Free CISSP Review Material, Practice Exams

I just found some more FREE CISSP review material and practice exams. One exam is 100 questions, the other 250.

I added the new links to my Teach Yourself Security post, in which I recommend several CISSP resources  — see halfway down the page, in red: New Links added 11/24/14

For all my posts about CISSP, search that term in my search box in the upper right.



Filed under Certification, Free, Free Download, Security

6 responses to “Free CISSP Review Material, Practice Exams

  1. L

    yay! thank you for the freebies. while I do have the green book, these questionnaires will definitely help a lot in my review.


    • L,
      Always happy to help. I hated the ISC2 green book, but when I took the exam, I found that book covered some material that others left out, so I think to skip it is a mistake. If you can only use 1 book, use the green one. I always recommend Shon Harris’ book for CISSP and CISA. I used her CISA book, but her CISSP book wasn’t out when I took the exam.

      Not sure if everyone knows, but Shon passed away due to illness in October. Sad.

      The green ISC book is to CISSP what the Gliem book is to CIA….boring. For CIA, I recommend skipping Gliem and using Hock’s material at


  2. Great! The practice exams are key to passing the exam.


    • Michelle,.
      In a sense I agree, and in another I do not. Knowing the material is the key to passing the exam. The practice exams show you where you are weak and need to study further.

      The end goal needs to be understanding and applying what you’ve learned, not just getting the cert. The CISSP is a tough exam, unlike the CISA. Practice examing your way to the CISSP is a risky proposition.

      When I took the exam, 50% of those taking it failed.


  3. L

    any thoughts on the recent sony hacking?


    • Hi L,
      Nothing anyone hasn’t said. Briefly, it looks like they had inside help, and this type of hack will only escalate. High-profile companies like this with a lot to lose need to segregate their networks to mitigate this wide-spread data scoop. Most companies don’t do it. Helps with PCI too.

      What do you think?

      P.S. FYI, I’d rather this type of question that is unrelated to the post above should be posted in ‘Ask a Question’ (see link at upper right corner). Having said that, I’d rather readers post a question where it’s convenient for them rather than not post it at all. :)


Leave a Comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.