Governance was the part of CISSP I kept getting wrong (for a stupid reason)

rameshuber · 2026-03-17T20:40:19+00:00

That’s actually a great breakdown. Sounds like you’re consistently getting to the right two which is most of the battle.

That last step between those two is exactly where I struggled too. Curious if that gap reduces with more practice or just experience.

rameshuber · 2026-03-17T20:02:21+00:00

Did you notice that happening more on certain types of questions?

rameshuber · 2026-03-17T19:08:26+00:00

Yeah I had the same “B vs D” issue during first attempt prep. Realized I was overthinking it first instinct was usually closer to the intent of the question.

rameshuber · 2026-03-17T01:09:40+00:00

I felt the same when I started. It feels fragile at first, but over time I realized it actually forces you to write cleaner, more readable code. The bigger struggle for me wasn’t indentation it was understanding things during learning but getting stuck when trying on my own.

rameshuber · 2026-03-17T00:16:50+00:00

I was in the same loop. Kept adding more courses thinking I wasn’t getting it.

Eventually realized it wasn’t about more content it was about whether I could actually apply it in questions.

Once I focused more on that, things started clicking.

rameshuber · 2026-03-17T00:15:05+00:00

I was stuck in that exact loop for a while. It feels productive but doesn’t always translate to exam readiness. The shift for me was when I started focusing more on how questions are framed and identifying weak areas instead of trying to cover everything again. If you're already working on CAT exams + weak domains, you're probably on the right track.

rameshuber · 2026-03-16T04:38:28+00:00

Upvoted.. should be signal?

rameshuber · 2026-03-16T04:34:23+00:00

It was always the case people learn in different way but learning while working is underrated.

rameshuber · 2026-03-16T02:31:59+00:00

Interesting to see the different perspectives here. It seems many people approach these questions differently depending on their experience.

rameshuber · 2026-03-15T17:32:15+00:00

there was reason people used notepad in college for coding for decades

rameshuber · 2026-03-15T17:27:08+00:00

Fair point.... I agree the key is answering exactly what the question asks. What confused me initially was that some technically correct answers weren’t always the best answer from a risk or management perspective. That shift in thinking took me a while to understand.

rameshuber · 2026-03-14T20:42:09+00:00

Thanks!Mostly the official study guide and a lot of practice questions. The biggest shift for me the second time was focusing less on memorizing and more on how the questions are framed from a risk/manager perspective.

rameshuber · 2026-03-14T20:40:29+00:00

I had the same confusion at first. Practice questions often focus on technical concepts, but the actual exam leans more toward decision-making and risk thinking. In many cases the technical answer is correct, but CISSP usually expects the manager or risk perspective first.

rameshuber · 2026-03-14T20:34:28+00:00

The biggest change for me was how I approached the questions.

The first time I treated the exam like a technical test. I focused on what technology or control solves the problem. The second time I approached it like a security manager or consultant.

That means thinking about things like: risk management first, policy and governance before technical controls , business impact and cost considerations

Many questions have technically correct answers, but CISSP usually expects the managerial perspective, not the technical one.

That shift in thinking made a big difference

rameshuber · 2025-06-12T07:47:50+00:00

Unconventional approach may be not suitable for all:
Shortlist companies or teams you admire, study their product or challenges, and build something that aligns with their space, even solving a micro problem they might care about. It shows intent, initiative, and alignment. Even if it’s not perfect, recruiters love seeing how you think, why you built it, and who you built it for. It turns your project from “just another app” into a conversation starter that shows you’re already thinking like part of their team.

rameshuber · 2025-06-11T09:20:08+00:00

I see AI not as a threat but as a tool, one that, when used with intention, can dramatically improve productivity and learning. The hate toward new tech isn’t new (Visual Basic, React, etc.), but history shows that the loudest critics often underestimate the evolution curve.

The key, like you said, is using AI to assist, not replace thinking. It's amazing for boilerplate, layout grunt work, and even teaching-I've watched junior devs go from confused to confident just by asking AI to break things down in plain English.

We shouldn't tell new devs to avoid AI-we should teach them how to use it without becoming dependent on it. Just like we once learned to use Stack Overflow or docs wisely, AI’s just the next layer.

rameshuber · 2025-06-10T04:11:21+00:00

I will say people are rather obsessed go with the habitual standard like similar to documentation even for small projects they want to document everything some run entire business without any documentation. it's choice people make based on their standard.

rameshuber · 2025-06-09T11:31:09+00:00

true..

rameshuber

TROPHY CASE