MTC Group

Information Security (InfoSec) Professional Certification Exam Prep

Built by one, for those who want to be one.©

Original, CBK-aligned practice exams for CISSP® and CISM®, designed to get you ready for exam day, not just familiar with the material.

Practitioner-authored, not AI-dumped
Every question is written and reviewed by a credentialed security executive, scenario-based and CBK-aligned — cited to real sources (NIST, ISO, OWASP, GDPR, and more), not an auto-generated question dump or a reproduction of real exam items.
Practice, Standard, and Adaptive modes
Drill by domain with instant feedback, sit a full timed simulated exam, or take an adaptive exam that mimics real Computerized Adaptive Testing mechanics.
Readiness tracking
A domain-weighted readiness score and heatmap show exactly where to focus, backed by a spaced-repetition missed-question queue and a personalized Focus Areas Report once you've sat a baseline exam.
Concept flashcards, not rote memorization
Curated flashcards target the specific confusable pairs that sink people on exam day — quantitative vs. qualitative risk, RBAC vs. ABAC, and more — on a real spaced-repetition schedule, not a one-and-done deck.
Take notes as you study
Jot a mnemonic or a reason you missed a question right where you're answering it, in every mode — practice, standard exam, or adaptive — and review everything you've written in one place anytime.
CPE-ready Study Record
Every hour you spend — practice, exams, and flashcard review alike — rolls up into a Study Record you can use to self-report CPE credit to ISC2 or ISACA.

See what learners are saying →

Certifications

CISSP
ISC2Adaptive (CAT) exam format
CISM
ISACAFixed-length exam format

CISSP® is a registered certification mark of ISC2, Inc. CISM® is a registered certification mark of ISACA. MTC Group is not affiliated with, endorsed by, or sponsored by ISC2 or ISACA; these names are used solely to describe the subject matter of our practice exams.

Who's behind this

Rick A. Moore

Rick A. Moore, Ph.D., CISM, CCSFP, CPHIMS, FHIMSS, FACHE, PMP

Founder & CEO, MTC Group

Built by a healthcare information security executive, not an anonymous content pipeline. As CIO/CISO at NCQA, Rick designed and deployed a certified ISO/IEC 27001 information security management program that sustained more than a decade of external audits without a single non-conformity. His consulting practice has built and assessed SOC 2 and HITRUST CSF compliance programs for healthcare organizations, and he previously served as an auditor for DirectTrust.

He has also led health informatics for a 200+ hospital network, built EHR systems within the DoD Office of the Secretary of Defense, and served as adjunct faculty at four universities — including Hofstra University's graduate healthcare privacy, security, and informatics program and Virginia Commonwealth University's PhD-level health informatics program. Every question here is written and reviewed by someone who has actually carried the accountability these certifications test for — not generated and left unchecked.

Connect with Rick on LinkedIn →

Plans

Free
A 15-question sample per domain, for any certification.
Pro
$10/month or $100/year per certification — full question bank, Standard and Adaptive exam modes, readiness tracking, the missed-question queue, and a Study Record documenting your prep hours for CPE self-reporting to ISC2 or ISACA.
CISSP + CISM Bundle
$15/month or $150/year for both — everything in Pro, across both certifications, for less than buying them separately.
Get Started

Practice exam performance is a study aid, not a guarantee of your results on the actual CISSP or CISM exam. Paid plans renew automatically until cancelled — see our for billing and cancellation details.