CISSP Official Practice Tests Mike

Chapple
Visit to download the full and correct content document:
https://textbookfull.com/product/cissp-official-practice-tests-mike-chapple/
More products digital (pdf, epub, mobi) instant
download maybe you interests ...

CISSP Official Study Guide Mike Chapple

https://textbookfull.com/product/cissp-official-study-guide-mike-
chapple/

ISC ² SSCP systems security certified practitioner

official practice tests Chapple

https://textbookfull.com/product/isc-%c2%b2-sscp-systems-
security-certified-practitioner-official-practice-tests-chapple/

CompTIA CySA practice tests Exam CS0 002 2nd Edition

Mike Chapple

https://textbookfull.com/product/comptia-cysa-practice-tests-
exam-cs0-002-2nd-edition-mike-chapple/

Comptia cysa practice tests exam cs0 002 2nd Edition

Mike Chapple

https://textbookfull.com/product/comptia-cysa-practice-tests-
exam-cs0-002-2nd-edition-mike-chapple-2/
(ISC)² CISSP certified information systems security
professional: official study guide Eighth Edition
Chapple

https://textbookfull.com/product/isc%c2%b2-cissp-certified-
information-systems-security-professional-official-study-guide-
eighth-edition-chapple/

ISC ² CCSP Certified Cloud Security Professional

Official Practice Tests 2nd Edition Ben Malisow

https://textbookfull.com/product/isc-%c2%b2-ccsp-certified-cloud-
security-professional-official-practice-tests-2nd-edition-ben-
malisow/

OET Medicine Official OET Practice Book 1 For tests

from 31 August 2019 1st Edition

https://textbookfull.com/product/oet-medicine-official-oet-
practice-book-1-for-tests-from-31-august-2019-1st-edition/

Comptia Pentest Study Guide Exam Pt0 001 1st Edition

Mike Chapple

https://textbookfull.com/product/comptia-pentest-study-guide-
exam-pt0-001-1st-edition-mike-chapple/

Comptia Cysa+ Study Guide Exam Cs0-002 3rd Edition Mike

Chapple

https://textbookfull.com/product/comptia-cysa-study-guide-exam-
cs0-002-3rd-edition-mike-chapple/
 (ISC)² CISSP
Certified Information Systems
Security Professional
Official Practice Tests
Second Edition
 (ISC)² CISSP
Certified Information Systems
Security Professional
Official Practice Tests
Second Edition

Mike Chapple, CISSP

David Seidl, CISSP
Development Editor: Kelly Talbot
Technical Editor: Aaron Krauss
Senior Production Editor: Christine O’Connor
Copy Editor: Kim Wimpsett
Editorial Manager: Mary Beth Wakefield
Production Manager: Kathleen Wisor
Executive Editor: Jim Minatel
Book Designers: Judy Fung and Bill Gibson
Proofreader: Amy Schneider
Indexer: Johnna Vanhoose Dinse
Project Coordinator, Cover: Brent Savage
Cover Designer: Wiley
Cover Image: Getty Images Inc./Jeremy Woodhouse
Copyright © 2018 by John Wiley & Sons, Inc., Indianapolis, Indiana
Published by John Wiley & Sons, Inc. Indianapolis, Indiana
Published simultaneously in Canada
ISBN: 978-1-119-47592-7
ISBN: 978-1-119-47594-1 (ebk.)
ISBN: 978-1-119-47596-5 (ebk.)
Manufactured in the United States of America
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by
any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under
Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of
the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance
Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the
Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River
Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/
permissions.
Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties
with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties,
including without limitation warranties of fitness for a particular purpose. No warranty may be created or
extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for
every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal,
accounting, or other professional services. If professional assistance is required, the services of a competent
professional person should be sought. Neither the publisher nor the author shall be liable for damages arising
herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential
source of further information does not mean that the author or the publisher endorses the information the
organization or Web site may provide or recommendations it may make. Further, readers should be aware that
Internet Web sites listed in this work may have changed or disappeared between when this work was written and
when it is read.
For general information on our other products and services or to obtain technical support, please contact our
Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317)
572-4002.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included
with standard print versions of this book may not be included in e-books or in print-on-demand. If this book
refers to media such as a CD or DVD that is not included in the version you purchased, you may download this
material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.
Library of Congress Control Number: 2018942604
TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John
Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without
written permission. (ISC)2 and CISSP are trademarks or registered trademarks of (ISC)2 , Inc. All other trade-
marks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or
vendor mentioned in this book.
10 9 8 7 6 5 4 3 2 1
For Renee, the most patient and caring person I know. Thank you for being
the heart of our family.
—MJC

