Effective CISSP Questions

As a CISSP aspirant, your friend, Bob, is intended to buy the so-called braindumps sold online from anonymous sources. As a CISSP, which of the following is the best action you should take?
A. Report the braindumps sellers to (ISC)² per the Code Of Ethics.
B. Exercise your pentesting expertise to take down the web site selling braindumps.
C. Tell him don’t do that and share some questions you remembered from the exam.
D. Let him know how the test items are written.

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Let him know how the test items are written.

(ISC)² Code Of Ethics

Only if the braindumps sellers are (ISC)² members who subscribe to the (ISC)² Code Of Ethics (the Code), they are bound to the Code. They are anonymous. This case is not applicable to the Code and Ethics Complaint Procedures. However, CISSPs are bound to the Code. “Strict adherence to the Code is a condition of certification.”

  • All information security professionals who are certified by (ISC)² recognize that such certification is a privilege that must be both earned and maintained.
  • In support of this principle, all (ISC)² members are required to commit to fully support this Code of Ethics (the “Code”).
  • (ISC)² members who intentionally or knowingly violate any provision of the Code will be subject to action by a peer review panel, which may result in the revocation of certification.

Source: (ISC)² Code Of Ethics

Hacking the website is obviously unlawful. If you don’t want to be put in jail, don’t play the role of the modern-day Robin Hood. As a CISSP, if you do so, you also violate the cannon, “Act honorably, honestly, justly, responsibly, and legally.”

Ethics Complaint Procedures

The following is a summary of the Ethics Complaint Procedures from the ISC2 official website.

  • Complaints will be accepted only from those who claim to be injured by the alleged behavior.
  • Only complaints that specify the canon of the Code violated will be considered.
  • All complaints must be in writing and in the form of a sworn affidavit.
  • Complaints should be sufficiently complete to enable the board to reach an appropriate judgment. At a minimum, the affidavit should specify the respondent, the behavior complained of, the canon breached, the standing of the complainant, and any corroborating evidence.

(ISC)² Exam Non-Disclosure Agreement

You CANNOT share the questions you remembered from the exam because you have signed the (ISC)² Exam Non-Disclosure Agreement.

Familiarize yourself with the (ISC)² Exam Non-Disclosure Agreement before you head to the test center. You will need to accept the terms of the agreement before you can begin your exam.

You understand, acknowledge and agree:

  • 3. That you may not disclose the Exam questions or answers or discuss any of the content of the Exam Materials with any person without prior written approval of (ISC)²;

Source: (ISC)² Exam Non-Disclosure Agreement

Exam Development Workshops

CISSP exam questions are written by volunteers. They are updated all the time. Braindumps not only hurt your integrity and credibility but your reliance on it will fail you in the exam because it is volatile and dynamic. Let your friend know the truth, and tell him don’t use Braindumps is the best strategy.



My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

您的朋友鮑勃(Bob)正在準備CISSP考試,他打算從匿名來源購買在線出售的所謂的“考古題(braindumps)”。 作為CISSP,您應該採取以下哪項最佳措施?
A. 根據道德規範向(ISC)² 舉報考古題的賣家。
B. 運用滲透測試的專業知識,關閉出售考古題的網站。
C. 告訴他不要那樣做,並分享一些您在考試中記得的問題。
D. 讓他知道考試題目的出題方式。


3 thoughts on “CISSP PRACTICE QUESTIONS – 20201019

  1. Could it be argued that reporting the dumpers to ISC is “advancing and protecting the profession”? The answer does not specify the Ethics Complaint Procedures, but the Code of Ethics could be interpreted as requiring me to take whatever action may help with getting rid of the dumpers.

    • Personally, I would report this through the channel of the ISC2 customer services as the ISC2 code of Ethics is applicable to those who subscribe to it only. We can follow the ethics complaint procedure, but I’m afraid it will result in an invalid complaint and gets rejected.

  2. Are we reading answer A differently?
    You: Report the braindumps sellers to (ISC)² for violating the Code Of Ethics (which would involve the Ethics Complaint Procedures).
    Me: Report the braindumps sellers to (ISC)², because the Code Of Ethics requires me to do so (which has nothing to do with Ethics Complaint Procedures).

Leave a Reply