Attacks I successfully launched on CISSP Exam Test Engine
May be you have seen NatGeo documentary, in which prey become the predator and hunted become the hunter.
Yesterday I launched some attacks on CISSP test engine (take that.....) and would like to share with you guys & gals.
Test Engine Goal: Create confusion and diffusion
CISSP exam candidate Goal: Pass the Exam & successfully deter the attack
Flag Flooding Attack:
In this attack, CISSP exam candidate set a baseline regarding the confidence he has on his reply. If he is 10% in doubt about his reply he immediately flagged that question. This tricks test engine into thinking that it is successfully confusing the candidate and there is high chance of answer flapping (marking a , then b , then c) later on. But test engine did not know attacker is preparing ground for 80-20 attack (refer to the attack below). But remember to set the baseline correctly. If it is too low you will have many flagged question and very high will give you false sense of security.
80-20 Attack:
Due to CBT, you will have at least 1 hour extra to review the answer i.e. most probably you will finish the first round in 4 - 5 hours. This may lead you to think that you should review all the question. Never ever do that. Only stick to the flagged question that you did in attack#1. Marphy 80-20 law " There is chance to increase test score up to 80% by correcting 20% of the question". Those 20% questions are your flagged question. Never attempt to review all the questions. You will be susceptible to answer flapping attack. This is discussed later.
Aggregation Attack:
In this attack, CISSP exam candidate use the facts/information provided from other questions and use them in his reply to other questions. There will be 2-3 questions that will fall into this category. You need patience and must have seen at least 80% of questions to launch this attack.
Inference Attack:
This is very common attack. Exam candidates do this in every question implicitly. So no need to explain it.
Social Engineering Attack:
Prometric and Pearson are rivals. So before exam, I socialize with Pearson staff and admire their security measure and compare them with Prometric. They checked two IDs with sign, took my photo, took palm print, hand print. (rumor has it that some center take candidate butt print as well and compare it with the exam station seat as extra security measure). I gained their sympathy by expressing that 6 hours is very long duration and believe me they also want to leave early. Anyway, during exam I launched the attack by asking them "If I can use their washroom". They gladly allowed me. Standing over the flush, I happily let go the payload. There goes my morning 12-oz latte (thank you @papadoc) and 300 ml of water in the drain. Then they allowed me to eat some snacks in their kitchen. Very nice people. Be nice to the staff and gain their sympathy.
Impersonation Attack:
When I opened my locker to take snack, I saw my paper notes over there. Momentarily it tempted me to take a look at it but then i though what would JDMurray do in this situation. I have great respect for that man/woman. He/she always act ethically and take NDA to the heart. I am sure he/she would have closed the locker without looking and i did the same..........
When answering ethical question, hold your self in highest ethical standard at least as much as JD Murray i.e. impersonation.
Later on, I completed the test and collected my notes. When I opened note there was nothing that could have aided me. I am sure (beyond reasonable doubt) even if I have AIO at my disposal and CISSP was open book test that could not have helped me in answering question that I have doubt in the first place. May be 1-2% you can take help from AIO but rest of 99% must come from your prior experience. Remember this test is not about your memory to recite and remember facts.
Panic Attack:
This attacked is initiated by test engine. You need to deter it or revert it.
You are solving a a series of question and suddenly you encounter some alien worded questions. You checked on top of screen are you taking the right test. To revert this attack, considering reading the answer first and then make sense of question. Select the one from security point of view.
eg. Blah blah Blah blah Blah blah Blah blah Blah blah Blah blah Blah blah Blah blah Blah blah Blah blah Blah blah...
a) Memory management
b) Process isolation
c) I/O Performance
d) Blah Blah
Process isolation should be your answer from security point of view.
Memory management from managerial point of view and
Process isolation from Info Sec Manager point of view.
Blah Blah from test engine point of view.
Answer Flapping/Flipping Attack:
This happens after test engine successfully created enough confusion and diffusion that CISSP exam candidate doubt it own existence. Am I real, Why did the chicken cross the road, What am I doing here, Is this real?.
He will flip-flop the answer like router flapping. A then B then A then C then D.
Never let yourself in this situation. Take a solid argument and stick with your first instinct (not relevant to basic instinct).
Yesterday I launched some attacks on CISSP test engine (take that.....) and would like to share with you guys & gals.
Test Engine Goal: Create confusion and diffusion
CISSP exam candidate Goal: Pass the Exam & successfully deter the attack
Flag Flooding Attack:
In this attack, CISSP exam candidate set a baseline regarding the confidence he has on his reply. If he is 10% in doubt about his reply he immediately flagged that question. This tricks test engine into thinking that it is successfully confusing the candidate and there is high chance of answer flapping (marking a , then b , then c) later on. But test engine did not know attacker is preparing ground for 80-20 attack (refer to the attack below). But remember to set the baseline correctly. If it is too low you will have many flagged question and very high will give you false sense of security.
