I viewed most of your videos, especially the Domains 1-8 review. I saved this for last and I passed (provisionally)! Thank you! These videos helped tremendously!
I watched all of his videos regarding CISSP often in my study process. I combined these videos with Cybrary's content. His content compared with Cybrary is extremely spot on. While more brief, he gets the information you need to know condensed and accurate. I'm always suspicious of youtube content but this source is trustworthy. Honestly, surprised he did it all for free. This video in particular saved me as i listened to it on the drive to the exam. I dont ever comment on youtube but I want to give him credit. He helped me pass the exam and this video for sure is crucial. Thanks a lot!
Provisionally passed the CISSP exam last week, I could not have passed without the help of your videos. The way you broke down each domain was amazing. Thank you so much, these videos were life changing!!!
Just wanted to say a big thank you Pete. I provisionally passed the CISSP today and your videos helped a lot towards that. Thank you for putting out such quality content for free !!
I love the fact that he uses NOT for questions as most of the questions in CISSP and CCSP are about which of them is NOT correct or part of BIA etc. Meaning you HAVE to know what IS in order to answer what's NOT correct. You are awesome. Planning to take the test in June.
Hi Pete - I want to thank you for your videos, especially this one on the CISSP management mindset. I passed the test today and your videos helped immensely. Your tips and tricks were valuable. The test is tricky and, in some ways, an endurance test. Thank you!!
This was the single most important video that I watched in preparation for taking the CISSP exam. The methods you used to think through the questions were extremely helpful. This video came out just a couple days before my schedules exam, and I'm proud to say that your entire Exam Cram CISSP series and especially this video helped me get a pass!
I take the exam in 4 days and honestly I'm feeling pretty nervous. Thank you for these videos. They have helped me a lot with getting comfortable with the material.
Provisionally passed yesterday.. From netflix and chill to pete z yt and chill.. But honestly, i used the vid 2 hrs before my exam and it helped me a LOT! Thank you Pete z for helping us achieve our goal! Continue to be a blessing to EVERYONE!
This was informative and definitely worth every second, I walked in that exam thinking of my self as an Contracted manager to provide guidance to an organisation, this makes all the difference . thank you for the material.
Thank you very much, Pete Zerger, all your videos on 8 CISSP domains and supplementary videos like "Think like a manager" really helped me to pass the exam. I owe you my respect. Great work.
I would like to say 'Thank you' Mr. Zerger. I watched your videos during my prep in the last 2 months. I passed the exam earlier today. For those who are preparing, Guys, follow his advices ( not just watching this playlist), I believe you will pass your exams 😁!
Thank you so much Pete. Yeah. Indeed this is one of the most important videos I watched in my preparation for the exam. Thankfully I cleared the exam on my first try yesterday. Keep up the good work.
Your videos were very helpful! After book studies and many sample test from the official study guide, I watched all your videos! They helped me identify a few areas of weakness to which I did more research in. This specific video regarding having the mindset of a manager, was the final piece to the puzzle. I provisionally passed just yesterday. Thanks so much!
Hello Pete and all thé community. Just to Say a warmful thanks for tout work. All Ur advices made me pass the exam at this moment. Thks for this wonderful job
Many thanks, Pete for your awesome videos! They were instrumental in passing my exam. Some of the points and techniques you stressed especially in this video helped with deciding between two good answers.
@@daljitsandhu3897 It depends on the format offered. if he took from the 2021 update, the minimum was 100. From the 2021 update until April 14, 2024 - it's a minimum of 125 questions. ISC2 change their exam every 3 years and sometimes change the amount of questions offered.
Hi Pete, thanks to your videos, they laid the foundation for me such that I passed my CISSP in under a month. These have been extremely helpful to link the domains together in a meaningful and logical way, wondering if you will be doing something similar for CCSP? :)
In the outro, when you talk about asking the questions when choosing the options in the exam, how, what who where when and why, interestingly that is also Zachman framework for enterprise architecture access control matrix that also has those 6 perspectives in column section and rows has - conceptual, logical, physical, subcontractor, and actual system view in the matrix. I didn't see this mention in your video of processes, models video as well.
