Effective CISSP Questions

Your company is evaluating a new biometric access control system. Requirements for ease of use and user acceptance precede the level of security. The budget is not a concern. However, the error rate shall not exceed 3 times per day. There are 500 employees in the office building; each of them will go in and out 10 times on average every day. Three vendors submitted proposals as follows:
– Vendor A: Fingerprint, CER: 0.05%
– Vendor B: Iris, CER: 0.02%
– Vendor C: Retina, CER: 0.01%
As a security professional, which of the following solution will you suggest?
A. Vendor A
B. Vendor B
C. Vendor C
D. Any of them

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is A. Vendor A.

Crossover Error Rate (CER)

It takes 5,000 times of biometric scanning if 500 employees go in and out 10 times every day. A CER of 0.05% means 2.5 (5,000 x 0.05%) recognition errors daily, 0.02% for 1 time, and 0.01% for 0.5. So, solutions from vendors A, B, and C all meet the company’s requirements (less than 3 times per day).

Ease of use and user acceptance

According to research, the following finding or conclusion is highly accepted or agreed:

  • Ease of use: Fingerprint > Iris or Retina
  • User acceptance: Fingerprint > Iris or Retina



1 thought on “CISSP PRACTICE QUESTIONS – 20191208

Leave a Reply