Home page logo

basics logo Security Basics mailing list archives

Re: CISSP online training
From: Clement Dupuis <clement.dupuis () gmail com>
Date: Fri, 10 Feb 2012 17:03:55 -0500

Good day S,

It is also very important that you do not only take a lot of practice
quizzes but also that you take the time to understand the topics being
covered in the Common Body of Knowledge (CBK).

Below you have the recipe that I recommend to my students and anyone
who are using the quizzes at



I always stress that students should do as many quizzes as they can
before their exam.

Do our quizzes at the URL above, there are 1700 questions for the 10
domains of the CISSP and do the quizzes you have within your study
book as well.   Doing quizzes from different sources helps you get
used to different styles of question and the very unique style you
will get on the exam.

The quiz will give you a few key advantages.     It will allow you to
find your weakest domains which is what you MUST work on.
The quiz will also allow you to find your weakest subjects within each
of the domains, you must work on those as well.
Last but not least the quiz will allow you to remember key topics that
you might encounter on the exam.

While doing the quizzes,  there a few things you must do:

Do quizzes of at least 50 questions each to have better sampling
Use Pro Level and Closely Related questions, those are the closest to
the real exam.  It is the default setting.
Keep doing quizzes on the same domain until you score CONSISTENTLY around 80%
Once you reach 80% you move to the next domain.   You do this for all
of the domain.
While doing quizzes review and find out WHY you miss a question and
WHY the best choice is the best choice
You should go through the whole database of question at least once and
a few times would be better
Attempt to do a few quizzes of 250 questions on all 10 domains before
the real exam.  Just to see what it is like to do that much.
After you have done many quizzes you can choose the following options:
- Unattempted Questions only    This option will create a quiz with
questions you have never seen due to the quiz being randomly generated
- Questions that was answered wrong previously   This option allow you
to drill down on questions you have missed in the past
The quiz will remember your last setting,  to go back to the default
click on the button marked Reset Quiz Option/Settings


Many people have heard that some domains are more important than
others as far as the number of questions they will get on the real
exam.  This is true, There are some key domains that you must do well
to ensure a passing mark on the real exam.  For the past 12 years I
have been doing CISSP training and anytime someone would miss the exam
I have seen a fix pattern that emerged.   All of the people that
failed did badly on one or two of the five most important domains.
See my list of domains below,  the top domains (mark one to five
below) are the most important domains and the at the bottom of the
list you have the least important domains.

1 Telecommunication and Network Security
2 Access Control
3 Security Architecture
4 Information Security Governance and Risk Management
5 BCP and DRP
Software Development Security
Legal, Compliance, Investigation
Operation Security
Physical Security


By now you should have picked a date for your exam.  Based on your
exam date you can craft your study plan and see how many days you will
assign to each of the domains.  Of course the top five domains would
be given priority but the other domains are also important as well.
When you get a score of 697 on your exam, it means that any question
could have allowed you to pass.

Start doing quizzes like I said above one domain at the time.   You
start with the top five domains and then you get into the other five
domains.   As you get closer to your exam, for example a week or 8
days before your exam, you revisit the top five again.  You want the
most important domains to be fresh in your mind as you get to the

I wish you all the best

Take care


Clement Dupuis, CD
Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

An Insyte Company

Fax: +1 407 264 8396

Skype: clementdupuis

Email: clement () secureninja com

Web: www.secureninja.com

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

In Cyberspace:

Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
Maintainer of :
The CCCure Family of Portals

The Professional Security Testers Warehouse

Knowledge sharing and giving back to the community

  Call me to get the best CISSP, Security+, or other Security related training  <<

On Fri, Feb 10, 2012 at 14:51, s garcia <g.f.samuel () gmail com> wrote:


Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]