Activity
Mon
Wed
Fri
Sun
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
Dec
Jan
Feb
Mar
What is this?
Less
More
Memberships
CyberMAYnia CAREER
356 members • Free
CISSP Study Group
2k members • Free
107 contributions to CISSP Study Group
1d •
CISSP Practice Question (Domain 2: Asset Security)
Your organization completes a data classification initiative and discovers that 40% of data labeled "confidential" has not been accessed in over three years. Storage costs are significant. Data owners across business units cannot confirm whether retention requirements still apply. What should you recommend FIRST? A. Archive the dormant data to lower-cost storage with existing classification labels B. Conduct a retention review with data owners and legal to validate regulatory obligations C. Declassify the unused data to reduce protection overhead and storage costs D. Implement automated data lifecycle policies to purge data exceeding retention thresholds Come back for the answer tomorrow, or study more now!
1 like • 1d
A. Archive the dormant data to lower-cost storage with existing classification labels ( Apparently good option in the business interest for cost effectiveness, however, premature without validated retention requirements and absence of clear data rentention policy). 👉Arbitrary cost-driven, arbitrary action that bypasses governance, ignores risk, and lacks legal validation without long term and end goal. B. Conduct a retention review with data owners and legal to validate regulatory obligations ( Best option as Data owner is responsible for retention requirmeents in correspondence with legal opinion for data retention obligation conforming to regulation like GDPR ). C. Declassify the unused data to reduce protection overhead and storage costs ( its data owner's prerogative to declassify / reclassify the classfied data keeping the regulation and data rentetion policy in view, if data owner is not able to confirm, its data governnace gap). D. Implement automated data lifecycle policies to purge data exceeding retention thresholds ( Automation should follow defined and approved data lifecycle policies and reasonable after clearly articulated data life cycle policy which seems missing in this scenario and 'B' is thsi best first option for further proceeding with A or D).
4d •
Question - CISSP
When implementing a multi-factor authentication system for a high-security environment, which combination provides the MOST effective balance between security strength and user convenience? a. Password and security questions b. Smart card and PIN c. One-time password (OTP) and voice recognition d. Hardware token and fingerprint scan
0 likes • 1d
Author of the question mark 'D' as correct, however, AI considering 'B' with the follwing justifications : ✅ B. Smart card + PIN - Something you have (smart card) - Something you know (PIN) - Widely used in enterprises - Good usability + strong security 👉 Very balanced ✔️ D. Hardware token + fingerprint - Something you have + something you are - Very strong security ✅ BUT: - Biometrics: Privacy concerns False positives/negatives Cannot be changed if compromised 👉 Strong but less convenient / higher friction
5d •
CISSP Pass
I passed the CISSP today 03/23. I studied for roughly 3 months using various resources. I wanted to thank this study group for the practice questions. Here is a jumbled list of the resources I used and probably forgot a few. Exam Questions: Learnzapp and CISSP app The Destination Certification App also comes with over a thousand free questions and flash cards that are somewhat like the exam LinkedIn Learning Practice Exams (pretty good) Books ISC2 CISSP Certified Information Systems Security Professional Official Study Guide, 10th Edition by Mike Chapple (I read this whole book and used the companion site for questions) CISSP Exam Cram: https://www.youtube.com/playlist?list=PL7XJSuT7Dq_XPK_qmYMqfiBjbtHJRWigD Why you will pass the CISSP: https://www.youtube.com/watch?v=v2Y6Zog8h2A 50 CISSP Practice Questions. Master the CISSP Mindset: https://www.youtube.com/watch?v=qbVY0Cg8Ntw Destination Certification Mindmaps and the practice questions on their channel: https://www.youtube.com/watch?v=hf5NwUSEkwA&list=PLZKdGEfEyJhLd-pJhAD7dNbJyUgpqI4pu Luke Ahmed's Video : https://www.youtube.com/watch?v=MHbdNMRLafA Prabh's coffee shots: https://www.youtube.com/watch?v=3doR2wA2nJM
1 like • 2d
congrats @Dj Sahoo
0 likes • 2d
how would u priortise the above resouce most relevent to real exam or just mix of all.
6d •
correction to comments in study group
Sensitive PII (Special Category Data under GDPR): FieldWhy SensitiveHealth information / medical recordsReveals physical or mental health → requires extra protectionCriminal records / offencesReveals past convictions → extra safeguards neededBiometric or genetic dataUniquely identifies an individual → highly sensitiveRacial or ethnic origin (if collected)Reveals ethnic background → sensitivePolitical opinions, religious or philosophical beliefs (if collected)Classified as sp
0
0
7d •
Passed CISSP on 21st March 2026!!
Passed CISSP (2nd attempt)! Big thanks to Vincent Primiani and the CISSP Study Group team — the daily quizzes, app practice, and sessions (despite IST timezone challenges) made a real difference. Formal thank-you message to Vincent Primiani and team (direct message or email) #CISSP #Certification
1 like • 6d
congrats, hope u will share your change in stretigy and preparation for 2nd attempt and deficiencies in 1st attempt. It will be very helpful.
1-10 of 107
Active 50m ago
Joined Dec 7, 2025
Powered by