For Scott Ksander, who taught me that disagreeing doesn’t mean that you
can’t be on the same page, for Joanna Grama who proved me wrong and
by doing so became a wonderful friend, and for Greg Hedrick who stood
between our team of security practitioners and the rest of the world so that
we could excel. Thank you all!
—DAS
Acknowledgments
The authors would like to thank the many people who made this book possible. Jim
Minatel at Wiley Publishing helped us extend the Sybex CISSP franchise to include this
new title and gain important support from the International Information Systems Security
Certification Consortium (ISC)2 . Carole Jelen, our agent, worked on a myriad of logistic
details and handled the business side of the book with her usual grace and commitment to
excellence. Aaron Krauss, our technical editor, pointed out many opportunities to improve
our work and deliver a high-quality final product. Jeff Parker’s technical proofing ensured
a polished product. Kelly Talbot served as developmental editor and managed the project
smoothly. Many other people we’ll never meet worked behind the scenes to make this book
a success.
About the Authors
Mike Chapple, PhD, CISSP,   is an author of the best-selling CISSP (ISC)2 Certified
Information Systems Security Professional Official Study Guide (Sybex, 2018), now in its
eighth edition. He is an information security professional with two decades of experience in
higher education, the private sector, and government.
Mike currently serves as Associate Teaching Professor of IT, Analytics, and Operations
at the University of Notre Dame’s Mendoza College of Business. He previously served as
Senior Director for IT Service Delivery at Notre Dame, where he oversaw the information
security, data governance, IT architecture, project management, strategic planning, and
product management functions for the university.
Before returning to Notre Dame, Mike served as Executive Vice President and Chief
Information Officer of the Brand Institute, a Miami-based marketing consultancy. Mike
also spent four years in the information security research group at the National Security
Agency and served as an active duty intelligence officer in the U.S. Air Force.
He is a technical editor for Information Security Magazine and has written 20 books,
including Cyberwarfare: Information Operations in a Connected World (Jones & Bartlett,
2015), CompTIA Security+ Training Kit (Microsoft Press, 2013), and the CompTIA
Cybersecurity Analyst+ (CySA+) Study Guide (Wiley, 2017) and Practice Tests (Wiley, 2018).
Mike earned both his BS and PhD degrees from Notre Dame in computer science and
engineering. He also holds an MS in computer science from the University of Idaho and an
MBA from Auburn University. His IT certifications include the CISSP, Security+, CySA+,
CISA, and PMP credentials.
Mike provides books, video-based training, and free study groups for a wide variety of
IT certifications at his website, CertMike.com.

David Seidl, CISSP,   is the Senior Director for Campus Technology Services at the
University of Notre Dame. In this role, David is responsible for central platform and
operating system support, virtualization, cloud operations, database administration and
services, identity and access management, application services, ERP administration,
and a host of other services. Prior to his current role, he was Notre Dame’s Director of
Information Security and taught a popular Networking and Security class in Notre Dame’s
Mendoza College of Business.
In addition to his professional and teaching roles, he has co-authored CompTIA
Security+ Training Kit (Microsoft Press, 2013), Cyberwarfare: Information Operations in
a Connected World (Jones & Bartlett, 2015), CISSP Official (ISC) 2 Practice Tests (Sybex,
2016), and CompTIA CySA+ Study Guide (Sybex, 2017), and he has served as the technical
editor for the sixth (Sybex, 2012), seventh (Sybex, 2015), and eighth (Sybex, 2018) editions
of CISSP Study Guide. David holds a bachelor’s degree in communication technology and a
master’s degree in information security from Eastern Michigan University, as well as CISSP,
GPEN, GCIH, and CySA+ certifications.
About the Technical Editor
Aaron Krauss   began his career as a security auditor for U.S. federal government clients.
From there he moved into security risk management for healthcare and financial services,
which offered more opportunities to travel, explore, and eat amazing food around the
world. He currently works for a cyber-risk insurance startup in San Francisco and spends
his free time dabbling in cooking, cocktail mixology, and photography.
Contents at a Glance
Introduction xvii

Chapter 1 Security and Risk Management (Domain 1) 1

Chapter 2 Asset Security (Domain 2) 27
Chapter 3 Security Architecture and Engineering (Domain 3) 51
Chapter 4 Communication and Network Security (Domain 4) 79
Chapter 5 Identity and Access Management (Domain 5) 103
Chapter 6 Security Assessment and Testing (Domain 6) 127
Chapter 7 Security Operations (Domain 7) 151
Chapter 8 Software Development Security (Domain 8) 175
Chapter 9 Practice Test 1 201
Chapter 10 Practice Test 2 231
Chapter 11 Practice Test 3 259
Chapter 12 Practice Test 4 287

