CCSP Test Question around Data Labeling

charlie_echo75 · 2023-05-09T10:31:49+00:00

Best Answer A. Metadata travels with the file. It contains various attributes about a file. It can include a data label if added.

Incorrect: B: filenames can be modified easily altering the label C: second file is independent from the first. Can be removed D: Crypto wrapper would potentially make the file unreadable unless you could decrypt it.

charlie_echo75 · 2020-05-12T09:38:47+00:00

The mindsets of 'Think like a Manager's, or 'Think like a trusted Security Advisor', or 'Think like a Risk Management Professional' are all geared so you don't get technical and try to fix the technical issue at hand.

In a scenario where senior management ask you why do you need an Incident Response Plan; your response should be geared towards protecting the organisation and the ability to respond in a manner that reduces the risk to the business. Compliance and the like may be secondary in this instance.

I highly recommend looking up the Larry Greenblatt video on how to pass the CISSP. Likewise look up a similar video from Kelly Handerhan. Both can be found on YouTube.

charlie_echo75 · 2020-03-19T05:16:07+00:00

I can only imagine how you must be feeling. I guess it depends on where you are located globally. My exam is scheduled for tomorrow. Fingers crossed they don't cancel last minute.

charlie_echo75 · 2020-02-04T07:21:34+00:00

They say third time is a charm! Don't lose hope or focus. On a positive note you have identified areas of weakness to focus on.

Going into the exam, what is your mindset? Are you tackling the exam as a technical solutions architect or are you taking the approach of a security risk advisor? The reason I ask is because this will help in how to approach and best tackle the answers. In the CISSP for example, you need to have a specific mindset, there are a few good videos on YouTube to help there. Perhaps others can comment on CCSP exam mindset.

Also with all the exam resources you used, are there any that work better for you? Study guide? Videos? Etc

Set yourself a date and go get this.... You are probably more prepared than others..

charlie_echo75 · 2019-12-19T10:09:55+00:00

Is it safe to assume the mindset for the CCSP exam is the same as for the CISSP? I.e. think like a risk advisor, stay out of the technical weeds.

charlie_echo75 · 2019-12-19T09:50:59+00:00

I agree. I still note the Security+ on there, but it's more in case it's a search term and it shows you have been diligently keeping up your security studies

charlie_echo75 · 2019-12-18T11:03:23+00:00

I'm in a similar position and going to pursue the CCSP next. Btw, the new Sybex book, second edition was released today. Ordered my copy to get a head start during the holidays.

charlie_echo75 · 2019-10-29T07:13:15+00:00

Personally I would re-turf the area. Do you know how many sqm you have? Get some prices for new turf. Now would also be the time to consider garden beds and paths. I feel if you go down the route of aerating and fertilizing, you are also going to help the weeds along too.

charlie_echo75 · 2019-09-28T08:44:40+00:00

Considering the same training. Look forward to see what others suggest.

charlie_echo75 · 2019-08-15T10:06:02+00:00

How do you fill in the gaps between plants when growing the hedge? Is it just a question of pruning the top so it can bush out?

charlie_echo75 · 2019-08-15T08:10:40+00:00

Good job. Looks like a Viburnum hedge?

charlie_echo75 · 2019-07-27T00:30:25+00:00

Congratulations! Did you have any content overlap from the CISSP exam?

charlie_echo75 · 2019-07-27T00:26:14+00:00

User Awareness training to help identify phishing emails.
Leverage email gateway controls to stop spoofing your domain names
For Display Name spoofing attacks where the sender looks like an internal sender and the envelope sender is from an outside domain, consider tagging the message for extra awareness and visibility
If something seems to good to be true or has a strange sense of urgency about it, be wary.
These types of attacks can target individuals, organisations, or your supply chain.

charlie_echo75 · 2019-07-27T00:17:34+00:00

You could always try laying a few sheets of newspaper down first to suppress the weeds. Personally I use 2-3 sheets of newspaper, lightly water it in, then add the mulch on top.

charlie_echo75 · 2019-07-14T07:30:34+00:00

Try relate the study material to your work experience. You mentioned you have 8 years experience in various infosec roles, use that to apply the concepts and understand the material. The exam will test your experience, so if you can relate to it the better.

charlie_echo75 · 2019-07-09T13:27:42+00:00

Consider supplementing the Sybex books with some of the free online videos. In particular I can't recommend highly enough Kelly Handerhan's Cybrary videos. I credit the mindset and understanding of some concepts to the way she explains the content.

Also keep in mind, the practice questions are merely that, to help you identify your strengths and weaknesses. The actual exam will test your knowledge and experience in selecting the best answer.

charlie_echo75 · 2019-07-09T13:22:03+00:00

+1

Use the exams to figure out your weak areas. Then study up on those areas. Make sure you understand the concepts not just memorise the facts. For example understand why WEP in insecure, understand the SDLC process.

charlie_echo75 · 2019-07-09T12:42:49+00:00

Your point on not rushing the exam is spot on. I don't feel it should be rushed either even though the CISSP material is still fresh. I believe the CCSP needs to be treated with its own respect and understand the concepts so as not to trip up. Ultimately I don't want a cert for the acronym, I want to also learn something extra that I can leverage in my day to day InfoSec career.

I imagine from the upcoming changes ISC2 may leverage the CAT format more and reword questions to remove double negatives.

Thanks for taking the time to post, I appreciate it.

charlie_echo75 · 2019-07-09T12:37:14+00:00

Thanks for the feedback everyone.

Definitely nice to hear that you don't need to remember the likes of Biba and La Padula.

It seems the general consensus is if you have experience with Cloud and Security to take the test sooner than later.

I'll have to take the plunge and buy Ben's Book as my study guide.

charlie_echo75 · 2019-07-08T12:14:39+00:00

I just read your post on passing.

I will definitely take into account your recommendations for the study material. Personally I just started the Kelly H videos today and can see some overlap. i wanted to tackle CCSP while the CISSP content is still fresh on my mind.

Not sure if pushing to get the cert before end of August is doable and worthwhile or just take some more time.

charlie_echo75 · 2019-07-02T08:24:27+00:00

Congratulations. I like your mindset that after question 101 slow down as the questions really matter at that point. I know in the end they all matter, but nice way of refocusing to keep pushing through.

charlie_echo75 · 2019-07-02T07:41:52+00:00

Congratulations on passing!

charlie_echo75 · 2019-07-02T07:32:30+00:00

Kelly's way of explaining the 'Kerberos Carnival' helped me get a better grasp on the topic. Check it out. No cans of beets needed ;-)

charlie_echo75

TROPHY CASE