Never heard Zachman mentioned as an exam topic, and don't believe it's mentioned in the official study guide. Is "why didn't I cover Zachman framework?" your question?
No practice questions I've seen mirror the test all that well. You really have to focus on getting 90%+ on practice quizzes to confirm you have the knowledge. Then, watch the CISSP think like a manager video to ensure you have the right mindset, and you should be ready for exam day. Good luck! 🍀🤞👍
I got some good gems 💎 on this one! One topic I can’t seem to find a pattern on and is a 50/50 shot for me is Aggregation Inference Doesn’t seem to be that difficult at face value, but looking at the explanation in the official study guide, I’m not getting clarity. I know you explained it in a video, but maybe I need sock puppets on this one lol . Thanks for your help and hard work on these videos. They replaced Kelly H’s videos because they were too vague and chitchatty
I actually cover this in a video dedicated to "cyber attacks and countermeasures" I am publishing later today, but I'll tell you here. Here's the difference: "Inference - the ability to deduce or assume information from observing a (one) non-sensitive piece of information. Aggregation - the ability to create sensitive information by combining non-sensitive data from separate (multiple) sources." For example, I add up monthly sales receipts to get the secret quarterly sales numbers - that's aggregation. Observing a person in a black suit getting off at the subway stop by the White House and reaching to the conclusion that is one of the Presidents secret service agents - that's inference.
@@InsideCloudAndSecurity so I just took what you said which made sense. Page 204 question 15 of the official practice test book confused me that the answer was inference rather than aggregation, now re-reading it it says it pulled “total payroll expenses for a specific pay period” and compared it to a following pay period, thinking that there were multiple aggregated data pulls, but it was just one being compared to the referenced document. I think I get it now
I think the wording of that question might be a bit dodgy (they can't all be "the best" practice question). I think you will find the exam questions will leave no room for doubt.
@@InsideCloudAndSecurity lol yeah I have found a few questions where I have had to just smh and tell myself that that question will not be on the test lol
@@InsideCloudAndSecurity sorry for another question, I went through domain 6 of yours, is LDAP SSO or federated? or is it just used for on premise directory services?
Thanks for all the resources! Per your flashcard comment, it seems many sources offer them online. Could you please recommend hard-copy flashcards to order or the best printable source?
That's a tough one. Not possible from the Official Study Guide cards beyond one-at-a-time. Quizlet does allow printing card study sets, which gives you some material. See help.quizlet.com/hc/en-us/articles/360030635472-Printing-sets#:~:text=To%20print%20a%20set,Open%20a%20set.&text=(More%20menu).,Select%20Print. When I took the exam, I created and printed my own study PDFs (similar to my video formats) and had someone quiz me, asking random questions based on PDF slide contents.
That's weird. To give you confidence, here is another expert team explaining due care and due diligence to support my explanation th-cam.com/video/JgondPI995E/w-d-xo.html. Have a page number to the explanation Sybex got backwards? Would love to read to see if simply they have unusual/poor wording.
@@InsideCloudAndSecurity Page 23 of the OSG states that due care is the action, due diligence is the planning/policies. Also in Luke Ahmed's Think Like A Manager book starting on page 35 he agrees wit the OSG that due diligence = knowing, due care = doing. BTW thank you for your videos, taking the exam in a couple weeks and they are helpful.
@@bdon3434 Definitely a lot of definitive sources out there that agree with me on this, but glad there are multiple sources for you outside the official study guide (OSG). As Clammyclaude mentions, the OSG only has a paragraph under "Due care and due diligence", does not make the difference between the two clear at all. Thanks for commenting and best of luck on the exam!
These exams don’t really have the same focus, not a good idea. CCSP is solidly cloud security focused. CISSP is more broadly technology and leadership focused. The area I see CCSP candidates struggling with most is understanding who has responsibility in different scenarios (customer vs CSP)
CISSP is a difficult exam and many do not pass on first attempt. If you are not feeling prepared, I would encourage you to delay and study a bit longer.
3:13 How does this really fit with the transfer of risk to a third party (insurance company)? (For what is worth, I, personally, do not think that it should be allowed because someone’s responsibility should stay with that person).
You can transfer risk (insurance by design deals with indemnification primarily against the financial risk), but you cannot transfer accountability (responsibility) for the breach. The org is still accountable for that, and meeting any associated reporting requirements under govt or contractual regulations.
Depending on which framework you're using, remediation and eradication are about removing the causes of the incident. Lessons learned is post-mortem review where you determine how to prevent recurrence and improve future response.
@@InsideCloudAndSecurity I completed those already and from 1-8 really enjoyed your to the point explanations beautifully done and well executed. I hope and wish I will pass the exam trying to schedule for 1st week of March, although been scoring 70-80% only.
CISSP Exam Cram : th-cam.com/video/_nyZhYnCNLA/w-d-xo.html Master the formulas: th-cam.com/video/ttOKJYOedNo/w-d-xo.html Cryptography Drill Down : th-cam.com/video/8_NLPDRLfg4/w-d-xo.html I plan to sit in June :)
I viewed most of your videos, especially the Domains 1-8 review. I saved this for last and I passed (provisionally)! Thank you! These videos helped tremendously!
That's great news! Glad we could help! Congrats Eddie! 👏🎉
This was probably the most IMPORTANT video to watch that helped me pass the CISSP exam yesterday
Glad it helped! CONGRATULATIONS! 🏆🎉🌟
I watched all of his videos regarding CISSP often in my study process. I combined these videos with Cybrary's content. His content compared with Cybrary is extremely spot on. While more brief, he gets the information you need to know condensed and accurate. I'm always suspicious of youtube content but this source is trustworthy. Honestly, surprised he did it all for free. This video in particular saved me as i listened to it on the drive to the exam. I dont ever comment on youtube but I want to give him credit. He helped me pass the exam and this video for sure is crucial. Thanks a lot!
Glad to hear this made a difference. Congratulations! 🎉🏆👍
Provisionally passed the CISSP exam last week, I could not have passed without the help of your videos. The way you broke down each domain was amazing. Thank you so much, these videos were life changing!!!
So glad to hear this Levar, THANK YOU! CONGRATULATIONS on a big accomplishment! 👍🏆
7:33 Sample Question
16:20 Sample Question
19:16 Safeguard Evaluation
20:16 Key Processes, roles & responsibilities
21:19 Sample Question
23:52 Incident Response steps
24:59 Security Policy Development
26:43 Exam Tips for Cryptography
29:25 Sample Question
Just wanted to say a big thank you Pete. I provisionally passed the CISSP today and your videos helped a lot towards that. Thank you for putting out such quality content for free !!
Glad to hear that, Jeremy! Congratulations! 🏆🎉
I love the fact that he uses NOT for questions as most of the questions in CISSP and CCSP are about which of them is NOT correct or part of BIA etc. Meaning you HAVE to know what IS in order to answer what's NOT correct. You are awesome. Planning to take the test in June.
Yes! The wording on some exam questions can be tricky or confusing to work out. Good luck on the exam!
Hi Pete - I want to thank you for your videos, especially this one on the CISSP management mindset. I passed the test today and your videos helped immensely. Your tips and tricks were valuable. The test is tricky and, in some ways, an endurance test. Thank you!!
Glad I could help! Congratulations!🏆🎉🌟
This was the single most important video that I watched in preparation for taking the CISSP exam. The methods you used to think through the questions were extremely helpful. This video came out just a couple days before my schedules exam, and I'm proud to say that your entire Exam Cram CISSP series and especially this video helped me get a pass!
@Keith, It really makes my day to hear that! Glad it helped. And congrats on clearing this monster of an exam! 👏🎉🥂
I take the exam in 4 days and honestly I'm feeling pretty nervous. Thank you for these videos. They have helped me a lot with getting comfortable with the material.
That’s great to hear! Best of luck on your exam! 🍀🤞
How did it go????
Must have not went well.
Provisionally passed yesterday.. From netflix and chill to pete z yt and chill..
But honestly, i used the vid 2 hrs before my exam and it helped me a LOT!
Thank you Pete z for helping us achieve our goal! Continue to be a blessing to EVERYONE!
Thank you John! 😊 And CONGRATULATIONS! 🏆🎉🌟
This was informative and definitely worth every second, I walked in that exam thinking of my self as an Contracted manager to provide guidance to an organisation, this makes all the difference . thank you for the material.
Happy to help! 👍
non technical, managerial, decision-oriented aspects are the most sought information. thanks!
Happy to help. Good luck on the exam!👍
Thank you very much, Pete Zerger, all your videos on 8 CISSP domains and supplementary videos like "Think like a manager" really helped me to pass the exam. I owe you my respect. Great work.
Really glad to hear that, Karthick! Congrats on passing the exam! 👍🎉🎖️
I would like to say 'Thank you' Mr. Zerger. I watched your videos during my prep in the last 2 months. I passed the exam earlier today. For those who are preparing, Guys, follow his advices ( not just watching this playlist), I believe you will pass your exams 😁!
Great job! CONGRATULATIONS! 🎉🏆🚀
@@InsideCloudAndSecurity Thank you! 😁
This is INDEEED the most important video in the series. Make sure to watch it the night before the exam!!!
Nice work, my friend! CONGRATULATIONS! 🏆🎉
I officially passed the CISSP test with 100 questions only. Thank you for your videos.
Great job! CONGRATS! 🎉🏆🥳
Thank you so much Pete. Yeah. Indeed this is one of the most important videos I watched in my preparation for the exam. Thankfully I cleared the exam on my first try yesterday. Keep up the good work.
Glad it was helpful! Congrats on clearing on your first attempt! 🏆👍
Your videos were very helpful! After book studies and many sample test from the official study guide, I watched all your videos! They helped me identify a few areas of weakness to which I did more research in. This specific video regarding having the mindset of a manager, was the final piece to the puzzle. I provisionally passed just yesterday. Thanks so much!
Glad it was helpful! Congratulations!!! 👍🎉🏆
Hello Pete and all thé community.
Just to Say a warmful thanks for tout work. All Ur advices made me pass the exam at this moment. Thks for this wonderful job
Happy to help! Congratulations! 🎉🏆👍
Your cissp video series was great! Glad to announce that I have provisionally passed. Thank you for the insightful videos!
I LOVE IT! Congratulations! 🏆👍
Many thanks, Pete for your awesome videos! They were instrumental in passing my exam. Some of the points and techniques you stressed especially in this video helped with deciding between two good answers.
Glad they helped! Congrats on clearing the exam Eric! 👍😉🎉
thank you for the fantastic & easy explanation.. just passed the exam..
Congrats Mohamed! 👍
I just passed the CISSP exam today (I had 100 questions).
That's AWESOME! You passed with the minimum possible number of questions! 👍🎖️🏆
I thought minimum was 125
@@daljitsandhu3897 It depends on the format offered. if he took from the 2021 update, the minimum was 100. From the 2021 update until April 14, 2024 - it's a minimum of 125 questions. ISC2 change their exam every 3 years and sometimes change the amount of questions offered.
Thank you for valuable information round CISSP. Good to have these media to understand all domains in a perfect way - I passed (provisionally)!
Glad it was helpful! CONGRATULATIONS! 🏆🎉🌟
Thanks your videos were really helpful. I passed my exam.
Glad to hear that! Congratulations, Ernest! 🏆🎉🌟
Hello,
I have provisionally passed the CISSP today. Thanks so much for the content 😊
Happy to help! Congratulations! 🏆🎉
Hi Pete, thanks to your videos, they laid the foundation for me such that I passed my CISSP in under a month. These have been extremely helpful to link the domains together in a meaningful and logical way, wondering if you will be doing something similar for CCSP? :)
Not yet for CCSP, but planning to in 2022!
In the outro, when you talk about asking the questions when choosing the options in the exam, how, what who where when and why, interestingly that is also Zachman framework for enterprise architecture access control matrix that also has those 6 perspectives in column section and rows has - conceptual, logical, physical, subcontractor, and actual system view in the matrix. I didn't see this mention in your video of processes, models video as well.
Never heard Zachman mentioned as an exam topic, and don't believe it's mentioned in the official study guide. Is "why didn't I cover Zachman framework?" your question?
Thank you so much!! All of your content is excellent and greatly appreciated. :)
Glad you like them!
Wonderful! Very, very helpful. Thank you.
You're very welcome! Ping me here or on LinkedIn if questions as you prepare.
These are great tips! Why aren't there any CISSP practice questions like this?
No practice questions I've seen mirror the test all that well. You really have to focus on getting 90%+ on practice quizzes to confirm you have the knowledge. Then, watch the CISSP think like a manager video to ensure you have the right mindset, and you should be ready for exam day. Good luck! 🍀🤞👍
Pete, Thank you so much for these videos
Glad you like them! 👍
I got some good gems 💎 on this one!
One topic I can’t seem to find a pattern on and is a 50/50 shot for me is
Aggregation
Inference
Doesn’t seem to be that difficult at face value, but looking at the explanation in the official study guide, I’m not getting clarity. I know you explained it in a video, but maybe I need sock puppets on this one lol . Thanks for your help and hard work on these videos. They replaced Kelly H’s videos because they were too vague and chitchatty
I actually cover this in a video dedicated to "cyber attacks and countermeasures" I am publishing later today, but I'll tell you here. Here's the difference: "Inference - the ability to deduce or assume information from observing a (one) non-sensitive piece of information. Aggregation - the ability to create sensitive information by combining non-sensitive data from separate (multiple) sources." For example, I add up monthly sales receipts to get the secret quarterly sales numbers - that's aggregation. Observing a person in a black suit getting off at the subway stop by the White House and reaching to the conclusion that is one of the Presidents secret service agents - that's inference.
@@InsideCloudAndSecurity so I just took what you said which made sense. Page 204 question 15 of the official practice test book confused me that the answer was inference rather than aggregation, now re-reading it it says it pulled “total payroll expenses for a specific pay period” and compared it to a following pay period, thinking that there were multiple aggregated data pulls, but it was just one being compared to the referenced document. I think I get it now
I think the wording of that question might be a bit dodgy (they can't all be "the best" practice question). I think you will find the exam questions will leave no room for doubt.
@@InsideCloudAndSecurity lol yeah I have found a few questions where I have had to just smh and tell myself that that question will not be on the test lol
@@InsideCloudAndSecurity sorry for another question, I went through domain 6 of yours, is LDAP SSO or federated? or is it just used for on premise directory services?
Thanks for all the resources! Per your flashcard comment, it seems many sources offer them online. Could you please recommend hard-copy flashcards to order or the best printable source?
That's a tough one. Not possible from the Official Study Guide cards beyond one-at-a-time. Quizlet does allow printing card study sets, which gives you some material. See help.quizlet.com/hc/en-us/articles/360030635472-Printing-sets#:~:text=To%20print%20a%20set,Open%20a%20set.&text=(More%20menu).,Select%20Print. When I took the exam, I created and printed my own study PDFs (similar to my video formats) and had someone quiz me, asking random questions based on PDF slide contents.
Really helpful, thank you!
Glad you liked it! 😉
the sybex book has due diligence and due care defined oppositely ..............WHAT THE HECK
That's weird. To give you confidence, here is another expert team explaining due care and due diligence to support my explanation th-cam.com/video/JgondPI995E/w-d-xo.html. Have a page number to the explanation Sybex got backwards? Would love to read to see if simply they have unusual/poor wording.
@@InsideCloudAndSecurity Page 23 of the OSG states that due care is the action, due diligence is the planning/policies. Also in Luke Ahmed's Think Like A Manager book starting on page 35 he agrees wit the OSG that due diligence = knowing, due care = doing. BTW thank you for your videos, taking the exam in a couple weeks and they are helpful.
@@bdon3434 Definitely a lot of definitive sources out there that agree with me on this, but glad there are multiple sources for you outside the official study guide (OSG). As Clammyclaude mentions, the OSG only has a paragraph under "Due care and due diligence", does not make the difference between the two clear at all.
Thanks for commenting and best of luck on the exam!
Great video, Thank You for Your Job.
My pleasure!
I LOVE IT!
Glad you like this one. Good luck on the exam! 🏆🍀🤞
So take my firefighter training, and apply it to this. Gotcha
You got me on that one! 🤣 😂
Hi Pete, can we use this as reference on CCSP as well?
These exams don’t really have the same focus, not a good idea. CCSP is solidly cloud security focused. CISSP is more broadly technology and leadership focused. The area I see CCSP candidates struggling with most is understanding who has responsibility in different scenarios (customer vs CSP)
@@InsideCloudAndSecurity Thanks For the clarification.
Just awesome!
Thanks again! Good luck on the exam!
I am wondering if the sample question's difficulty match the real one. To be frank, I am considering to withdraw from the exam and get refunded.......
CISSP is a difficult exam and many do not pass on first attempt. If you are not feeling prepared, I would encourage you to delay and study a bit longer.
The exam questions are direct or have a big story inside the question ?
It’ll be a mix of multiple choice questions, but many exam candidates will tell you the questions were worded in lengthy and challenging ways.
Can you get congress to take this class?
Congress would do well to heed some of my advice! 🦉🦉🦉
Astronomers do ritual moves on very starry starry nights. Can you guess what the mnemonic is for? 🙂
Tell me! 🤨⁉️⁉️
@@InsideCloudAndSecurity Application Data Runtime Middleware OS Virtualization Servers Storage Networks. Cloud Service Provider layers.
3:13 How does this really fit with the transfer of risk to a third party (insurance company)?
(For what is worth, I, personally, do not think that it should be allowed because someone’s responsibility should stay with that person).
You can transfer risk (insurance by design deals with indemnification primarily against the financial risk), but you cannot transfer accountability (responsibility) for the breach. The org is still accountable for that, and meeting any associated reporting requirements under govt or contractual regulations.
@@InsideCloudAndSecurity Excellent! Thank you ever so much.
22:52 why is the right answer not lesson learned ? Isn’t the root cause analysis determined during the lesson learned phase ?
Depending on which framework you're using, remediation and eradication are about removing the causes of the incident. Lessons learned is post-mortem review where you determine how to prevent recurrence and improve future response.
thanks so much
You're welcome! Good luck on the exam! 🤞🍀
Awesome
Glad you like it! Make sure you check out the videos on my CISSP Exam Cram playlist! th-cam.com/play/PL7XJSuT7Dq_XPK_qmYMqfiBjbtHJRWigD.html
@@InsideCloudAndSecurity I completed those already and from 1-8 really enjoyed your to the point explanations beautifully done and well executed. I hope and wish I will pass the exam trying to schedule for 1st week of March, although been scoring 70-80% only.
@@InsideCloudAndSecurity Big thank you for the videos, my comments are here so you can get a better reach :)
Is the practice quiz not available any more?
Sorry, being updated. will be back online in the next few days.
CISSP Exam Cram : th-cam.com/video/_nyZhYnCNLA/w-d-xo.html
Master the formulas: th-cam.com/video/ttOKJYOedNo/w-d-xo.html
Cryptography Drill Down : th-cam.com/video/8_NLPDRLfg4/w-d-xo.html
I plan to sit in June :)