Appendix Answers 317

Index 459
Contents
Introduction xvii

Chapter 1 Security and Risk Management (Domain 1) 1

Chapter 2 Asset Security (Domain 2) 27

Chapter 3 Security Architecture and Engineering (Domain 3) 51

Chapter 4 Communication and Network Security (Domain 4) 79

Chapter 5 Identity and Access Management (Domain 5) 103

Chapter 6 Security Assessment and Testing (Domain 6) 127

Chapter 7 Security Operations (Domain 7) 151

Chapter 8 Software Development Security (Domain 8) 175

Chapter 9 Practice Test 1 201

Chapter 10 Practice Test 2 231

Chapter 11 Practice Test 3 259

Chapter 12 Practice Test 4 287

Appendix Answers 317

Chapter 1: Security and Risk Management (Domain 1) 318
Chapter 2: Asset Security (Domain 2) 327
Chapter 3: Security Architecture and Engineering (Domain 3) 338
Chapter 4: Communication and Network Security (Domain 4) 347
Chapter 5: Identity and Access Management (Domain 5) 358
Chapter 6: Security Assessment and Testing (Domain 6) 369
Chapter 7: Security Operations (Domain 7) 381
Chapter 8: Software Development Security (Domain 8) 393
Chapter 9: Practice Test 1 404
Chapter 10: Practice Test 2 418
Chapter 11: Practice Test 3 431
Chapter 12: Practice Test 4 445
Index 459
Introduction
(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests is
a companion volume to (ISC)² CISSP Certified Information Systems Security Professional
Official Study Guide. It includes questions in the formats that appear in the version of the
CISSP Detailed Content Outline and exam that became effective in April 2018. If you’re
looking to test your knowledge before you take the CISSP exam, this book will help you
by providing more than 1,300 questions that cover the CISSP Common Body of Knowl-
edge and easy-to-understand explanations of both right and wrong answers.
If you’re just starting to prepare for the CISSP exam, we highly recommend that you use
(ISC) 2 CISSP Certified Information Systems Security Professional Official Study Guide to
help you learn about each of the domains covered by the CISSP exam. Once you’re ready to
test your knowledge, use this book to help find places where you may need to study more or
to practice for the exam itself.
Since this is a companion to CISSP Study Guide, this book is designed to be similar to
taking the CISSP exam. It contains multipart scenarios as well as standard multiple-choice
and matching questions similar to those you may encounter on the certification exam. The
book is broken up into 12 chapters: 8 domain-centric chapters with 100 or more questions
about each domain, and 4 chapters that contain 125-question practice tests to simulate tak-
ing the exam.

CISSP Certification
The CISSP certification is offered by the International Information System Security Certi-
fication Consortium, or (ISC)2, a global nonprofit organization. The mission of (ISC)2 is to
support and provide members and constituents with credentials, resources, and leadership to
address cyber, information, software, and infrastructure security to deliver value to society.
(ISC)2 achieves this mission by delivering the world’s leading information security certifi-
cation program. The CISSP is the flagship credential in this series and is accompanied by
several other (ISC)2 programs.
■■ Systems Security Certified Practitioner (SSCP)
■■ Certified Authorization Professional (CAP)
■■ Certified Secure Software Lifecycle Professional (CSSLP)
■■ HealthCare Information Security and Privacy Practitioner (HCISPP)
■■ Certified Cloud Security Professional (CCSP)
xviii Introduction

There are also three advanced CISSP certifications for those who want to move on from
the base credential to demonstrate advanced expertise in a domain of information security.
■■ Information Systems Security Architecture Professional (CISSP-ISSAP)
■■ Information Systems Security Engineering Professional (CISSP-ISSEP)
■■ Information Systems Security Management Professional (CISSP-ISSMP)
The CISSP certification covers eight domains of information security knowledge. These
domains are meant to serve as the broad knowledge foundation required to succeed in the
information security profession.
■■ Security and Risk Management
■■ Asset Security
■■ Security Architecture and Engineering
■■ Communication and Network Security
■■ Identity and Access Management (IAM)
■■ Security Assessment and Testing
■■ Security Operations
■■ Software Development Security
The CISSP domains are periodically updated by (ISC)2 . The most recent revision in
April 2018 changed the name of the Security Engineering domain to add Architecture. It
also added or expanded coverage of topics such as secure coding and cloud operations that
security professionals commonly encounter in modern security operations environments. It
also changed the names of other areas to reflect changes in common information security
topics and terminology.
Complete details on the CISSP Common Body of Knowledge (CBK) are contained in the
Exam Outline. It includes a full outline of exam topics, can be found on the (ISC)2 website
at www.isc2.org.

Taking the CISSP Exam

In addition to updating the content covered by the exam, 2018 also brought significant
changes to the English language version of the exam. Traditionally, the exam was a 6-hour
test containing 250 multiple-choice questions, and you could move back and forth between
questions during that 6-hour period. That format is still used by non-English exams, but the
English exam uses a different format.
The new exam uses a technology called Computer Adaptive Testing (CAT). With this
format, you’ll have a shorter exam, containing between 100 to 150 questions. You will not
have the opportunity to skip back and forth because the computer selects the next ques-
tions that it asks you based upon your answers to previous questions. If you’re doing well
on the exam, it will get more difficult as you progress. Don’t let that unnerve you!
 Introduction xix

For either version of the exam, passing requires achieving a score of at least 700 out of
1,000 points. It’s important to understand that this is a scaled score, meaning that not every
question is worth the same number of points. Questions of differing difficulty may factor
into your score more or less heavily, and adaptive exams adjust to the test taker.
That said, as you work through these practice exams, you might want to use 70 percent as
a yardstick to help you get a sense of whether you’re ready to sit for the actual exam. When
you’re ready, you can schedule an exam at a location near you through the (ISC)2 website.
Questions on the CISSP exam are provided in both multiple-choice form and what
(ISC)2 calls advanced innovative questions, which are drag-and-drop and hotspot ques-
tions, both of which are offered in computer-based testing environments. Innovative
questions are scored the same as traditional multiple-choice questions and have only one
right answer.

Computer-Based Testing Environment

Almost all CISSP exams are now administered in a computer-based testing (CBT) format.
You’ll register for the exam through the Pearson Vue website and may take the exam in the
language of your choice. It is offered in English, French, German, Portuguese, Spanish, Japa-
nese, Simplified Chinese, Korean, and a visually impaired format.
You’ll take the exam in a computer-based testing center located near your home or
office. The centers administer many different exams, so you may find yourself sitting in the
same room as a student taking a school entrance examination and a healthcare professional
earning a medical certification. If you’d like to become more familiar with the testing envi-
ronment, the Pearson Vue website offers a virtual tour of a testing center.
https://home.pearsonvue.com/test-taker/Pearson-Professional-Center-
Tour.aspx
When you take the exam, you’ll be seated at a computer that has the exam software
already loaded and running. It’s a pretty straightforward interface that allows you to navi-
gate through the exam. You can download a practice exam and tutorial from the Pearson
Vue website.
http://www.vue.com/athena/athena.asp

Exam Retake Policy

If you don’t pass the CISSP exam, you shouldn’t panic. Many individuals don’t reach the
bar on their first attempt but gain valuable experience that helps them succeed the second
time around. When you retake the exam, you’ll have the benefit of familiarity with the CBT
environment and CISSP exam format. You’ll also have time to study the areas where you felt
less confident.
xx Introduction

After your first exam attempt, you must wait 30 days before retaking the computer-
based exam. If you’re not successful on that attempt, you must then wait 90 days before
your third attempt and 180 days before your fourth attempt. You may not take the exam
more than three times in a single calendar year.

