I passed the CISSP yesterday. It has been an immense journey and this community has been instrumental and has been great to collaborate and I will continue to do so. You will never feel 100% ready to take this exam, you just have to go for it! I used official study materials to prepare and this community for Q&A which I believe is a great preparation source. Keep pushing, you will get there all that hard work will pay off.

ISC2 published this yesterday. It maps out exactly how AI security concepts show up across the CISSP exam. This is NOT a new exam outline. The current outline (April 2024) already has AI baked in. But this document spells out the specifics so you know what to expect. The big picture: AI isn't a separate topic. It's woven into everything from risk management (Domain 1) to software development security (Domain 8). A few things that stood out to me: - You need to know about protecting training data and model weights (Domain 2) - Prompt injection and adversarial attacks are fair game (Domain 3) - AI red teaming is now part of security testing (Domain 6) - Managing identities for AI agents and service accounts - least privilege still applies (Domain 5) - Model drift and AI in the SOC are covered in operations (Domain 7) If you're studying right now, don't panic. Most of this maps to concepts you already know -- just applied to AI systems. But you should absolutely be familiar with terms like data poisoning, adversarial attacks, algorithmic bias, model drift, and prompt injection. On our end we're going to keep weaving more AI-focused questions into the https://cissp.app and bringing more of this into our study group discussions. I attached the PDF if you want to read the full thing.

🥳As of today we are now 2,000 members strong, from all over the world, and growing! Congrats to our top participants in the daily practice questions!! Your perspectives are being heard! @Hassan Na @Lanre Ojurongbe @Ivo Mulders @David Hawkins @Vasantha Garner Thank you everyone! Looking forward to 2k more with you all!

Your CEO's teenager was caught running a Minecraft server on the company's disaster recovery infrastructure 🤯. The CEO insists it's "just a game" and demands you leave it alone. What should you do FIRST? A. Document the unauthorized use and escalate through the governance process B. Quietly migrate the Minecraft server to a less critical system C. Allow it temporarily since the CEO has executive authority over all assets D. Disconnect the server immediately and notify the incident response team Come back for the answer tomorrow, or study more now!

I am happy to inform you all that I passed the CISSP exam yesterday 31 Jan 2026!!! It was a great experience. I really appreciate this platform and people on the platform that helped me in solidifying the CISSP mindset from numerous exam practices. At 100 question the test engine stopped and advised me to complete a survey!!! at that time I had 90min left on the clock!!! I really paced myself on the test!!! My advice: ALWAYS THINK LIKE A MANAGER!!! IF I CAN DO IT YOU CAN DO BETTER!!!