Welcome to the CISSP Exam Cram 2! The aim of this chapter is to help you become prepared for the CISSP exam and understand what to expect when you enter the testing area. For most people, exam taking is not something that they eagerly anticipate. The best way to reduce this anxiety is to be fully prepared before you attempt to pass the exam. Taking those extra steps will help you feel more relaxed and confident when you enter the testing area.

Before beginning your studies, take a few minutes to make sure you fully understand the CISSP exam process. This is something that you don't want to wait until the day of the test to figure out. Reviewing these details now will help you concentrate on the exam so that you aren't worried about how much time you have to answer each question. Finally, mastering a few basic exam-taking skills should help you recognize—and perhaps even overcome—some of the tricks or unusual verbiage you're bound to find on the exam.

In addition to reviewing the exam environment, this chapter describes some proven exam-taking strategies that you can use to your advantage.

Before you rush out and sign up for the CISSP exam, check out the ISC2.org website and review the CISSP Certification requirements. To be eligible to become a CISSP, you must qualify for and meet two separate requirements:

When you are confident that you meet these requirements, you can continue with your studies. To be fully prepared for the exam, I recommend that you read the entire text, review the practice questions, and review the additional resources identified in each chapter. After you read the book and test yourself with the questions and practice exams, you will have a good idea of whether you are ready to take the real exam.

Be aware that the CISSP exam is difficult and challenging; therefore, this book shouldn't be your only vehicle for CISSP study. Because of the breadth and depth of knowledge needed to successfully pass the CISSP exam, be sure to use plenty of study materials and use this book to help you gauge your strengths and weaknesses. The ISC² website is a good place to find additional study material, and so are the “Need to Know More?” sections at the end of the chapters in this book. The study guide pages on the ISC² website include 70 publications that are helpful when preparing for the exam.

When you arrive at the location of the exam, you need to sign in. You will be asked to show your exam confirmation and photo identification. You cannot take the exam without a photo ID and your exam confirmation number. After you've signed in, find a seat, get comfortable, and wait for the exam to begin.

The exam is completely closed book. In fact, you will not be permitted to take any study materials into the testing area; you will be given scratch paper to use that must be returned at the completion of the exam. The exam room usually contains a number of tables where the candidates will sit. Because the test has a 6-hour time limit, ISC² tries to make the candidates as comfortable as possible and allows you to bring bottled water and a snack. ISC² allows you to make comments regarding the training environment at the completion of the exam.

During the 6-hour time limit, you will need to complete 250 questions. This provides plenty of time to complete the exam and even provides some time to go back and review your answers. The exam moderator will also keep you informed of how much time you have left to complete the exam.

All questions on the exam are multiple choice, and the exam contains 250 questions. Twenty-five of the questions are for research purposes, so only 225 questions are actually scored for certification. Counting the number of good questions you have answered isn't an indicator of success because of the research questions and because the questions are weighted. Because you are not penalized for wrong questions, you should attempt all the questions, even if you need to guess the answer. The exam questions are developed by an ISC² committee and are always being updated and changed.

In the next section, you learn more about how CISSP test questions look and how they must be answered.

All exam questions require you to select a single answer from the given choices. The following multiple-choice question requires you to select a single, correct answer. Following the question is a brief summary of each potential answer and why it is either right or wrong. You will be tasked with selecting the most correct answer. In some cases, more than one answer might appear correct; you must determine which one is most correct.

Answer: B. Locks are the most commonly used device to control physical access. Locks have been used since the time of the Egyptians. Answer A is incorrect because chains are not the most commonly used devices for physical access control. Answer C is incorrect because alarms don't prevent access; they only inform you that possible unauthorized access has occurred. Answer D is incorrect because a firewall is used to control logical access.

A well-known principle when taking fixed-length exams is to first read the entire exam from start to finish while answering only those questions you feel absolutely sure of. On subsequent passes, you can dive into more complex questions more deeply, knowing how many questions you have left.

Unlike most other exams, this exam is paper based. Each candidate is issued a test booklet and answer sheet before the exam begins. Exam candidates are allowed to write on the exam booklet. You should circle keywords such as not, maybe, could, and should. Draw an arrow to the right when the question states “from greatest to smallest.” Draw an arrow to the left when the question mentions “smallest to greatest.” These strategies can help you successfully master the exam.

As you read each question, if you answer only those you're sure of and mark for review those that you're not sure of, you can keep working through a decreasing list of questions as you answer the trickier ones in order.

Note

There's at least one potential benefit to reading the exam completely before answering the trickier questions: Sometimes information supplied in later questions sheds more light on earlier questions. At other times, information you read in later questions might jog your memory about earlier questions. Either way, you'll come out ahead if you defer those questions about which you're not absolutely sure.

Here are some question-handling strategies that apply to fixed-length and short-form tests. Use these tips whenever you can:

Note

When you have completed the exam, take a moment to go back through the questions to compare the answers you have entered on the answer sheet. Make sure you did not miss anything or transcribe something incorrectly.

Because of the way the CISSP exam is structured, there is only one correct answer for each question; many times one or two of the answers will be obviously incorrect and two of the answers will be plausible. Take the time to reread the question. Words such as sometimes, not, always, and best can make a big difference when choosing the correct answer. Unless the answer leaps out at you, begin the process of answering by eliminating those answers that are most obviously wrong.

Almost always, at least one answer out of the possible choices for a question can be eliminated immediately because it matches one of these conditions:

After you eliminate all answers that are obviously wrong, you can apply your retained knowledge to eliminate further answers. Look for items that sound correct but refer to actions, commands, or features that are not present or not available in the situation that the question describes.

If you're still faced with a blind guess among two or more potentially correct answers, reread the question. Try to picture how each of the possible remaining answers would alter the situation.

Only when you've exhausted your ability to eliminate answers but remain unclear about which of the remaining possibilities is correct should you guess at an answer. An unanswered question offers you no points, but guessing gives you at least some chance of getting a question right; just don't be too hasty when making a blind guess!

In the final analysis, knowledge breeds confidence and confidence breeds success. If you study the materials in this book carefully and review all the practice questions at the end of each chapter, you should become aware of those areas where additional learning and study are required.

After you've worked your way through the book, take the practice exams in the back of the book. Taking this test will provide a reality check and help you identify areas to study further. Make sure you follow up and review materials related to the questions you missed on the practice exam before taking the real exam. Only when you've covered that ground and feel comfortable with the whole scope of the practice exam should you set an exam appointment. It's advisable to score 80 percent or better before you attempt the real exam. Otherwise, obtain some additional practice tests and keep trying until you hit the magic number.

Armed with the information in this book and with the determination to augment your knowledge, you should be able to pass the certification exam. However, you need to work at it or you'll spend the exam fee more than once before you finally pass. If you prepare seriously, you should do well. We are confident that you can do it!

https://www.isc2.org/cgi-bin/content.cgi?category=539

www.cccure.org/—. The CISSP Open Study Guide