Hi Parn, - LearnZapp is the official training site for the ISC2 CISSP certification, you can try it for free with limited number of questions and flashcards, then there are few subscription plans, monthly, quarterly and so forth. it is pretty good and very much has similar questions and flashcards as the ISC2 OSG by Mike Chapple. here is the link to https://isc2-learnzapp.web.app/ - You can also watch Destination Certification serious Mind Map by Rob Whitchler for all 8 domains, nice overview - CISSP EXAM CRAM by Pete Zerger https://www.youtube.com/watch?v=iEBHjVcu_8s&list=PL7XJSuT7Dq_XPK_qmYMqfiBjbtHJRWigD&index=16 - CertMike by - - Mike Chapple https://certmike.com/videos/ - https://thorteaches.com/ By Thor Pedersen I hope these training aids could be good source for you.

@Anand Agarwal You are very welcome

@Anand Agarwal Actually that was a tricky question, as it said "Biba model What is the implied meaning" which is Read Up and Write Down. The simple property of Biba is no read-down but you can Read Up.

@Anand Agarwal simple property of Biba No Read-Down, but implied meaning is Read-up

C. A ciphertext to choose from is unclear A chosen ciphertext attack (CCA) is a type of cryptographic attack where the attacker can choose ciphertexts and obtain their corresponding decrypted plaintexts. In public-key cryptography, this type of attack relies on certain vulnerabilities in the encryption algorithm or protocol that allow an attacker to manipulate or choose ciphertexts for decryption, gaining information about the plaintext or secret key. The vulnerability in this context is that if an attacker can choose a ciphertext and observe the result of decryption, it becomes easier to derive information about the encryption system or the plaintext, and thus compromise security.