Читаем CISSP Practice полностью

Dean Bushmiller, of Austin, Texas, for grouping the author’s questions and making them into scenario-based questions and answers. Dean teaches the CISSP Exam and CISM Exam review classes to prepare for the exams.

Carol A. Long, executive acquisitions editor at Wiley Publishing, Inc., for publishing this book.

Ronald Krutz (technical editor), Apostrophe Editing Services (copy editor) and all the people at Wiley who made this book possible.

Credits

Executive Editor

Carol Long

Project Editor

Maureen Spears

Technical Editor

Ronald Krutz

Senior Production Editor

Debra Banninger

Copy Editor

Apostrophe Editing Services

Editorial Manager

Mary Beth Wakefield

Freelancer Editorial Manager

Rosemarie Graham

Marketing Manager

Ashley Zurcher

Production Manager

Tim Tate

Vice President and Executive Group Publisher

Richard Swadley

Vice President and Executive Publisher

Neil Edde

Associate Publisher

Jim Minatel

Project Coordinator, Cover

Katie Crocker

Compositor

JoAnn Kolonick, Happenstance Type-O-Rama

Proofreader

Kristy Eldredge,

Word One

Indexer

Robert Swanson

Cover Image

© Peter Nguyen / iStockPhoto

Cover Designer

Ryan Sneed

Preface

The purpose of CISSP Practice: 2,250 Questions, Answers, and Explanations for Passing the Test is to help the Certified Information Systems Security Professional (CISSP) examination candidates prepare for the exam by studying and practicing the sample test questions with the goal to succeed on the exam.

A total of 2,250 traditional multiple-choice (M/C) questions, answers, and explanations are presented in this book. In addition, a total of 82 scenario-based M/C questions, answers, and explanations are taken from the traditional 2,250 questions and grouped into the scenario-based format to give a flavor to the scenario questions. Traditional questions contain one stem followed by one question set with four choices of a., b., c., and d., and scenario questions contain one stem followed by several question sets with four choices of a., b., c., and d. The scenario-based questions can focus on more than one domain to test the comprehensive application of the subject matter in an integrated manner whereas the traditional questions focus on a single domain.

These 2,250 sample test practice questions are not duplicate questions and are not taken from the ISC2 or from anywhere else. The author developed these unique M/C questions for each domain based on the current CISSP Exam content specifications (see the “Description of the CISSP Examination” later in this preface). Each unique and insightful question focuses on a specific and necessary depth and breadth of the subject matter covered in the CISSP Exam.

The author sincerely believes that the more questions you practice, the better prepared you are to take the CISSP Exam with greater confidence because the real exam includes 250 questions. The total number of 2,250 questions represents nine times the number of questions tested on the exam, thus providing a great value to the CISSP Exam candidate. This value is in the form of increasing the chances to pass the CISSP Exam.

Because ISC2 did not publish the percentage-weights for ten domains, the author has assigned the following percentage-weights for each domain (for example, Domain 1 = 15%) based on what he thinks is important to the CISSP Exam candidate. These assigned weights are based on the author’s assumption that all the ten domains cannot receive equal weight in the exam due to the differences in relative importance of these domains. These weights are assigned as a systematic way to distribute the 2,250 questions among the ten domains, as follows:

Domain 1: Access Control (15%)

Domain 2: Telecommunications and Network Security (15%)

Domain 3: Information Security Governance and Risk Management (10%)

Domain 4: Software Development Security (10%)

Domain 5: Cryptography (10%)

Domain 6: Security Architecture and Design (10%)

Domain 7: Security Operations (10%)

Domain 8: Business Continuity and Disaster Recovery Planning (5%)

Domain 9: Legal, Regulations, Investigations, and Compliance (10%)

Domain 10: Physical and Environmental Security (5%)

The following table presents the number of traditional questions and scenario questions for each of the ten domains. Domain Traditional Questions Scenario Questions 1 338 (2,250 x 15%) 9 2 338 7 3 225 9 4 225 11 5 225 7 6 225 12 7 225 8 8 112 7 9 225 5 10 112 7 Totals 2,250 82