Work Experience Requirement

Candidates who want to earn the CISSP credential must not only pass the exam but also
demonstrate that they have at least five years of work experience in the information security
field. Your work experience must cover activities in at least two of the eight domains of the
CISSP program and must be paid, full-time employment. Volunteer experiences or part-time
duties are not acceptable to meet the CISSP experience requirement.
You may be eligible to waive one of the five years of the work experience requirement
based upon your educational achievements. If you hold a bachelor’s degree or four-year
equivalent, you may be eligible for a degree waiver that covers one of those years. Similarly,
if you hold one of the information security certifications on the current (ISC)2 credential
waiver list (https://www.isc2.org/credential_waiver/default.aspx), you may also
waive a year of the experience requirement. You may not combine these two programs.
Holders of both a certification and an undergraduate degree must still demonstrate at least
four years of experience.
If you haven’t yet completed your work experience requirement, you may still attempt
the CISSP exam. Individuals who pass the exam are designated Associates of (ISC)2 and
have six years to complete the work experience requirement.

Recertification Requirements
Once you’ve earned your CISSP credential, you’ll need to maintain your certification by
­paying maintenance fees and participate in continuing professional education (CPE). As
long as you maintain your certification in good standing, you will not need to retake the
CISSP exam.
Currently, the annual maintenance fees for the CISSP credential are $85 per year.
Individuals who hold one of the advanced CISSP concentrations will need to pay an
additional $35 annually for each concentration they hold.
The CISSP CPE requirement mandates earning at least 40 CPE credits each year toward
the 120-credit 3-year requirement. (ISC)2 provides an online portal where certificate hold-
ers may submit CPE completion for review and approval. The portal also tracks annual
maintenance fee payments and progress toward recertification.
 Introduction xxi

Using This Book to Practice

This book is composed of 12 chapters. Each of the first eight chapters covers a domain, with
a variety of questions that can help you test your knowledge of real-world, scenario, and
best-practice security knowledge. The final four chapters are complete practice exams that
can serve as timed practice tests to help determine whether you’re ready for the CISSP exam.
We recommend taking the first practice exam to help identify where you may need to
spend more study time and then using the domain-specific chapters to test your domain
knowledge where it is weak. Once you’re ready, take the other practice exams to make sure
you’ve covered all of the material and are ready to attempt the CISSP exam.

Using the Online Practice Tests

All of the questions in this book are also available in Sybex’s online practice test tool. To get
access to this online format, go to www.wiley.com/go/cissptestprep and start by register-
ing your book. You’ll receive a pin code and instructions on where to create an online test
bank account. Once you have access, you can use the online version to create your own sets
of practice tests from the book questions and practice in a timed and graded setting.
 (ISC)² CISSP
Certified Information Systems
Security Professional
Official Practice Tests
Second Edition
Chapter Security and Risk

1
Management
(Domain 1)
2 Chapter 1 ■ Security and Risk Management (Domain 1)

1. What is the final step of a quantitative risk analysis?

A. Determine asset value.
B. Assess the annualized rate of occurrence.
C. Derive the annualized loss expectancy.
D. Conduct a cost/benefit analysis.

2. Match the following numbered wireless attack terms with their appropriate lettered
descriptions:

Wireless attack terms

1. Rogue access point

2. Replay
3. Evil twin
4. War driving

Descriptions

A. An attack that relies on an access point to spoof a legitimate access point’s SSID and
Mandatory Access Control (MAC) address
B. An access point intended to attract new connections by using an apparently legitimate
SSID
C. An attack that retransmits captured communication to attempt to gain access to a
targeted system
D. The process of using detection tools to find wireless networks

3. Under the Digital Millennium Copyright Act (DMCA), what type of offenses do not
require prompt action by an internet service provider after it receives a notification of
infringement claim from a copyright holder?
A. Storage of information by a customer on a provider’s server
B. Caching of information by the provider
C. Transmission of information over the provider’s network by a customer
D. Caching of information in a provider search engine

4. FlyAway Travel has offices in both the European Union (EU) and the United States and
transfers personal information between those offices regularly. They have recently received
a request from an EU customer requesting that their account be terminated. Under the
General Data Protection Regulation (GDPR), which requirement for processing personal
information states that individuals may request that their data no longer be disseminated
or processed?
A. The right to access
B. Privacy by design
C. The right to be forgotten
D. The right of data portability
 Chapter 1 ■ Security and Risk Management (Domain 1) 3

5. Which one of the following is not one of the three common threat modeling techniques?
A. Focused on assets
B. Focused on attackers
C. Focused on software
D. Focused on social engineering

