🥳As of today we are now 2,000 members strong, from all over the world, and growing! Congrats to our top participants in the daily practice questions!! Your perspectives are being heard! @Hassan Na @Lanre Ojurongbe @Ivo Mulders @David Hawkins @Vasantha Garner Thank you everyone! Looking forward to 2k more with you all!

Your CEO's teenager was caught running a Minecraft server on the company's disaster recovery infrastructure 🤯. The CEO insists it's "just a game" and demands you leave it alone. What should you do FIRST? A. Document the unauthorized use and escalate through the governance process B. Quietly migrate the Minecraft server to a less critical system C. Allow it temporarily since the CEO has executive authority over all assets D. Disconnect the server immediately and notify the incident response team Come back for the answer tomorrow, or study more now!

I am happy to inform you all that I passed the CISSP exam yesterday 31 Jan 2026!!! It was a great experience. I really appreciate this platform and people on the platform that helped me in solidifying the CISSP mindset from numerous exam practices. At 100 question the test engine stopped and advised me to complete a survey!!! at that time I had 90min left on the clock!!! I really paced myself on the test!!! My advice: ALWAYS THINK LIKE A MANAGER!!! IF I CAN DO IT YOU CAN DO BETTER!!!

A financial institution uses continuous control monitoring to support regulatory examinations. During a supervisory review, regulators challenge whether reported control effectiveness constitutes “reasonable assurance,” given that testing criteria, thresholds, and exception handling are defined by the same team operating the controls. Leadership wants defensible assurance without dismantling automation. What is the MOST appropriate action to take NEXT? A. Rotate control owners periodically to reduce familiarity bias B. Establish independent assurance criteria and validation over monitoring logic C. Increase sampling depth and testing frequency across automated controls D. Supplement dashboards with annual external audit attestations Come back for the answer tomorrow, or study more now!

I felt like such a robot 🤖 posting the question this morning. I needed to say hello to all our wonderful members!! Okay, okay, the question... A company deploys a zero trust network where every request is authenticated, authorized, and encrypted. During an incident, investigators cannot reconstruct attack paths because traffic patterns are indistinguishable once inside the fabric. Security wants forensic clarity without weakening zero trust principles. What is the MOST appropriate architectural adjustment? A. Decrypt and inspect all internal traffic at centralized gateways B. Implement per request cryptographic identity and flow labeling C. Increase east west traffic logging at network choke points D. Reintroduce internal trust zones to simplify attribution Come back for the answer tomorrow, or study more now!