Assistance with picking the right answer after luring down to the 2 possible answers

Took the twice already and can't seem to crack this nut. Seems like I can lure it down to 2 possible answers, but very difficult with picking the right one; the ISC2 way. Please anyone on the forum advise so I can finally get pass this chapter. 680 seems pretty close, but anything below 700 is a fail.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

TheProfezzor

No one can help you, but you. If you could narrow it down to 2 choices but can't figure out the rest, you aren't getting the concepts right. Learn the material by heart. Like, if I wake you up at 3:00 in the morning and ask you, "what layer does Telnet work on", it should take you about 2 seconds to reply. I've been trying to get a hold of the CISSP CIB since 2 years but it still hasn't sinked in like it should.

sojourn

This is where it comes back to what people talk about here:

- think like a manager. Or think like the person specified in the question (CEO, CIO, security practitioner, auditor)
- be risk adverse, but be smart about it. I find there is a balance between being too risk adverse and too restrictive for business, or simply doing things that don't make sense or create too much work unnecessarily.
- Memorise the four canons (acronym PAPA, figure the rest out for yourself). Use them in your decision making. The first Canon is more important than the second, the second more than the third, and so on.
- this is a management-level mid-career exam. It is not a technical exam. If one answer is more technical than the other, then maybe it's not the correct one. Unless obviously it is a technical question with one clear answer - eg what port does SSH run on.
- have a great understanding on the differences between policies, guidelines, standards, baselines. This is an over-arching narrative for the whole CISSP and the way information security is handled in general.

bigdummy

sojourn wrote: »

This is where it comes back to what people talk about here...

Thanks Sojourn, this is some of the best advice I've seen.

sny

My suggestion don't answer question like technician think like business guy. Don't think about how you are going to set up tunnel if your company acquire another company think about local law, policies etc.

tufexams

@sojourn, @bigdummy, @sny. Thank you all good advice. The purpose of this forum is not to criticize people, but to provide tools so that as a community we an all help each other. I didn't join this forum to get counseled about my inability to retain information @TheProfezzor. We all have strenghts and weaknesses. I'm sure when you were 3 months old, you didn't just jump out of the crib and start running. My point is we share information on this forum to help one another. I never, ever criticize anyone simply because I wouldn't want the same thing done to me.