6. Which one of the following elements of information is not considered personally identifi-
able information that would trigger most United States (U.S.) state data breach laws?
A. Student identification number
B. Social Security number
C. Driver’s license number
D. Credit card number

7. In 1991, the Federal Sentencing Guidelines formalized a rule that requires senior execu-
tives to take personal responsibility for information security matters. What is the name of
this rule?
A. Due diligence rule
B. Personal liability rule
C. Prudent man rule
D. Due process rule

8. Which one of the following provides an authentication mechanism that would be appropri-
ate for pairing with a password to achieve multifactor authentication?
A. Username
B. Personal identification number (PIN)
C. Security question
D. Fingerprint scan

9. What United States government agency is responsible for administering the terms of
privacy shield agreements between the European Union and the United States under the
EU GDPR?
A. Department of Defense
B. Department of the Treasury
C. State Department
D. Department of Commerce

10. Yolanda is the chief privacy officer for a financial institution and is researching privacy
issues related to customer checking accounts. Which one of the following laws is most
likely to apply to this situation?
A. GLBA
B. SOX
C. HIPAA
D. FERPA
4 Chapter 1 ■ Security and Risk Management (Domain 1)

11. Tim’s organization recently received a contract to conduct sponsored research as a govern-
ment contractor. What law now likely applies to the information systems involved in this
contract?
A. FISMA
B. PCI DSS
C. HIPAA
D. GISRA

12. Chris is advising travelers from his organization who will be visiting many different coun-
tries overseas. He is concerned about compliance with export control laws. Which of the
following technologies is most likely to trigger these regulations?
A. Memory chips
B. Office productivity applications
C. Hard drives
D. Encryption software

13. Bobbi is investigating a security incident and discovers that an attacker began with a normal
user account but managed to exploit a system vulnerability to provide that account with
administrative rights. What type of attack took place under the STRIDE threat model?
A. Spoofing
B. Repudiation
C. Tampering
D. Elevation of privilege

14. You are completing your business continuity planning effort and have decided that you
wish to accept one of the risks. What should you do next?
A. Implement new security controls to reduce the risk level.
B. Design a disaster recovery plan.
C. Repeat the business impact assessment.
D. Document your decision-making process.

15. Which one of the following control categories does not accurately describe a fence around
a facility?
A. Physical
B. Detective
C. Deterrent
D. Preventive

16. Tony is developing a business continuity plan and is having difficulty prioritizing resources
because of the difficulty of combining information about tangible and intangible assets.
What would be the most effective risk assessment approach for him to use?
A. Quantitative risk assessment
B. Qualitative risk assessment
Another random document with
no related content on Scribd:
in place. Concave cylinders are then employed in quarters until the
final results of +1.D. spherical, combined with -1.D. cylinder axis
180° is secured. This necessitates the change of but four cylindrical
lenses as shown in routine “A” as follows:
ROUTINE “A” ROUTINE “B”
(Made with minus cylinder) (Made with plus cylinder)
Sph. +1.D. Cyl. Axis Sph. +1.D. Cyl. Axis
Step 1 +1.D. = -.25 ax. 180° equal to +.75 = +.25 ax. 90°
Step 2 +1.D. = -.50 ax. 180° equal to +.50 = +.50 ax. 90°
Step 3 +1.D. = -.75 ax. 180° equal to +.25 = +.75 ax. 90°
Step 4 +1.D. = -1 ax. 180° equal to 0 +1 ax. 90°

In brief the method of using minus cylinders exclusively in an

examination, as explained in routine “A”, necessitates the change of
the cylinder lenses only after the strongest plus sphere is secured.
On the other hand, notwithstanding innumerable other methods
where plus cylinders are used, routine “B” shows that the best
spherical lens strength the patient will accept, is also first
determined. Then both spheres and cylinders are changed in their
regular order by gradually building up in routine, by increasing plus
cylinder and next decreasing sphere, a quarter diopter each time,
until the final result is secured.
While it is conceded that both routine “A” and “B” are of
themselves simplified methods, by comparing routine “A” where
minus cylinders are used with routine “B” where plus cylinders are
used in their corresponding steps, the refractionist will note by
comparison that one is the exact equivalent and transposition of the
other. Where plus cylinders are employed, eight lens changes are
made before final results are secured; while but four lens changes
are necessary where minus cylinders are used.
The refractionist should also note by comparison that the use of
minus cylinders reduces focus of the plus sphere, but only in the
meridian of the axis. It has not made the patient myopic.
Furthermore, a plus cylinder will bring the focal rays forward, while
minus cylinders throw them backward toward the retina.
 This is but another reason for the exclusive use of minus
cylinders in refraction.
The method of using minus cylinders exclusively in an
examination, necessitates the change of the cylinder lenses only. On
the other hand, the method of using plus cylinders makes it
necessary to change spheres and cylinders in routine.
In brief, since using the minus cylinder is merely a matter of
mathematical optics, their use even in a trial-case examination is
strongly urged.
The maximum value of the Ski-optometer is fully realized only
when the advantages of using minus cylinders exclusively in every
examination is clearly understood.

