I didn’t pass my test today. I’m so frustrated with this exam. I’m going to retest in 4 weeks.

Hello sportfans ! I chest-bumped the finish line on Friday passing at #101 in 2.5 hours. (Took all the time I needed on each question... better to be right slowly than wrong fast, if you know the joke about the fast math at the interview) Wanted to call out the huge help this community was in the early days of my prep - @Vincent Primiani , Josh, @Sara M @S M @Clifford Jenkins @Alex Akyuz @Mohyeldin Ibrahim @Roshan Laloo @M B @Akhil D @Jerahmeel Madumere and everyone who shows up and shares. Please Note: Your feeling of inadequacy increases as you get closer to the exam and reaches fever pitch during the exam - kick those gremlins aside and bold go get what you worked for. You ran the Marathon. You won already. Thanks and see you in the 'hood.

Well I provisionally passed my CISSP today. I will out of communication for a week, but I promise I will share what, how etc when I return. I will leave you with this, my exam was mostly long form questions, unlike others here who have said they had single sentence questions.

Due Diligence - Definition: The ongoing effort to systematically identify, evaluate, and mitigate risks while ensuring compliance with legal, regulatory, and ethical standards. - Focus: Proactive and preventative measures. Key Activities examples: - Establishing and maintaining security policies and procedures. - Conducting regular risk assessments. - Ensuring vendor compliance and monitoring supply chain Risk Training employees on security and compliance requirements. - Performing audits and reviews to identify vulnerabilities and inefficiencies. Due diligence demonstrates that the organization has taken "proactive steps" to protect its assets and meet obligations. It’s about creating a strong security posture before issues arise. Due Care - Definition: Taking the right actions in response to specific situations to protect the organization and its stakeholders. - Focus: "Reactive measures and responses". Key Activities Examples: - Applying security patches promptly when vulnerabilities are discovered. Responding to incidents with appropriate measures. - Following the organization’s policies and procedures during a crisis. Making decisions that reflect responsibility and caution to avoid negligence. Due care emphasizes responsible actions taken during or after a situation to minimize harm or risk. Relationship Between Due Diligence and Due Care Summary - Due diligence is Proactive and preventative measures establishing and maintaining a foundation of good practices, policies, and controls. - Due care is Reactive measures and responses applying those practices responsibly in day-to-day operations and specific incidents.

What is the most important security control to protect backup tapes? - A. Locked shipping container with tempering protection - B. Data encryption - C. Private couries - D. No backups