10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

CISSP CERTIFICATION EXAMIATION

Certified Information Systems Security Professional (CISSP) is an information security
certification developed by the International Information Systems Security Certification
Consortium, also known as (ISC)². The CISSP designation is a globally recognized, vendor-
neutral standard attesting to an IT security professional's technical skills and hands-on
experience implementing and managing a security program.

CISSP certification is highly sought after by IT professionals. Hiring organizations often look
for candidates who have passed the CISSP exam because candidates with the CISSP
credential must be sufficiently knowledgeable about cybersecurity to be able to pass the
certification exam, and have hands-on experience and, potentially, formal CISSP training.
How to become CISSP-certified

Becoming CISSP-certified requires more than passing the Certified Information Systems
Security Professional certification exam. Candidates are required to have a minimum of five
years of full-time, hands-on experience in at least two of the eight CISSP domains.

(ISC)² advises the following four-step pathway to certification:

1. Ensure CISSP is right for you.

2. Register and prepare for the exam.
3. Get certified.
4. Become an (ISC)2

1. First Name

2. Last Name

3. Examination Number

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 1/13
10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

4. Country of Residence

5. Network Speed

6. Retype the characters from the pictures to show you are not a ROBOT

7. kindly Synchronize PC and upload your IP V4

Files submitted:

8. DO NOT USE AI OR CHART GPT FOR THIS EXAMINATION. THIS EXAM IS

MONITORED BY META

Check all that apply.

I don't mind using AI, i have a strong firewall that can Bypass META
I will write the examination on my own
I paid a sum of $300 for the answers through the darkweb

9. WHAT IS CYBER SECURITY?

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 2/13
10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

10. What is asset classification, and why is it important in information security

management?

11. Explain the difference between qualitative and quantitative risk analysis. Provide
examples.

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 3/13
10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

12. Every organization's assets are the combinations of a variety of different systems.
These systems have a strong cybersecurity posture that requires coordinated
efforts across all of its systems. Therefore, we can categorize cybersecurity in the
following sub-domains:  Network Security: It involves implementing the hardware
and software to secure a computer network from unauthorized access, intruders,
attacks, disruption, and misuse. This security helps an organization to protect its
assets against external and internal threats.
Application Security: It involves protecting the software and devices from
unwanted threats. This protection can be done by constantly updating the apps to
ensure they are secure from attacks. Successful security begins in the design
stage, writing source code, validation, threat modeling, etc., before a program or
device is deployed.
Information or Data Security: It involves implementing a strong data storage
mechanism to maintain the integrity and privacy of data, both in storage and in
transit.
Identity management: It deals with the procedure for determining the level of
access that each individual has within an organization.
Operational Security: It involves processing and making decisions on handling and
securing data assets.  Mobile Security: It involves securing the organizational and
personal data stored on mobile devices such as cell phones, computers, tablets,
and other similar devices against various malicious threats. These threats are
unauthorized access, device loss or theft, malware, etc. Cloud Security: It involves
in protecting the information stored in the digital environment or cloud
architectures for the organization. It uses various cloud service providers such as
AWS, Azure, Google, etc., to ensure security against multiple threats.
Disaster Recovery and Business Continuity Planning: It deals with the processes,
monitoring, alerts, and plans to how an organization responds when any malicious
activity is causing the loss of operations or data. Its policies dictate resuming the
lost operations after any disaster happens to the same operating capacity as
before the event.
User Education: End-user education is building awareness among employees by
equipping them with the necessary tools and skills required to protect themselves
and the company data from loss or attack.

Question: Outline 3 types of Cyber Security practice that are widely use in your
province and state the reasons.

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 4/13
10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

13. Explain the CIA triad in cybersecurity. How does it ensure data security?

14. Describe the difference between cybersecurity and information security.

15. What is phishing, and how can it be prevented?

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 5/13
10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

16. Explain the concept of Malware and SQL injection

17. Describe the purpose of an Intrusion Detection System (IDS).

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 6/13
10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

18. How does the principle of least privilege reduce risk in an organization’s security
posture?
Describe Business Continuity Planning (BCP) and how it differs from Disaster
Recovery Planning (DRP).
What is a security policy, and how does it support an organization's overall security
framework?

19. What are the goals of enterprise architecture?

20. Explain the purpose and types of virtual private networks (VPNs).

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 7/13
10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

21. Explain the diagram below

22. What is penetration testing, and how is it conducted?

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 8/13
10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

23. What is the role of HTTPS in protecting data on websites?

24. How does the Health Insurance Portability and Accountability Act (HIPAA) impact
cybersecurity in healthcare?

25. What is the purpose of ISO/IEC 27001 in cybersecurity?

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 9/13
10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

26. Define the following terms used in Cyber Security:

a. Phishing
b. Firewall
c. Encryption
d. Virus
e. Worms
f. Denial-of-Service (DoS) attack
g. DMZ in network security?

27. What is the role of an ethical hacker in cybersecurity?

28. Describe the responsibilities of a Chief Information Security Officer (CISO).

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 10/13
10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

29. How does a security analyst differ from a security engineer?

30. What are some key components of the General Data Protection Regulation
(GDPR)?

31. Explain the four types of Information system.

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 11/13
10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

32. Give a detail explanation on how to build a Cyber Incident response plan according
to your country's security protocols

33. Write a short Bio about you and highlight some of your achievement

This content is neither created nor endorsed by Google.

Forms

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 12/13
10/28/24, 11:41 PM CISSP CERTIFICATION EXAMIATION

https://docs.google.com/forms/d/1wfvX6NtAkR2ZN8yrGhP9u2GxdINvgN26FxJHx7y_yw8/edit 13/13