thanks a lot

Glad you liked it!

Most welcome!

Most welcome!

thanks a lot

You are welcome!

You're welcome!

Mitigation can be partial, even if the risk remains it is an action taken to reduce the likelihood or impact of the risk to an acceptable level. "Acceptance" by definition is doing nothing about the risk at all, which is clearly not the case. The end result will be fewer cases of sensitive information in the cloud and thus less risk of leakage, when viewing the security stature of the company as a whole, not as a case by case basis.

@@JulieSquirrel42 either way I passed my CISSP first try. Prahbs videos were a good help.

@@bipedalhominid6815 Congratulations!! :)

I was wondering why acceptance is not the right answer and you answered it. Thanks

Congratulations! Which books did you find the most helpful and which ones the least so don't get them. Also which practice questions did you find the most helpful? Thank you

@@AnthonyGee-pn5wf I used the cissp CBK reference and read it twice. It's brief and covers all the necessary topics. I didn't use any other book. For practice questions, I used isc2 official practice questions. The key to success is to understand the concepts no matter from whatever book you learn. I recently passed the CCSP and again used the CBK REFERENCE as the main study guide.

@@mikealpha Thanks, I just got back from the exam and I passed. I honestly was kinda shocked at the questions because the Free training they gave didn't really cover that much depth. I had to draw on my years of experience doing the rolls. I didn't like their use of wording. Some English words I had never heard before used like that IT were confusing but like most say there are 2 obvious wrong answers so the other is just 5050.

@@AnthonyGee-pn5wf many congratulations 🎆🎉.. You are right the language used in the exam is very tough and sometimes you need to read the questions multiple times to get the point. Understanding through experience is the key to pass the exam as you did. I think you are talking about CCSP when you ask about giving the exam in the last sentence. I passed CCSP two weeks back on 5th April.

@@AnthonyGee-pn5wf are you asking about whether I am currently working as a CISSP?

U can use my coffee shots + cbk to cover the gap of domain 3 , 7 and 4

Hey how did it go? It's been 1 year... Did you get your CISSP?

thanks a lot sure

Well, it's not just asking about reducing fraud in an absolute sense, its asking about reducing fraud and the possibility of employee collaboration (in doing fraud). What you're saying is true, but only half of the answer. By ensuring that jobs are routinely rotated, you know that fraud will be detected by the influx of new eyes on the processes and no ongoing long-term collaboration can endure because the teams are constantly shuffled.

@@JulieSquirrel42 Thank you for your consideration. I still disagree because of technologies and knowledge availability increase. Though you would have fresh eyes on information left by previous workers, this would not stop someone from committing fraud or any other attack especially if the employees were playing the long con and not trying to get rich quick. Just the ability to have a conversation on discord or use a cellphone makes it infintely easier for strangers to connect over long periods of time for common goals even if you had them move to entirely different continents. And if the job switching was not infinite in diversity, then employees would KNOW that eventually one or two or three of them would get back to their designated and planned stations so as to resume the attack. However, I am not an expert, I am just some dude asking why someone would think seperating peoples' duties would stop them from being a threat. It would be better to only higher low IQ or low intelligence people to avoid problems like the Military does... but that is a hateful and discriminitory practice.