Your organization completes a data classification initiative and discovers that 40% of data labeled "confidential" has not been accessed in over three years. Storage costs are significant. Data owners across business units cannot confirm whether retention requirements still apply. What should you recommend FIRST? A. Archive the dormant data to lower-cost storage with existing classification labels B. Conduct a retention review with data owners and legal to validate regulatory obligations C. Declassify the unused data to reduce protection overhead and storage costs D. Implement automated data lifecycle policies to purge data exceeding retention thresholds Come back for the answer tomorrow, or study more now!

When implementing a multi-factor authentication system for a high-security environment, which combination provides the MOST effective balance between security strength and user convenience? a. Password and security questions b. Smart card and PIN c. One-time password (OTP) and voice recognition d. Hardware token and fingerprint scan

I passed the CISSP today 03/23. I studied for roughly 3 months using various resources. I wanted to thank this study group for the practice questions. Here is a jumbled list of the resources I used and probably forgot a few. Exam Questions: Learnzapp and CISSP app The Destination Certification App also comes with over a thousand free questions and flash cards that are somewhat like the exam LinkedIn Learning Practice Exams (pretty good) Books ISC2 CISSP Certified Information Systems Security Professional Official Study Guide, 10th Edition by Mike Chapple (I read this whole book and used the companion site for questions) CISSP Exam Cram: https://www.youtube.com/playlist?list=PL7XJSuT7Dq_XPK_qmYMqfiBjbtHJRWigD Why you will pass the CISSP: https://www.youtube.com/watch?v=v2Y6Zog8h2A 50 CISSP Practice Questions. Master the CISSP Mindset: https://www.youtube.com/watch?v=qbVY0Cg8Ntw Destination Certification Mindmaps and the practice questions on their channel: https://www.youtube.com/watch?v=hf5NwUSEkwA&list=PLZKdGEfEyJhLd-pJhAD7dNbJyUgpqI4pu Luke Ahmed's Video : https://www.youtube.com/watch?v=MHbdNMRLafA Prabh's coffee shots: https://www.youtube.com/watch?v=3doR2wA2nJM

Passed CISSP (2nd attempt)! Big thanks to Vincent Primiani and the CISSP Study Group team — the daily quizzes, app practice, and sessions (despite IST timezone challenges) made a real difference. Formal thank-you message to Vincent Primiani and team (direct message or email) #CISSP #Certification

A remote workforce uses split-tunnel VPN to reduce bandwidth costs. The security team discovers employees are accessing sanctioned SaaS applications directly from home networks, bypassing the corporate proxy and DLP controls. Management values the current performance gains. What is the MOST appropriate recommendation? A. Switch to full-tunnel VPN to route all traffic through corporate controls B. Deploy a cloud-based secure web gateway to enforce policy at the endpoint C. Accept the risk and document the DLP gap as a known exception D. Restrict SaaS access to corporate-managed devices only Come back for the answer tomorrow, or study more now!