Constant Attention Not Required

With the Ski-optometer, when the examination is completed, the
sum-total of final results—whether spherical, cylinder, axis, or all
combined—are automatically indicated or registered ready to write
the prescription. Until then, the foci of the various lenses that may be
employed are of no importance.
In short, in using the Ski-optometer, it is not necessary to
constantly watch the registrations during examinations. The
automatic operation of the instrument is an exclusive feature, so that
the refractionist should unhesitatingly employ it. Hence, by
eliminating the perpetual watch on the lenses in use, the refractionist
is enabled to give his undivided attention to the patient rather than to
the trial lenses.
Where a special dark-room is used for skioscopic work, an
additional wall bracket or floor stand will necessitate only the
removal of the instrument itself. This enables the refractionist to use
the Ski-optometer for subjective or objective work, without disturbing
the patient’s correction.
 Chapter IV
IMPORTANT POINTS IN CONNECTION WITH
THE USE OF THE SKI-OPTOMETER

T he Ski-optometer is equipped with an adjustable head-rest,

permitting its lenses to be brought as close as possible to the
eye without touching the patient’s lashes, a matter of importance
in every examination.

Fig. 11—The nasal lines of the Ski-

optometer fit the contour of face with
mask-like perfection, patient remaining in
comfortable position.
 Elimination of Trial-Frame Discomfort
Where the Ski-optometer is correctly fitted to the face, the patient
invariably remains in a comfortable position (Fig. 11). The instrument
is shaped to fit the face like a mask, so that even with a pupillary
distance of but 50 m/m (that of a child) there still remains, without
pinching, ample room for the widest nose of an adult.
Before making an examination, the correct pupillary distance
should always be obtained by drawing an imaginary vertical line
downward through the center of each eye from the 90° point on the
Ski-optometer axis scale. The pupillary distance will then register in
millimeters on the scale of measurements for each eye separately. If
the Ski-optometer is correctly adjusted, the patient is securely held in
position, the cumbersome trial-frame being entirely eliminated.

Rigidity of Construction
Illustration on following page (Fig. 11a) shows the reinforced
double bearing arms which hold the Ski-optometer lens batteries at
two points. This eliminates possibility of the instrument getting out of
alignment, and prevents wabbling or loose working parts.
The broad horizontal slides shown in the cut, move in and out
independently so that the pupillary distance is obtained for each eye
separately by turning the pinioned handle on either side of the
instrument. The scale denotes in millimeters the P.D. from the
median line of the nose outward, the total of both scales being the
patient’s pupillary distance.
Fig. 11a also serves to show the staunch construction of the base
of the Ski-optometer.
 Fig. 11a—Showing staunch construction
of Ski-optometer base.

How to Place the Ski-optometer in Position

The patient should be placed in a comfortable position with “chin
up,” as though looking at a distant object. The instrument should
then be raised or lowered by the adjustable ratchet wheel of the
bracket. The wall bracket gives best results when suspended from
the wall, back of the patient, as shown on page 135. This bracket
should be placed about ten inches above the head of the average
patient. When the Ski-optometer is placed in position for use, its
lower edge will barely touch the patient’s cheeks. It is sometimes
advisable to request the patient to lightly press toward the face the
horizontal bar supporting the instrument. Particularly good results
are secured where a chair with a head-rest is employed in
conjunction with the Ski-optometer. (See illustration of Model
Refraction Room, Page 112).
 Cleaning the Lenses
The time-waste of perpetually cleaning lenses is overcome where
the Ski-optometer is employed. For the convenience of the operator
and protection of Ski-optometer lenses, the latter are concealed in a
dust-proof cell, overcoming all dust and finger-print annoyances.
When not in use, the instrument should be covered with the
standardized hood forming part of the equipment.
The instrument should not be taken apart under any
circumstances. To clean its lenses, not a single screw need be
removed, as the lenses of each disk may be cleaned individually
through the opening of the other disks. These openings are
conveniently indicated by the white zeros (Fig. 2). The Ski-optometer
contains but eleven spherical and eight cylindrical lenses on each
side, so that the actual work of cleaning should not require over ten
minutes at the most, cleaning the lenses every other week proving
quite sufficient.

Accuracy Assured in Every Test

Loss of refraction is completely eliminated through the use of the
Ski-optometer. The most casual examination of the trial-frame or any
other instrument shows that the construction necessitates the
placing of the spherical lens next to the eye with the cylinder lens
outermost—a serious fault wholly overcome in the Ski-optometer.
Not only do the cylindrical lenses of the Ski-optometer set directly
next to the patient’s eye, thus overcoming any possible loss of
refraction, but the strong spherical lenses of the supplementary disk
are set directly next to the cylinder. There is apparently but a hair’s
distance between these lenses; the two disks containing the
spherical lenses of the Ski-optometer likewise setting close together.
In a word, the Ski-optometer’s cylinder lenses set directly next to
the patient’s eye, followed by the stronger sphericals, so that the
weakest spherical or +.25 (the lens of least importance) sets farthest
away. This is 3½ m/m closer than any trial-frame manufactured,
however, and at least 10 m/m closer than any other instrument—
another reason for implicitly relying on the Ski-optometer for
uniformly accurate results.