80-20 Attack:
Due to CBT, you will have at least 1 hour extra to review the answer i.e. most probably you will finish the first round in 4 - 5 hours. This may lead you to think that you should review all the question. Never ever do that. Only stick to the flagged question that you did in attack#1. Marphy 80-20 law " There is chance to increase test score up to 80% by correcting 20% of the question". Those 20% questions are your flagged question. Never attempt to review all the questions. You will be susceptible to answer flapping attack. This is discussed later.
Aggregation Attack:
In this attack, CISSP exam candidate use the facts/information provided from other questions and use them in his reply to other questions. There will be 2-3 questions that will fall into this category. You need patience and must have seen at least 80% of questions to launch this attack.
Inference Attack:
This is very common attack. Exam candidates do this in every question implicitly. So no need to explain it.
Social Engineering Attack:
Prometric and Pearson are rivals. So before exam, I socialize with Pearson staff and admire their security measure and compare them with Prometric. They checked two IDs with sign, took my photo, took palm print, hand print. (rumor has it that some center take candidate butt print as well and compare it with the exam station seat as extra security measure). I gained their sympathy by expressing that 6 hours is very long duration and believe me they also want to leave early. Anyway, during exam I launched the attack by asking them "If I can use their washroom". They gladly allowed me. Standing over the flush, I happily let go the payload. There goes my morning 12-oz latte (thank you @papadoc) and 300 ml of water in the drain. Then they allowed me to eat some snacks in their kitchen. Very nice people. Be nice to the staff and gain their sympathy.
Impersonation Attack:
When I opened my locker to take snack, I saw my paper notes over there. Momentarily it tempted me to take a look at it but then i though what would JDMurray do in this situation. I have great respect for that man/woman. He/she always act ethically and take NDA to the heart. I am sure he/she would have closed the locker without looking and i did the same..........
When answering ethical question, hold your self in highest ethical standard at least as much as JD Murray i.e. impersonation.
Later on, I completed the test and collected my notes. When I opened note there was nothing that could have aided me. I am sure (beyond reasonable doubt) even if I have AIO at my disposal and CISSP was open book test that could not have helped me in answering question that I have doubt in the first place. May be 1-2% you can take help from AIO but rest of 99% must come from your prior experience. Remember this test is not about your memory to recite and remember facts.
Panic Attack:
This attacked is initiated by test engine. You need to deter it or revert it.
You are solving a a series of question and suddenly you encounter some alien worded questions. You checked on top of screen are you taking the right test. To revert this attack, considering reading the answer first and then make sense of question. Select the one from security point of view.
eg. Blah blah Blah blah Blah blah Blah blah Blah blah Blah blah Blah blah Blah blah Blah blah Blah blah Blah blah...
a) Memory management
b) Process isolation
c) I/O Performance
d) Blah Blah
Process isolation should be your answer from security point of view.
Memory management from managerial point of view and
Process isolation from Info Sec Manager point of view.
Blah Blah from test engine point of view.
Answer Flapping/Flipping Attack:
This happens after test engine successfully created enough confusion and diffusion that CISSP exam candidate doubt it own existence. Am I real, Why did the chicken cross the road, What am I doing here, Is this real?.
He will flip-flop the answer like router flapping. A then B then A then C then D.
Never let yourself in this situation. Take a solid argument and stick with your first instinct (not relevant to basic instinct).
Comments
-
papadoc Member Posts: 154Awesome! Let's write a book on CISSP test taking tips. I'll cover the nootropics and caffeine.
-
seigex Member Posts: 105I'm taking a wild guess that you played D&D at some point in your life, would this be an accurate assessment?
-
justjen Member Posts: 77 ■■□□□□□□□□Passed the GISP this morning on my way to the CISSP on the 14th, and recognized many opportunities to use your attack strategies.
Panic Attack? the first 5 or 6 definitely, which led to
Flag Flooding? check!
80/20? max'd out 100/0... one pass, no review = reduced occurrences of Answer Flapping
Answer Flapping? yes, it is possible to flap multiple times before hitting submit on a single question LOL
Social Engineering? yes, 5 hours is a long test... score nice test desk in the farthest corner for least distraction
Inference and aggregation may have happened, but didn't trigger any cognitive alerts - no time to notice, just go, go, go!
Sadly, I did not employ all attacks, as there was no opportunity for impersonation, but I was prepared, thanks to you! -
Chuzpah Member Posts: 68 ■■■□□□□□□□Awesome write up! Thanks for the tips and comic relief. I needed that!