CISSP Simulator

50 free CISSP Exam Questions for 2014

  • Designed, and updated, only by CISSP Exam Members, the CISSPTutor CISSP exam simulator tool will challenge and boost your IT Security knowledge across all 10 CISSP Security Domains + 1 bonus domain.

  • CISSPTutor helps you pass your CISSP exam by giving you over 850 current CISSP exam practice questions.  We show you the secrets and knowledge you need for the Certified Information Systems Security Professional (CISSP) exam.
  • Use CISSPTutor to print out complex CISSP exam questions using our free CISSP Statistics Module. CISSPTutor provides all answers, explanations, and references to questions
  • Only a program designed by CISSP's can give you this type of 1st hand experience and "know how" don't risk other imitations.
  • We give you the added bonus of being able to practice obscure and misleading questions, just like in the real exam!
  • We give a no questions asked money back guarantee* that you will love CISSPTutor or your money back. See below to find out more... you have nothing to loose because the risk is on us.
             * See satisfaction guarantee for more details
Download Trial             Buy Now

Free bonus

Free Bonus Performance and Statistics Module
(valued at $19.97)

One of your biggest problems when preparing for the exam will be how to assess your weaknesses, thus the Performance and Statistics Module has been designed to show you where you need to concentrate your study efforts. The advantage of this is that it strengthens your weak areas and solidifies your strong areas. This is done through deep analysis of your patterns when using CISSP Tutor; results are exemplified through easy to understand reports and graphs of performance across the 10 Domains.

Free bonus

Free Cheat Sheet Customiser
(valued at $17.77)

It is so great to use knowledge based software to prepare for the CISSP exam. However, not everyone can take their laptop or PC with them. The Cheat Sheet Customiser is a tool that comes with CISSP Tutor that lets you extract the CISSP exam questions from the database engine and take them with you in report format. This is a great tool to compile reports using the questions you have trouble, or want to practice. There are lots of template formats, this is a great way to maximise your study time and sit the exam in a shorter preparation period.

Free bonus

Free Study Guide Tips On How To Pass
Your Exam!
(valued at $77.79)

This is a Free compiled document that we have put together outlining our method for passing the exam. It has tips that we have gathered from our experience and other CISSPs. This guide also has a breakdown of must know items for the CISSP exam, although the exam is said to be "an inch deep and mile wide", we believe there are some items that are a must to know, from a CISSP perspective and professional IT perspective. We give them all to you Free when your purchase CISSPTutor.


Download Trial             Buy Now

      Our method for passing the CISSP Exam and gain certification
      ARO and ALE
      CISSP Access Control (AC) Attacks and Countermeasures
      AC Matrix
      CISSP Methodologies and Implementation
      AC Lists
      Active and Passive Attacks
      CISSP Physical Security Controls
      Advanced Encryption Security Standards and Technologies
      Application and System Attacks
      Protocol Stack Security
      CISSP based Application Security
      Audit Trails
      Disaster Recovery exam questions
      Bell-Lapadula AC
      Biba AC
      Biometrics based on CISSP Common Criteria
      Brute Force
      Buffer Overflows
      Clark-Wilson Model
      C.I.A as per ISC2 guidelines
      Certification Authority
      CISSP based Control / Management
      Clipping Level questions
      Common Criteria questions
      Security Models based on CISSP Common Criteria
      Computer Laws
      Covert Channels security
      Cryptographic Attacks and Countermeasures
      DBM Security
      DMZ’s as per CISSP exam guide
      Dictionary Attacks
      Elliptic Curve Cryptosystems
      CISSP based Employment Policies and Practices
      Evidence Collection based on CISSP Common Citeria
      CISSP based Firewall Implementation
      Firewall Rules
      CISSP based Hiring and Terminating Practices
      HB Intrusions
      Hybrid Cryptography
      Input and Parameter Checking
      Intellectual Property
      Internet and Intranets based on CISSP Common Criteria
      KERBEROS Security
      Key Escrow and Key Recovery
      Law Transmission Methods
      Lattice Based AC
      Message Digest and Hash Functions
      Mobile and Wireless Technology
      Motion Detector Sensors, and Alarms
      Network Monitors and Packet Sniffers
      Network Based Intrusion
      Non-Discretionary Access Control
      One-Time Pads
      Penetration Testing based on CISSP Common Criteria
      CISSP based Prevention, Detection, and Suppression
      Public Asymmetric Keys
      Recovery Strategy
      Reference Monitors and Security Kernels
      Secure RPC
      Replay Attacks
      CISSP based Risk Assessment
      CISSP Risk management
      Role based Access
      Rule based Access
      SHTTP and SSL
      Security Access
      Security Domains based on CISSP Common Criteria
      Security Controls
      Security Models based on CISSP Common Criteria
      Smart Cards
      Software Development
      Spoofing Attacks
      Telephone Fraud
      Threats and Vulnerabilities
      Traps and Trojans
      Trusted Systems

