CCT 287: Practice CISSP Questions - Deep Dive (Domain 5)

CISSP Cyber Training Podcast - CISSP Training Program

Contenuto fornito da Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur, Shon Gerber, VCISO, CISSP, and Cybersecurity Consultant o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.

2M ago 23:08

MP3•Pagina principale dell'episodio

Send us a text

Leadership churn is reshaping security from the top down. We open the door on why CISO tenures are shrinking to 18–26 months and what that says about pressure, culture, compensation, and board-level risk literacy. From startups that stretch leaders thin to enterprises that treat security as a cost center until the breach, we map the real incentives behind the “revolving door”—and share what actually extends tenure: clear mandates, aligned executives, and measurable outcomes.
Then we flip to hands-on security with a crisp CISSP Domain 5 deep dive. You’ll hear real-world IAM scenarios and how to reason through them: federated identity where users authenticate but can’t access apps (hint: attribute-to-role mapping at the service provider), RBAC implementations that quietly violate least privilege, and when mandatory access control beats RBAC or ABAC for classified environments. We also dissect deprovisioning gaps that leave terminated users active in SaaS platforms and outline the operational fixes—source-of-truth integration, event-driven provisioning, and reconciliation from the SaaS side. To cap it off, we tackle a red-team classic: static admin creds in scripts. The modern answer isn’t longer passwords; it’s just-in-time privilege through PAM and secret vaulting so nothing sensitive sits on disk.
If you’re a senior technologist eyeing the CISO seat—or a CISO seeking sustainability—you’ll get a blueprint for aligning authority, resources, and risk. And if you’re prepping for the CISSP exam, these identity and access patterns will sharpen your instincts for both test day and production. Enjoy the conversation, and if it helps, subscribe, share it with a teammate, and leave a quick review so others can find it too.

Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.

Join now and start your journey toward CISSP mastery today!

Capitoli

1. Welcome & Setup (00:00:00)

2. The CISO Revolving Door (00:00:44)

3. Tenure, Culture, and Pressure (00:02:02)

4. Career Paths and Lifestyle Tradeoffs (00:05:16)

5. Compensation, Authority, and Board Alignment (00:08:20)

6. Fractional CISO Models Rise (00:11:10)

7. Transition to Domain 5 Deep Dive (00:13:27)

8. Federated Identity: SAML Mapping Pitfalls (00:14:23)

9. RBAC Done Right: Least Privilege (00:16:00)

10. MAC and Classified Data Controls (00:17:25)

11. Deprovisioning Gaps in SaaS (00:19:10)

12. Preventing Credential Exposure (00:21:00)

13. Resources, Tests, and Closing (00:22:00)

306 episodi

#CISSP #Cyber Security #Cybersecurity #Cyber Training #Cybersecurity Consultant #Shon Gerber #Cissp Course #Cissp Boot Camp #Cissp Exam #Cissp Practice Exam #Cissp Practice Test #Higher Education #Podcasting Education #CISSP Training