"Can anyone suggest where I can get some CISSP practice questions?"
That's the most common question after "Where Do I Start Studying for the CISSP?"
Below is a list of some quick sources of CISSP practice questions.
I haven't really taken all of the below test engines to provide a thorough review, but the ones I do highlight are the ones I can actually vouch for in terms of quality and reliability.
The below will be updated to reflect the new 2021 CISSP exam as I learn more, but I have not seen anything yet. So here is a list of where to get practice CISSP questions.
McGraw-Hill
My #1 recommended practice questions:
These are the practice questions, in my opinion, which are closest to the exam in terms of solidifying concepts - I model my own CISSP practice questions after them.
Sybex
The Sybex practice questions are a classic and about 95% of those studying for the CISSP have taken them.
CCCure
I took Clement's practice questions when I was studying for my own exam. Good amount of questions with explanations and citations. These will be updated to match the new topics soon.
Boson
I heard this test engine provides plenty of questions along with some explanations.
CISSP Exam Cram
These are pretty good, I had the book while studying. There are a ton of practice questions and they come with explanations as well.
You can get a copy online through Safari Books and they even have a free sample of questions - a good amount too!
Thor's Practice Questions
I know Thor and he's not only a professional but a good guy who works hard for his CISSP students. We are players of the same game in "advancing and protecting the profession" as much as possible.
This is the link to his CISSP resources:
Mohamed Atef's CISSP Courses and Practice Questions
Mohamed Atef was one of the key players in my success in passing the exam. His course reflects the current CISSP CBK and is continuously being updated with new videos.
They also come with a collection of practice questions. Find them here:
Study Notes and Theory
These are my own questions created with hours of sweat, blood, and tears. Each question can take up to 2-3 hours of research drawing from my 5 years as a network security engineer in a high-security company where information security is the #1 priority. In fact, security is the business of the business.
I get exposure everyday to nearly all domains of the CISSP in my career and try to relate the experiences into the questions. They are tough, discouraging, and created to be harder than the CISSP exam itself. The idea being that if you understand them and go through the frustration of taking these practice questions, the actual CISSP exam will be easier.
I can talk about questions at Study Notes and Theory all day, but I think some testimonials from previous members would be better:
"Most recommend. Luke Ahmed test questions are the most realistic questions comparing to the other test practices that I have gone through so far." - How John L. Cracked His CISSP Exam
"This is something I call a real test bank. I can’t imagine the work to build those questions AND the explanations. As for now, no AI could pass it. A bit more difficult than the test. Bravo. It’s meant to be used once you achieve 85% on other test banks." - How Zak Cracked His CISSP Exam
To gain access to the practice questions you'll have to become a member here:
You not only get the practice questions but also videos, flashcards, PDF notes, and access to our private Telegram group.
Conclusion
The thing is, no matter which practice test engine or site you sign up for, the key is to take as many practice exam questions as possible. I also suggest taking at least 3,000 to 5,000 practice questions before attempting the exam. Once you start doing this, you almost start to "see" what the CISSP exam wants you to know and how they want you to answer the questions. It reminds me of that scene in the end of "The Matrix" where Neo starts to "see" the code within the Matrix.
50% of study should be books, and the other 50% should be practice exam questions as you get closer to taking your exam. To take full advantage of these questions, you should not only try to get the answer right, but also realize why the other answers are wrong.
Thanks for reading and good luck all.
Here are some extra links in case you needed it:
Please note: talking about the exam contents or the actual questions on the exam is highly against the CISSP Code of Ethics and a violation of the NDA we have to sign before attempting the exam. It is also unbecoming of a security professional. Study Notes and Theory takes this agreement seriously and will discontinue communication with anyone who does not.