I took and passed the CISSP exam yesterday, Friday May 16th, with 17 minutes to spare! I didn't take this exam alone. I walked into the exam hall with a virtual tribe of individuals lifting me on their shoulders. Their confidence in me, dispelled all of my fears and anxiety. Sitting in front of the examination computer, the questions seemed clear to me, even if my fundamentals may have been a bit fuzzy. I would not have passed the exam without the support of this Skool platform, our CISSP Community Study Group (CSG) and the personal connections that I have made via the study groups. Here is my attempt to thank everyone. If I missed someone, please attribute it to my excitement. @Christopher Schneider for introducing me to this platform, @Rebecca Kirk for suggesting that we form a Community Study Group(CSG), @Vincent Primiani for providing the platform, @Fouad Ahmed for motivational support and lots of great documents, @Shane Symons for supporting the group, our CSG members: @Annette Corona @Timilehin Ajibade @Maurice Lightfoot @Taiye Olorundare @Stan Lyubarskiy @Tahjar R @Mario Rasathurai @Reginald Johnson JR, @Randy Rempel. Special thanks to @Venkat Ayyer @Babur Farooq, @Peter Marie, who passed but continue to support the CSG and @Jolian Stephens @Martín Figueroa for the late night Quantum Question reviews. There are so many more..... My main resources: Original Study Guide: Nineth and Tenth Editions (Wiley Test Bank too)

I passed the CISSP this Monday! I relied on several resources that have been highly recommended by many in the community. Here’s a list of what I used: - LearnZapp - ISC2 Official Exam Prep App - Cert Mike - CISSP: Certified Information Systems Security Professional 2024 - CISSP Certification Prep - Pete Zerger CISSP Exam Cram 2024 - CISSP Prep Coffee Shots - 50 CISSP Practice Questions. Master the CISSP Mindset - How to PASS exam Certified Information Systems Security Professional CISSP in 12 hours Additionally, I utilized the following books as well: - The Official ISC2 CISSP CBK Reference - Official ISC2 CISSP Study Guide - Official CISSP Practice Tests, 4th Edition - CISSP All-in-One Exam Guide, Ninth Edition - Destination CISSP However, none of these courses, bootcamps, or videos directly covered the content that I saw in the examination. The CBK/OSG and LearnZapp were much more helpful. The most beneficial tool for me was using something like ChatGPT to understand concepts better and analyze questions. It really helped me understand why certain answers were better than others. Wishing all my fellow CISSP aspirants the best of luck on your journey! You’ve all got this!

To ace the CISSP exam, especially concerning Risk Assessment, here's a breakdown of best practices you should master: 1. Understand Core Risk Management Concepts: - Risk Triad: Thoroughly grasp the relationship between threats, vulnerabilities, and assets. Remember: Threat x Vulnerability = Risk. - Confidentiality, Integrity, and Availability (CIA Triad): Understand how risk assessment aims to protect these fundamental security principles. - Risk Management Process: Familiarize yourself with the cyclical process: Identification: Recognizing assets, threats, and vulnerabilities. Analysis: Evaluating the likelihood and impact of risks. Evaluation: Prioritizing risks based on their severity. Treatment: Selecting and implementing controls (mitigate, accept, avoid, transfer). Monitoring and Review: Continuously tracking risks and the effectiveness of controls. 2. Master Risk Assessment Methodologies: - Qualitative Risk Assessment: Understand how to use descriptive scales (high, medium, low) to assess likelihood and impact. Be familiar with tools like probability/impact matrices. - Quantitative Risk Assessment: Know how to calculate potential financial losses using metrics like: Asset Value (AV) Exposure Factor (EF) Single Loss Expectancy (SLE = AV * EF) Annualized Rate of Occurrence (ARO) Annualized Loss Expectancy (ALE = SLE * ARO)   - Hybrid Approaches: Recognize that many real-world risk assessments combine qualitative and quantitative methods. 3. Know How to Identify and Value Assets: - Tangible vs. Intangible Assets: Understand the difference and how to value both (e.g., data, reputation, intellectual property). - Asset Classification: Be familiar with categorizing assets based on sensitivity and criticality to the business. Inaccurate valuation leads to ineffective controls. 4. Understand Threat and Vulnerability Analysis: - Threat Modeling: Learn techniques like STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) to identify potential threats.   - Vulnerability Assessments and Penetration Testing: Understand their purpose in identifying weaknesses. - Threat Intelligence: Recognize the importance of staying informed about current and emerging threats.

I provisionally passed this morning!! I had all 150 questions. This study group, Cert Mike on LinkedIn Learning, LearnZApp, and lots of prayer! Thank you everyone for the support!

Hello everyone,I hope you're doing well. I have some free time at the moment and am interested in using it to enhance my skills, particularly in the areas of AI Cybersecurity. Could anyone recommend any reputable or in-demand certifications in these fields? I’d appreciate any suggestions or insights you might have. Thanks in advance.