Видео

This is not for CISSP , it's for kindergarten

Qun 4, I can not agree with the answer,,, Network traffic analysis can help identify whether the employee transferred sensitive data to external parties. While important for tracking exfiltration, this step would be more effective after securing the digital evidence from the employee’s work computer. It is typically used to complement forensic analysis on the employee's machine but does not replace the need to preserve physical evidence. The most critical step in any digital forensic investigation is to ensure that the integrity of the evidence is maintained. Using a write blocker to create a forensic image of the employee’s computer ensures that the original data remains unchanged during the investigation. This allows the security team to perform subsequent analysis on the forensic image, preserving the chain of custody and ensuring the evidence can be used in court if necessary. If the data is gone, no point of jumping into NW traffic analysis as 1st step, It can be done later after securing the evidence.

Can not agree with Qn4 answer,, It should be B , A firewall rule audit involves reviewing the rules configured in the firewall to ensure they are properly set up to block unauthorized traffic. While this is valuable for ensuring policy compliance, it doesn’t provide a complete picture of how the firewall performs under attack scenarios or whether its rules are effective in practice. Where as apenetration test simulates real-world attacks to determine how well the firewall can block unauthorized traffic and identify any vulnerabilities that attackers could exploit. It involves actively attempting to bypass the firewall's defenses and provides insights into its overall effectiveness in a controlled, ethical manner. This test is comprehensive because it not only checks for configuration issues but also tests the firewall’s ability to stop unauthorized access.

Qun 8 , "SAML assertions are sent to the Service Provider (SP) during the initial user login" .. This statement is correct but incomplete. SAML assertions contain information about the user’s identity, authentication, and attributes. These assertions are sent to the Service Provider (SP) by the Identity Provider (IdP) after the user authenticates with the IdP. This process allows the SP to grant the user access to its resources based on the received assertion

Can not agree with Q3 answer, you can not kick someone out & that is not your responsibility. it should be option C, When dealing with a data breach involving sensitive customer information, the first priority should be to understand the full scope of the breach by conducting an internal investigation. This helps determine the extent of the leak, the specific data involved, and the employee's actions. Based on the investigation findings, the organization can take appropriate steps to mitigate damage and ensure future breaches don’t occur. Notifying affected customers is critical in maintaining transparency and complying with regulatory requirements (e.g., GDPR, CCPA) to ensure the organization’s legal obligations are met.

Not agreeing with Q3 answer.. A CDN can significantly enhance the network’s resilience to DDoS attacks by distributing traffic across multiple servers, making it harder for attackers to overwhelm a single point of failure. CDNs are designed to handle large amounts of traffic and have built-in capabilities to absorb traffic spikes, including those caused by DDoS attacks. This reduces the burden on the company’s core infrastructure, IDPS can play a role in detecting abnormal traffic patterns and blocking known attack vectors. However, IDPS alone may not be able to handle the volume and scale of DDoS traffic, especially if the attack overwhelms the network at a volume larger than the IDPS can process.

I just passed my exam. The videos are helpful

These lectures are fantastic. Thank you very much.

I think that for question 4, Option C is more appropriate. Can anyone comment?

Question 44? ruclips.net/user/clipUgkxf4azsK2JjKkjHYDz8aBznLBiNzztcWZv?si=JQPXC4G2iY4097Be

question 3 , something you are and something you have was mixed up, something you have was explained as something you are , i think it was just a slip.

Are all the questions in final cissp exam, scenario-based like these? Or will be there technical questions too?

Very impressive presentation

Your question 7 is quite confusing and counterintuitive seeing as the ans should be D even according to your explanation.

Taylor Barbara Perez Maria Martinez Brian

Hey I got 7/8 not bad 😄

Beautiful graphics and good explanations can you make it cyber security all 5 domain's all questions and answers videoes 5 part details explanation thank you

Why would you choose an AI voice that has vocal fry at the end of every sentence?

Thank you!

Question 4 1. Use a write blocker to create a forensic image of the employee's work computer. Explanation: Write Blocker and Forensic Imaging: The first priority in digital forensics is to ensure that the original data is not altered in any way. A write blocker is a tool that prevents any changes to the data on the storage device being investigated. Creating a forensic image (an exact bit-by-bit copy) of the employee's work computer ensures that the investigation can proceed using the copy, while the original remains unaltered and intact for potential legal proceedings. Perform Live Forensic Analysis: This might be necessary in some cases, but it is usually not the first step because it can alter data on the system, which might compromise the integrity of the evidence. Conduct Network Traffic Analysis: While useful for identifying unauthorized data transfers, it should come after preserving the digital evidence. Network traffic analysis might also require real-time monitoring, which is not the initial step in preserving evidence. File Carving Tools: These tools are used to recover deleted files, which could be part of the analysis phase but should occur after the forensic image has been created. Thus, creating a forensic image with a write blocker is the first and most critical step in this type of investigation.

An intelligent AI machine speaking.

This seems like more like a english test think im going to study the diary

in domain 3 as physical access control you missed the two-person rule, two-person integrity, two-person control. these are main functions. Also, in logical access control you missed the topic about ABAC model. However, the video was good, but i'm expecting domain 4 & domain 5 in upcoming video. thnq @Infosec Guardians

Your videos are really helpful 😊

When are you doing domain 4?

Not accurate

is this your real voice, or you are using AI generated voice, and I appreciate the hard work you put in .

Amazing details in-depth explanation

Best video I found on the web so far. Thanks

great vids! hope we can get domain 3 - 5

Some of the answers are not correct in this video can't agree to the given explanation to the answer.

Question 44 and 45, answer should be A

if i study on this video i will pass the exam?

The speech synthesizer could be better, this one is distracting

👌👌

In the authentication portion of the video you have Something you are and something you have mixed up. You explain it right, but the slides are wrong.

👌👌

2 question answer should be C

Siem peppering

And a peppering in cyber security is a cryptographic tactic

MD5 message digest algorithm version 5

Code execution and spatial Theory

Risk Theory of asset and key concepts how bad bear markets are. They are

Asset security and domain 8 for hospitals and ODNI for TIPS which is a domain policy Transaction inflation protection service? Think so in asset. Anti fraud

Great explanation

Thanks so much but we need more and more questions

do they have full CISSP training?

Please correct question 21 Biba Model for Integrity should be "No write up, and no read down"

Please make corrections to question 13. Bell-LaPadula (Confidentiality) should be "No read up, No write down" 👍🏾

So many mistakes when highlighting the answer. This needs to be redone.