Built to Last a Lifetime

Fig. 12—(A. and B.)—This unique,

patented split-spring device of screwless
construction, securely holds all movable
parts. In case of repair, they may be
removed with the blade of a knife.
The Ski-optometer is built on the plan of ¹/₁₀₀₀″, insuring absolute
rigidity and accuracy and a lifetime of endurance. Particular and
detailed attention has been given to the novel means of eliminating
screws which either bind, create friction or continually work loose,
causing false indications of findings on scales of measurements;
hence correct and accurate indications are insured in the Ski-
optometer by means of a split-spring washer construction similar to
that of an automobile tire’s detachable rim (Fig. 12).
This patented spring washer construction securely holds the
phorometer lenses, the rotary prism and the revolving cylinder lens
cells.
Whenever necessary, or in case of repair, these parts may be
readily removed with the blade of a knife.
 Chapter V
CONDENSED PROCEDURE FOR MAKING
SPHERE AND CYLINDER TEST
WITH THE SKI-OPTOMETER

N otwithstanding various methods employed, for both

subjective and objective refraction, the following synopsis of the
previous chapters will unquestionably prove most valuable to
the busy refractionist, enabling him to make error-proof examinations
in practically every case without resorting to the transference of trial-
case sphere or cylinder lenses. A careful reading of chapters one
and two should be made however, so that one may gain an
understanding as to how spheres and cylinders are obtained with the
Ski-optometer.

Subjective Distance Test

1st—Place Ski-optometer in position, employing spirit level, thus
maintaining instrument’s horizontal balance.
2nd—Adjust the pupillary distance for each eye individually, by
drawing an imaginary vertical line downward through the center of
each eye from the 90° point on the Ski-optometer’s axis scale. The
opaque disk should be placed before the patient’s left eye by setting
the supplementary disk handle at “shut.”
3rd—The Ski-optometer lens battery before the patient’s right eye
should be set at “open” (figure 2), whereupon the first turn of
spherical lens battery toward the nasal side places a +6.D sphere in
position. This should blur vision of average patient.
 4th—It is now only necessary to remember that an outward turn
toward temporal side of the instrument increases plus sphere power,
while a nasal turn decreases it. Therefore continue to reduce convex
spherical lens power until the large letter “E” on the distant test card
is clear. Then request patient to read as far down as possible,—a
rapid turn of a quarter diopter being readily accomplished with the
Ski-optometer (Fig. 4).
5th—In the event of working down to “zero” with spheres, the
supplementary disk handle or indicator should next be set at -6.D
sphere, while the spherical reel should be turned toward the nasal
side—thus building up on minus spheres (Fig. 6). In short, the
strongest plus sphere or weakest minus sphere should always be
determined before employing cylinders.
6th—With the best spherical lens that the patient will accept left
in place, direct attention to the letter E or F in the lowest line of type
the patient can see on the distant test letter chart. Then set axis
indicator at 180° (Fig. 7).
7th—Next increase concave cylinder power until vision is
improved. If vision is not improved after increasing cylinder strength
to -.50 axis 180°, merely reverse the axis to 90°. If vision is
improved, cylinder lens strength should be increased. If not, it should
be decreased (Fig. 8).
8th—Slowly move axis indicator through entire arc of axis, thus
locating best possible axis (Fig. 7).
9th—After sphere and cylinder test of right eye has been made,
place supplementary disk handle at “shut.” Then repeat procedure in
testing left eye.
10th—After completing examination for each eye separately,
then, with both of the patient’s eyes open, direct attention to lowest
line of type he can see, concentrating on the E or F, simultaneously
increasing or decreasing spherical power before both eyes. The
refractionist merely recalls that by turning the Ski-optometer’s single
reel toward the temporal side, convex spherical power is increased,
by turning toward the nasal side for either eye, spherical power is
decreased. Cylinder lens strength may be changed in a like manner
before both eyes simultaneously.
11th—After making the distance test, then only is it necessary to
copy the result of the examination as recorded by the Ski-optometer.

Subjective Reading Test

Tilt Ski-optometer forward in making reading test. The wide
groove in the horizontal bar supporting the instrument, permits it to
be slightly tilted.
12th—Place Ski-optometer reading rod in position with card at
about 14 inches. Close off one eye. Direct patient’s attention to the
name “Benjamin” printed at top of card.
13th—Leave cylinder lens in place. Proceed as in distance test
with +6.D sphere, fogging down until the first word “laugh” on the
reading card, in line 75M, is perfectly clear, this being slightly smaller
than the average newspaper type.
14th—After completion of examination for each eye separately,
then with both eyes direct patient’s attention to word “laugh.” Move
reading card in or out a few inches either side of 14 inch mark. This
will determine any possibility of an over-correction. Then record
prescription just as Ski-optometer indicates. For a detailed
description of above, as well as for objective testing with the Ski-
optometer, read chapter three.
 Chapter VI
MUSCULAR IMBALANCE

T he purpose of the present chapter is to acquaint the refractionist

with the operation of the Ski-optometer as “a scientific instrument
for muscle testing”—the subject being treated as briefly and
comprehensively as is practicable.
As the reader progresses in the subject of muscular anomalies,
he may carry his work to as high a plane as desired, increasing his
professional usefulness to an enviable degree.
Through the use of the Ski-optometer, muscle testing may be
accurately accomplished in less time than a description of the
operation requires. Furthermore, tedious examinations may be
wholly overcome through the discontinuance of the consecutive
transference of the various degrees of prisms from the trial-case. In
fact, the latter method has long been quite obsolete, owing to the
possibility of inaccuracy. The muscle action of the eye is usually
quicker than the result sought through the use of trial-case prisms;
hence muscle testing with the Ski-optometer is accomplished with far
greater rapidity and accuracy, thus making the instrument an
invaluable appliance in every examination.

