Hey everyone. Can someone please explain the difference in Risk Avoidance and Risk Acceptance and when should I use one or the other?

Hello Everyone, I passed the CISSP this past Saturday. Thank you all for your insights and coaching. Reach out to me if you want to talk, pscheuer66@outlook.com. Take care.

Hello friends, I passed my CISSP exam today!!!! A BIG thank you to the CISSP team for providing this platform. I appreciate all the support and guidance provided by members and facilitators. I have been sitting for professional exams for a long time now but the CISSP stands out to be unique, exceptional with an intriguing level of difficulty. IT WASN'T EASY BUT IT WAS WORTH IT!!! To everyone aspiring to take the exam, study hard, believe in yourself and go for it!!! Once again thank you all! Cheers!!!!

Hello friends, I have passed my CISSP exam on October 31st. I was doing intensive preparation during July – October. I made schedule and appointed time at each day. Obviously that I was not following all days due to family/job/personal circumstances, but in 90% it was possible to follow. I have 10 years dedicated experience in industrial cyber security and most of the technical domains was less or more easier for me, but Risk Management, Information Security Governance, Software development and especially CISSP mindset was really “terra incognito” for me. I did not acquire any bootcamps or in class trainings. I was using below resources in the following sequence: 1. Kelly Handerhan videos dated by 2017 2. ICS2 2021 book (reading respective chapter after completion watching video from step#1) 3. Doing Learnzapp test (Do not take Learnzapp questions as the real or similar to the CISSP exam, it is not true. The questions good to learn ICS2 book only) 4. Watching videos on the @PrabhNair1 and Andrew Ramdayal channel 5. Reading success stories in Skool CISSP Study Group (thanks to all folks in Skool community and to @M B for your time to answer on my questions) The exam was really not easy (before I was passed GICSP and CISM exams). I had the following challenges: 1. Domain#8 Software Development questions (I had a lot in my exam) 2. Could security questions 3. Language barrier – some questions I really was not able to understand due to specific English write up, despite I am living and working in English speaking environment. 4. Time, time, time. I have completed 150 questions in 171 min. I used only 2 minute break during the exam. Sometimes I was giving myself only 10-15 seconds on the question, to accumulate time for more challenging questions. The below picture is my Learnzapp balance on the last day of the exam. The progress bar was very subjective for me, but it was helping to track weakness and strength in the domains. As well it was good to quickly learn particular information by reviewing the test results (I suggest to review both - wrongly and correctly answered questions), it directs in dedicated ICS2 book chapter where you can read enhanced information.

An Info Sec manager is advised by contacts in law enforcement that there is evidence that the company is being targeted by a skilled gang of hackers known to use a variety of techniques, including social engineering and network penetration. The FIRST step that the Security Manager should take is: