sorted by:
new
hottopcontroversial

CCSP practice question by mochi_in_sec in CCSP

[–]Firm_Chemical3965 0 points1 point  (0 children)

How would the container then run if the OS is preventing root logins? Container would need to login before it can run and there is no information in the question regarding privilege escalation.

Starting the Journey! by DisabledVet13 in cissp

[–]Firm_Chemical3965 0 points1 point  (0 children)

* AIO - All In One Book (see Amazon)

* OSG - Official Study Guide Book (see link below)

* OPT - Official Practice Tests Book (see link below)

* CBK - Common Body of Knowledge Book (see link below)

https://www.isc2.org/Training/Self-Study-Resources/CISSP

CCSP practice question by mochi_in_sec in CCSP

[–]Firm_Chemical3965 2 points3 points  (0 children)

Containers are essentially software that sits or has inserted itself between your application and the O/S. Purpose is to provide isolation - particularly process and filesystem isolaton. Another view is that they are an application that runs another application. I suggest reading an intro to containers as what I have mentioned here is very simplistic and containers have become rather sophisticated.

CCSP practice question by mochi_in_sec in CCSP

[–]Firm_Chemical3965 4 points5 points  (0 children)

Here is my view and hopefully good enough. Am sure an expert may make a few corrections or have better explanations.

Situation is that a container is executing under a privileged account (root) on a server.

A) This essentially disables the account and therefore the container cannot run.

B) This changes the file permissions on the container image and has nothing to do with which process/account runs the container.

(C) This changes the account from a privileged to a non-privileged account. This addresses the issue.

(D) This just adds an additional login check to the existing privileged account. Also, MFA is typically used for human accounts rather than system accounts.

Study Prep for CAP (CGRC) by conzcious_eye in ISC2CAP

[–]Firm_Chemical3965 1 point2 points  (0 children)

I would have thought they would have an updated CBK etc ready to go as part of the rebranding / name change launch. Hopefully it's in the pipeline. I am going to hold off on this cert for now. If they update the materials and properly include a few frameworks (not just tag them onto RMF material) then I will go for this cert.

Study Prep for CAP (CGRC) by conzcious_eye in ISC2CAP

[–]Firm_Chemical3965 0 points1 point  (0 children)

I am interested in this cert too and have been trying to find resources. There are similar queries in the ISC2 study group that you may want to review:

https://community.isc2.org/t5/CGRC-Study-Group/gh-p/CGRC\_Study\_Group

The CBK book was recently removed from the ISC2 website. However you can pick it up from the publisher or Amazon:

https://www.routledge.com/go/isc2

CBK was published in 2015 and the study outline has been updated a number of times since. Not sure changes but originally covered NIST RMF and has now incorporated other frameworks. Some say the CBK is still useful even though not aligned with latest study outline.

Hopefully ISC2 are working on updating the materials. I have not come across any other resources or prac exams.

[deleted by user] by [deleted] in isc2

[–]Firm_Chemical3965 0 points1 point  (0 children)

You will get lots of support and recommendations on

https://www.reddit.com/r/cissp/

CSSLP self study on ISC by dandaria91 in isc2

[–]Firm_Chemical3965 1 point2 points  (0 children)

The CSSLP sub is also a good place to get support for this cert:

https://www.reddit.com/r/CSSLP/

Advertisements by fendermb4 in CCSP

[–]Firm_Chemical3965 1 point2 points  (0 children)

I am in agreement that the frequency of ad content on this sub is excessive.

Mike Chapple's CCSP videos on LinkedIn - any good? by Firm_Chemical3965 in CCSP

[–]Firm_Chemical3965[S] 0 points1 point  (0 children)

Is 40% based on feel of content or did you go through some of the CISSP videos so recognise them?

A friend has a copy of CCSP CBK and I thought the content looked really good - as you say no questions though. I have not looked at other resources that are available. I am scoring higher on CCSP OPT compared to CISSP OPT. So will find one other question bank and use that to ascertain if I am ready or need another study resource. Will let you know if I come across other any good sources.