The Action of Prisms

Students in refraction—and one may still be a student after years
of refracting—are sometimes puzzled as to just what a prism does
when placed before an eye. They refer to every available volume
and are often confused between ductions and phorias, finally
dropping the subject as an unsolvable problem. In view of this fact, it
is suggested that the refractionist should read the present volume
with the actual instrument before him.
 Before proceeding, one should first understand the effect of a
prism and what it accomplishes. To determine this, close one eye,
looking at some small, fixed object; at the same time, hold a ten
degree prism base in before the open eye, noting displacement of
the object. This will clearly show that the eye behind the prism turns
toward the prism apex.
To carry the experiment further, the following test may be
employed on a patient. Covering one eye, direct his attention to a
fixed object, placing the ten degree prism before the eye, but far
enough away to see the patient’s eye behind it. As the prism is
brought in to the line of vision, it will be seen that the eye turns
towards the apex of the prism. When the prism is removed, the eye
returns to its normal position.
Similar experiments enable the refractionist to make the most
practical use of treating phorias and ductions, as well as to
comprehend all other technical work.
 Fig. 13—An important part of the
equipment for muscular work.

The Phorometer
As previously stated, it is practically impossible to accurately
diagnose a case of muscular imbalance with trial-case prisms. For
this reason the phorometer forms an important part of the equipment
for muscle testing in the Ski-optometer, having proven both rapid and
accurate. It consists of two five-degree prisms with bases opposite,
each reflecting an object toward the apex or thin edge. The patient
whose attention is directed to the usual muscle-testing spot of light,
will see two spots.
 Aside from the instrument itself, and in further explanation of the
phorometer’s principle and construction, when two five-degree
prisms are placed together so that their bases are directly opposite,
they naturally neutralize; when their bases are together, their
strength is doubled. Thus while the prisms of the phorometer are
rotating, they give prism values from plano to ten degrees, the same
being indicated by the pointer on the phorometer’s scale of
measurements.
As a guide in dark-room testing, it should be noted that the
handle of the phorometer in a vertical position is an indication that
the vertical muscles are being tested; if horizontal, the horizontal
muscles are undergoing the test.

The Maddox Rod

The Maddox rod (Fig. 14) consists of a number of red or white
rods, which cause a corresponding colored streak to be seen by the
patient. This rod is placed most conveniently on the instrument,
being provided with independent stops for accurately setting the rods
at 90 or 180 degree positions. The Maddox rod has proven of
valuable assistance in detecting muscular defects, particularly when
used in conjunction with the phorometer. Thus employed, it enables
the patient to determine when the streak seen with one eye crosses
through the muscle-testing spot-light observable by the other eye, as
hereafter described.
 Fig. 14—The Maddox Rod,
a valuable aid in making muscular tests.

Procedure for Making the Muscle Test

The Ski-optometer should be equipped with two Maddox rods,
one red and one white. Their combined use is of the utmost
importance since they assist in accurately determining cyclophoria
and its degree of tortion as designated on the degree scale, and fully
described in a later chapter.
When the Maddox rods are placed in a vertical position, it is an
indication that the vertical muscles are being tested; when placed
horizontally, the horizontal muscles are being tested. It should be
particularly noted that the streaks of light observable through the
Maddox rods always appear at right angles to the position in which
they lie.
 The Ski-optometer should be placed in a comfortable position
before the patient’s face with the brow-rest and pupillary distance
adjusted to their respective requirements. The instrument should be
levelled so that the bubble of the spirit level lies evenly between its
two lines, thus insuring horizontal balance. The muscle test light
should be employed at an approximate distance of twenty feet on a
plane with the patient’s head. Best results in muscle testing are
secured through the use of the Woolf ophthalmic bracket, with iris
diaphragm chimney and a specially adapted concentrated filament
electric lamp (Fig. 9). This gives a brilliant illumination which is
particularly essential. The test for error of refraction should be made
in the usual manner, using the spherical and cylindrical lenses
contained in the Ski-optometer, thus obviating the transference of
trial-case lenses and the use of a cumbersome trial-frame. The time-
saving thus effected enables the refractionist to include a muscle test
in every examination and without tiring the patient—a consideration
of the utmost importance.

Binocular and Monocular Test

The test for muscular imbalance may be divided in two parts.
First, binocular test, or combined muscle test of the two eyes;
second, monocular test, or muscle test of each eye separately. The
latter does not signify the shutting out of vision or closing off of either
eye, since muscular imbalance can only be determined when both
eyes are open. These two tests are fully explained in the following
chapter.
 Chapter VII
THE BINOCULAR MUSCLE TEST

Made with the Maddox Rod

and Phorometer

D irecting the patient’s attention to the usual muscle testing spot

of light, the red Maddox rod should be placed in operative
position before the eye, with the single white line or indicator on
red zero (Fig. 15). The rods now lie in a vertical position.
 Fig. 15—The Maddox rods placed
vertically denote test for right or left
hyperphoria, causing a horizontal streak to
be seen by patient.
The pointer of the phorometer should likewise be set on the
neutral line of the red scale, causing the handle to point upward (Fig.
16). A distance point of light and a red streak laying in a horizontal
position should now be seen by the patient.
 Fig. 16—The phorometer handle placed
vertically, denotes vertical muscles are
undergoing test for right or left hyperphoria
—as indicated by “R. H.” or “L. H.”
Instead of memorizing a vast number of rules essential where
trial case prisms are employed for testing ocular muscles, the pointer
of the phorometer indicates not only the degree on the red scale, but
the presence of right hyperphoria (R. H.) or left hyperphoria (L. H.).