Sign up to save your podcasts
Or
Share CCT 288: CISSP Rapid Review Exam Prep (Domain 6)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CCT 288: CISSP Rapid Review Exam Prep (Domain 6)
Send us a text
Check us out at: https://www.cisspcybertraining.com/
Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout
Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv
https://www.jeffersonfisher.com/
A spike in ransomware on the factory floor isn’t just a headline; it’s a stress test for how we design, segment, and measure our defenses. We open with the realities of manufacturing risk—legacy OT, flat networks, and high stakes for uptime—then translate that urgency into a practical walkthrough of CISSP Domain 6: the assessments, testing, and metrics that actually prove security works. Along the way, we share a surprising leadership edge from a trial lawyer’s communication book that helps you argue less, align faster, and get executive buy‑in when the first vuln report lights up like a Christmas tree.
We break down internal vs external audits and when each makes sense, plus a smart cadence for third‑party and supply chain reviews that acknowledges your perimeter now includes APIs and vendor tunnels. From vulnerability scans and scoped penetration tests to SIEM‑driven log reviews and synthetic transactions, we map out a toolkit that catches issues before users do. We go deeper on secure code reviews, unit/integration testing, and interface testing for APIs, because the quiet paths between services are often where real risk hides.
Then we shift to the machinery of proof: breach and attack simulation for continuous validation, compliance checks to spot drift, and the metrics that matter—MTTD, MTTR, patch rates, vuln density, mean time to report. We lay out how to run account reviews, verify backups you can trust, and exercise DR/BC so recovery is muscle memory. Finally, we tackle remediation prioritization, exception handling with compensating controls, and ethical disclosure that minimizes harm while nudging vendors to act. If you’re preparing for the CISSP or elevating your program, you’ll leave with a clearer map and concrete next steps.
If this helped, follow the show, share it with a teammate, and drop a review—what’s one control or metric you’re upgrading this quarter?
Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.
Join now and start your journey toward CISSP mastery today!
View all episodes
By Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur
4.4
3232 ratings
Send us a text
Check us out at: https://www.cisspcybertraining.com/
Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout
Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv
https://www.jeffersonfisher.com/
A spike in ransomware on the factory floor isn’t just a headline; it’s a stress test for how we design, segment, and measure our defenses. We open with the realities of manufacturing risk—legacy OT, flat networks, and high stakes for uptime—then translate that urgency into a practical walkthrough of CISSP Domain 6: the assessments, testing, and metrics that actually prove security works. Along the way, we share a surprising leadership edge from a trial lawyer’s communication book that helps you argue less, align faster, and get executive buy‑in when the first vuln report lights up like a Christmas tree.
We break down internal vs external audits and when each makes sense, plus a smart cadence for third‑party and supply chain reviews that acknowledges your perimeter now includes APIs and vendor tunnels. From vulnerability scans and scoped penetration tests to SIEM‑driven log reviews and synthetic transactions, we map out a toolkit that catches issues before users do. We go deeper on secure code reviews, unit/integration testing, and interface testing for APIs, because the quiet paths between services are often where real risk hides.
Then we shift to the machinery of proof: breach and attack simulation for continuous validation, compliance checks to spot drift, and the metrics that matter—MTTD, MTTR, patch rates, vuln density, mean time to report. We lay out how to run account reviews, verify backups you can trust, and exercise DR/BC so recovery is muscle memory. Finally, we tackle remediation prioritization, exception handling with compensating controls, and ethical disclosure that minimizes harm while nudging vendors to act. If you’re preparing for the CISSP or elevating your program, you’ll leave with a clearer map and concrete next steps.
If this helped, follow the show, share it with a teammate, and drop a review—what’s one control or metric you’re upgrading this quarter?
Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.
Join now and start your journey toward CISSP mastery today!
More shows like CISSP Cyber Training Podcast - CISSP Training Program
View all
Hacked
181 Listeners
Security Now (Audio)
2,003 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
370 Listeners
Risky Business
373 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
638 Listeners
CyberWire Daily
1,016 Listeners
Smashing Security
322 Listeners
Darknet Diaries
8,001 Listeners
Cybersecurity Today
175 Listeners
Hacking Humans
313 Listeners
CISO Series Podcast
188 Listeners
Defense in Depth
73 Listeners
Cyber Security Headlines
134 Listeners
Risky Bulletin
44 Listeners
Hacker And The Fed
169 Listeners