiple Choice Questions
  • Must earn a scaled score of 70 or greater
  • 6 Hours to Complete (including snack and comfort
    breaks)

5
Preparation and Strategy
  • Verify your Eligibility to Become a CISSP
  • (ISC)2 web site, especially CISSP Candidate
    Information Booklet
  • Choose a Study Guide
  • E.g. (ISC)2 Guide to CISSP CBK
  • Shon Harris CISSP All-in-One Exam Guide, 4th
    Edition

6
Prep and Strat (continued)
  • Each Book Above Includes a CD-ROM Test Engine
  • Answer as many as you can
  • 80 average
  • Group Study Recommended
  • Intensive Boot Camps
  • Both official and unofficial available
  • Lots of
  • Designed for people who have already studied the
    material thoroughly!

7
Prep and Strat (continued)
  • Exam Grading
  • You must only get an average (scaled score) of
    70 on the entire exam, not a 70 on each CBK
    domain within the exam. i.e. Your strong areas
    may very well compensate for one weak area
  • Try to average at least 80 in all domains when
    studying / practicing
  • You must pick the best answer according to
    (ISC)2 they grade the exam!

8
Practice Questions
  • Consideration for which type of risk assessment
    to perform includes all of the following except
  • Culture of the organization
  • Budget
  • Capabilities of resources
  • Likelihood of exposure

9
Practice Questions (continued)
  • What are the three types of access control?
  • Administrative, physical, and technical
  • Identification, authentication, and authorization
  • Mandatory, discretionary, and least privilege
  • Access, management, and monitoring

10
Practice Questions (continued)
  • The two methods of encrypting data are
  • Substitution and transposition
  • Block and stream
  • Symmetric and asymmetric
  • DES and AES

11
Practice Questions (continued)
  • Which of the following is a principal security
    risk of wireless LANs?
  • Lack of physical access control
  • Demonstrably insecure standards
  • Implementation weaknesses
  • War driving

12
Practice Questions (continued)
  • Computer forensics is really the marriage of
    computer science, information technology, and
    engineering with
  • Law
  • Information systems
  • Analytical thought
  • The scientific method

13
References
  • http//www.isc2.org/
  • Official Guide to the CISSP CBK, Auerbach Press
Write a Comment
User Comments (0)
About PowerShow.com