I have been working on an inhouse AI tool members can use to help them study for the CISSP. Check it out here https://studio.cisspstudygroup.com !

Okay, I've set up my CISSP exam for November 5th. Wish me luck, say some prayers for me, I'm going to pass this and then go on to Security+ and CCNA.

MANAGERIAL MINDSET FRAMEWORK That i Follow for my ISC2 and ISACA Exams 1. P - Policy & Strategy Level 2. R - Risk-Based Decisions 3. O - Operational Impact 4. T - Technical Details (Last consideration) For Example A global organization experiences frequent system outages during patch deployments. The CISO needs to improve the patching process while minimizing business disruption. Which of the following approaches would BEST address this issue? A. Implement automated patch deployment tools across all systems B. Develop a risk-based patch management strategy with defined maintenance windows. C. Increase the frequency of patch deployments; D. Deploy redundant systems for failover during patching ELIMINATION PROCESS: Step 1: Apply Business-First Thinking · Identify business impact (system outages, disruption) · Consider strategic objectives (stability, availability) Step 2: Eliminate Tactical/Technical-Only Solutions · Eliminate A: Pure technical solution, no business consideration · Eliminate C: Increases problem frequency, no strategic value Step 3: Compare Remaining Options Through Risk Lens · Option B: Strategic, risk-based, considers business impact · Option D: Technical redundancy, costly, doesn't address root cause Step 4: Select Best Management-Level Solution · Choose B: Provides strategic framework, considers business needs, manages risk 1. WHY B IS CORRECT: · Strategic approach · Risk-based decision making · Considers business operations · Provides management framework · Balances security with business needs Remember: · Always choose strategic over tactical · Risk-based over technical-only · Business impact over technical capability Long-term solution over quick fix Created By: Prabh Nair (He/Him) 2nd degree connection2nd CISO for Day | Your Mentor for Life🏆 | Podcaster | CISSP-ISSAP| CGRC| CCSP | CSSLP | CISM | CRISC | CISA | CDPSE | CIPM | CIPP/E

*Scenario* Chris is conducting reconnaissance on a remote target and discovers that pings are allowed through his target's border firewall. What can he learn by using pings to probe the remote network?

Fred's data role requires him to maintain system security plans and to ensure that system users and support staff get the training they need about security practices and acceptable use. What is the role that Fred is most likely to hold in the organization?