Sometimes its helpful to just know the answer ... I've spent a long time committing the wrong things to memory by guessing, and thats never been more apparent than while studying for the CISSP. It can be helpful to just read a TRUE statement, and say "okay 🤷‍♂️"... IPsec, or Internet Protocol Security, can provide encryption, access control, nonrepudiation, and message authentication using public key cryptography. In an infrastructure as a service (IaaS) environment, the company that provides cloud environment has final control of all the virtual machines and networks. Thus, to protect data, the best option is to encrypt the data. NetFlow records contain an entry for every network communication session that took place on a network and can be compared to a list of known malicious hosts. The most common cause of a false positive for a water-based system is human error. If you turn off the water source after a fire and forget to turn it back on, you'll be in trouble for the future. Data retention policies can reduce the amount of old logs and other files that may need to be produced during a legal case. Duress systems are intended to allow employees to notify security or others when they are in a dangerous situation or when they need help. The CIS benchmarks provide a useful security standard and baseline to assess systems against or to configure them to.

Hello friends, I have passed my CISSP exam on October 31st. I was doing intensive preparation during July – October. I made schedule and appointed time at each day. Obviously that I was not following all days due to family/job/personal circumstances, but in 90% it was possible to follow. I have 10 years dedicated experience in industrial cyber security and most of the technical domains was less or more easier for me, but Risk Management, Information Security Governance, Software development and especially CISSP mindset was really “terra incognito” for me. I did not acquire any bootcamps or in class trainings. I was using below resources in the following sequence: 1. Kelly Handerhan videos dated by 2017 2. ICS2 2021 book (reading respective chapter after completion watching video from step#1) 3. Doing Learnzapp test (Do not take Learnzapp questions as the real or similar to the CISSP exam, it is not true. The questions good to learn ICS2 book only) 4. Watching videos on the @PrabhNair1 and Andrew Ramdayal channel 5. Reading success stories in Skool CISSP Study Group (thanks to all folks in Skool community and to @M B for your time to answer on my questions) The exam was really not easy (before I was passed GICSP and CISM exams). I had the following challenges: 1. Domain#8 Software Development questions (I had a lot in my exam) 2. Could security questions 3. Language barrier – some questions I really was not able to understand due to specific English write up, despite I am living and working in English speaking environment. 4. Time, time, time. I have completed 150 questions in 171 min. I used only 2 minute break during the exam. Sometimes I was giving myself only 10-15 seconds on the question, to accumulate time for more challenging questions. The below picture is my Learnzapp balance on the last day of the exam. The progress bar was very subjective for me, but it was helping to track weakness and strength in the domains. As well it was good to quickly learn particular information by reviewing the test results (I suggest to review both - wrongly and correctly answered questions), it directs in dedicated ICS2 book chapter where you can read enhanced information.

Booking a date for the exam and then counting down the days, was really difficult for me to do. So, after the last group session on Thursday, I thought this would be a good time for me to test my knowledge. So yesterday I booked the exam for this afternoon and by the grace of the GOD and knowledge shared by everyone in this group and prayers of my family, I was able to successfully get through this exam. The journey was really challenging but I would like to take a moment to thank each and every one of you for your support. Special shoutout to @Josh Botz @Vincent Primiani @Clifford Jenkins @S M @M B @Sara M@Asad Anwer @Deepu Thomas

Happy to share that I passed the exam yesterday. Thank you everyone in the group. You guys have been really helpful and the discussion in the group has been key to cover relevant ground. Wishing all the very best who is planning to take the exam. Just go for it.

Does anyone recommend any CISSP course Podcasts? I've seen the posts here with episodes that talk about the test, but I'm looking for audio based training that I can listen to when I can't watch. I've been listening to this one and it's ok. I'm looking for others https://pca.st/podcast/c1708020-b623-013b-f3d5-0acc26574db2