Pinned
Jul '24 •
Introductions
Welcome to the group! Please share what you hope to gain from being here, and for fun, tell us the best piece of advice you've ever received!
Pinned
Sep 8 •
🚨 Study Group Takeovers 🚨
May is one of the most respected CISSP instructors worldwide. She’s a ISC2 Board Member, co-author of the Official CISSP Study Guide, TEDx speaker, bestselling author (Scams, Hacking, and Cybersecurity), and a recognized leader in the global infosec community. Here’s what this means for you: 📚 Saturday Study Group Takeover - This is a chance to learn directly from one of the best and show her what Study Group is all about. 💡 CPE Credit – You can self-submit for 2 CPE credits for attending any Study Group session. 🎤 Pop-In Q&A – Keep joining Study Groups, because you never know when May might drop in for a quick Q&A. 🤝 Exciting Collaboration – This is just the beginning. May is supporting our community as the go-to place for those just starting, self-studying, or looking for a group to prepare for the CISSP with peers. Let’s pack Study Group and bring our best energy to show May the strength of our community. Show May your appreciation in the comments!
3h •
CISSP Practice Question (Domain 8: Software Development Security / CI-CD Pipeline Controls)
An organization integrates automated security testing into its CI/CD pipeline. Shortly after deployment, build times increase significantly, and developers begin bypassing security checks to meet release deadlines. Senior management is concerned about both security and delivery velocity. What should the security lead do FIRST? A. Disable automated security testing to restore build speed B. Tune and prioritize security tests based on risk and criticality C. Enforce strict policy violations and discipline developers D. Move security testing entirely to post-deployment monitoring
1d •
CISSP Practice Question (Domain 4: Communication & Network Security / Zero Trust Architecture)
An organization adopts a Zero Trust model and removes implicit trust between internal network segments. Shortly after deployment, several business-critical applications experience latency and intermittent access failures. Leadership questions whether the Zero Trust initiative should be rolled back. What should the security architect do FIRST? A. Roll back Zero Trust controls to restore application performance B. Perform a targeted assessment to identify policy enforcement points causing disruption C. Permanently whitelist affected applications to bypass Zero Trust controls D. Escalate the issue to vendors to redesign the Zero Trust architecture
2d •
CISSP Practice Question (Domain 2: Asset Security / Data Lifecycle & Retention)
An organization migrating legacy file shares to a cloud collaboration platform discovers that several datasets contain regulated records with no documented retention periods or data owners. The business wants immediate migration to meet a project deadline. What should the security manager do FIRST? A. Migrate the data and address ownership and retention after cutover B. Identify data owners and define retention requirements before migration C. Apply default retention policies to all datasets to avoid delay D. Escalate the issue to legal and halt the migration indefinitely
1-30 of 1,801
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+32
2
+29
3
+27
4
+24
5
+18
Powered by