Pinned
Jul '24 •
Don't forget your CPEs for Study Group attendance!
Make sure to self-submit your Study Group attendance for ISC2 CPEs!
Pinned
12d •
CISSP passed
Hi Everyone, I’m proud to share that I have provisionally passed the CISSP CAT exam today! It will definitely test your fitness, but it is all worth it. Huge respect to everyone here. For those who are still traveling, keep going; it will be worthwhile, and you will reach the end. Here's my personal strategy for exam prep. Note: This is still required reading: ISC2 CISSP Certified Information Systems Security Professional Official Study Guide & Practice Tests Bundle (Sybex Study Guide). Wave 1—Setup 1. Join https://www.skool.com/cybersecurity-study-group (obviously, you're here already 🙂). 2. Subscribe to https://cissp.app/ 3. Buy the book: https://leanpub.com/cissplastmile#about 4. Download and print out: https://destcert.com/cissp-mindmaps/ Wave 2—Study 1. Watch: https://www.youtube.com/watch?v=5BnhDVOnzmg 2. Watch: https://www.youtube.com/watch?v=gKe88tIeVYo 3. Watch in full: https://www.youtube.com/watch?v=aLIFzIBNM_8&list=PL7XJSuT7Dq_XPK_qmYMqfiBjbtHJRWigD 4. Watch in full: https://www.youtube.com/watch?v=hf5NwUSEkwA&list=PLZKdGEfEyJhLd-pJhAD7dNbJyUgpqI4pu 5. Go through the mind maps daily. 6. Read the book. 7. Use cissp.app and practice a minimum of 25 questions each day (three-month prep period). a. Check the gap analysis summary every 100 questions at the latest and go read up on your weak areas. Wave 3—Last month 1. Watch https://www.youtube.com/watch?v=5BnhDVOnzmg 2. Watch https://www.youtube.com/watch?v=gKe88tIeVYo
2d •
CISSP Practice Question (Domain 2: Asset Security)
A business unit requests permanent retention of all customer transaction records "in case we ever need them." Legal has not issued a hold, and the current retention schedule requires deletion after seven years. As the data owner's advisor, what is the BEST response? A. Honor the request since longer retention reduces legal discovery risk B. Enforce the existing retention schedule and require a formal exception with risk acceptance C. Migrate the records to cold storage to balance cost and accessibility D. Defer to Legal before taking any action on the records Come back for the answer tomorrow, or study more now!
Mar 29 •
CISSP Practice Question (Domain 6: Security Assessment and Testing)
Your organization passes its annual SOC 2 Type II audit with no findings. Two months later, a penetration test reveals a critical vulnerability in a customer-facing application that has existed for over a year. The board questions why the audit missed it. What is the BEST explanation? A. The penetration testing firm used more advanced techniques than the SOC 2 auditors B. SOC 2 evaluates control design and operating effectiveness, not technical vulnerability discovery C. The audit scope was improperly defined and should have included application testing D. The auditors failed to meet professional due diligence standards Come back for the answer tomorrow, or study more now!
2d •
CISSP passed
Hi everyone, I’m excited to share that I provisionally passed the CISSP exam yesterday. It’s definitely been a challenging journey, but the hard work has paid off. To prepare, I used a mix of resources including the official ISC2 study guide, the Destination Certification mind maps, and Peter Zerger’s YouTube videos. For practice questions, I used this platform and the LearnZapp app. A huge thank you to everyone in this group for the support, and I wish you all the best on your own journeys!
1-30 of 1,995
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+45
2
+41
3
+34
4
+31
5
+27
Powered by