What is the CISSP?
To be a CISSP you must do three things:
• Have and be able to prove five years of direct experience in two or more of the 10 domains of the information systems security Common Body of Knowledge
• Subscribe to the ISC2 Code of Ethics.
Pass a 250 question examination based on the 10 domains

It consists of ten bodies of common knowledge:
1. Access control systems and methodology
2. Application and systems development security
3. Business continuity planning & disaster recovery planning
4. Cryptography
5. Law, investigation, and ethics
6. Operations security
7. Physical security
8. Security architecture and models
9. Security management practices
10. Telecommunications and networking security

On the Day:

Rule number 1, start with at least eight hours of sleep; it’s a good idea to formulate your strategy on how you’re going to answer the questions and how you will prepare yourself mentally.  My decision was to complete all the easy questions first and highlight questions I considered to be a challenge, as:

-          confusing

-          medium

-          no idea

The idea was that I would come back to them once I had gone through the whole exam.  This way you’re always moving forward and not getting stuck on questions.


I had 5 hours to complete the exam this gave me a little over an hour to work through allotments of 50 questions (that equates to approximately 1 minute and 12 seconds per question).  Keep in mind some questions are so vague and confusing that you may sit there for 4 or 5 minutes just trying to understand what’s going on.  The way I mitigated this was that if I had no solid idea within the first 10 seconds I graded the question so I could come back to it again.

Arrive at the exam location at least 20 minutes before you need to go into the room.  Don’t talk to other candidates as most of them will only confuse you with their wrong answers their to practice questions, or you may get psyched out if you meet someone who knows more than you, especially if they don’t seem confident of passing the exam.

The exam will be heavily supervised and the officials are very strict, so don’t even think of cheating.  Further, you will be told that any hint of cheating will have you removed from the room and your exam papers destroyed. Your not permitted to take any papers out with you after the exam and you’re only allowed 3 or 4 toilet stops.

The exam is paper-based featuring a numbered booklet and a computer test sheet both of which are provided. I was advised to bring some number 2 grade (2B or HB) pencils to mark answers. My seat for the exam was assigned and I was asked to record exam booklet numbers on the answer sheet. We were told that different versions of the exam exist, and the pool of questions is said to be 1200. The questions in the pool change each year.  This keeps the exam current and incidentally prevents knowledge of questions from leaking out.

Since the exam is not given on a computer, no result was available when I finished. The Web site currently advertises an 18 day turnaround, but some CISSPs tell me it can take longer.  By the way, if you pass you'll never know your score, if you fail, you'll get a score and pointers to the areas you had trouble with.

You will hear many people say that the exam was very easy for them.  I am not one of them, so treat this exam light hearted at your own peril.  My exam was challenging because if you thought about the questions thoroughly there could have been any number of possibilities to the answers.

It’s up to you to eliminate the less correct answers.  As a guide this is how I studied for the exam, I studied 4 nights a week for a minimum of 3 hours a night for 4 months, and I passed on my first attempt.

Remember the exam is a mile wide and an inch deep so you need to get a good understanding equally across all ten domains.  I would suggest learning everything in this study guide and using the CISSP Tutor tool to see where your weaknesses are.  Then go and purchase the relevant materials to strengthen your knowledge in that area.  Also, all the questions you will find are always loosely related to the real questions, this is because the pool of 1200 ISC2 questions are changed every year.  So the most important thing is to get advice from a current CISSP like myself and use all the tools, study guides, and questions at your disposal to make you a finely tuned analyzing CISSP machine.

Best of luck.

QNA-Group CISSP Team.