Sign up to save your podcasts
Or
Share CCT 349: FOXCONN Hack and Domain 7 CISSP Practice Questions
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CCT 349: FOXCONN Hack and Domain 7 CISSP Practice Questions
Send us Fan Mail
Eight terabytes of stolen schematics is not just a scary number, it is a reminder that cyber risk becomes business risk fast. We start with the Wired report on the Foxconn ransomware attack and unpack what a claim like that could mean in the real world: intellectual property exposure, supply chain disruption, customer impact, and the uncomfortable truth that recovery is only one part of the story when data walks out the door.
From there, we switch into CISSP Domain 7 Security Operations mode and work through practical exam-style questions with the “how would this hold up at work” mindset. We break down why live forensics imaging can be the right call during an insider threat investigation, using the order of volatility and the kinds of RAM artifacts that disappear the moment you shut a machine down. We also tackle a Patch Tuesday nightmare scenario where a CVSS 9.8 vulnerability is already being exploited but the change advisory board will not meet for ten days, and we explain why an emergency change process plus compensating controls is the mature security operations answer.
We also cover a common privileged access failure where a domain admin uses an elevated account for email and browsing, and how least privilege plus a privileged access workstation (PAW) architecture can prevent a single phish from becoming domain compromise. Finally, we sharpen the fundamentals with an RTO/RPO recovery timeline question and a SIEM brute force threshold miss that illustrates false negatives and the need for better tuning and behavioural baselines.
Subscribe for weekly CISSP training, share this with a study partner, and leave a review so more security pros can find the show. What topic do you want me to turn into practice questions next?
Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.
Join now and start your journey toward CISSP mastery today!
View all episodes
By Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur
4.5
3333 ratings
Send us Fan Mail
Eight terabytes of stolen schematics is not just a scary number, it is a reminder that cyber risk becomes business risk fast. We start with the Wired report on the Foxconn ransomware attack and unpack what a claim like that could mean in the real world: intellectual property exposure, supply chain disruption, customer impact, and the uncomfortable truth that recovery is only one part of the story when data walks out the door.
From there, we switch into CISSP Domain 7 Security Operations mode and work through practical exam-style questions with the “how would this hold up at work” mindset. We break down why live forensics imaging can be the right call during an insider threat investigation, using the order of volatility and the kinds of RAM artifacts that disappear the moment you shut a machine down. We also tackle a Patch Tuesday nightmare scenario where a CVSS 9.8 vulnerability is already being exploited but the change advisory board will not meet for ten days, and we explain why an emergency change process plus compensating controls is the mature security operations answer.
We also cover a common privileged access failure where a domain admin uses an elevated account for email and browsing, and how least privilege plus a privileged access workstation (PAW) architecture can prevent a single phish from becoming domain compromise. Finally, we sharpen the fundamentals with an RTO/RPO recovery timeline question and a SIEM brute force threshold miss that illustrates false negatives and the need for better tuning and behavioural baselines.
Subscribe for weekly CISSP training, share this with a study partner, and leave a review so more security pros can find the show. What topic do you want me to turn into practice questions next?
Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success.
Join now and start your journey toward CISSP mastery today!
More shows like CISSP Cyber Training Podcast - CISSP Training Program
View all
Stuff You Should Know
78,712 Listeners
TED Talks Daily
10,994 Listeners
The Ben Shapiro Show
153,366 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
368 Listeners
Software Engineering Daily
624 Listeners
Risky Business
375 Listeners
CyberWire Daily
1,023 Listeners
Darknet Diaries
8,048 Listeners
Cybersecurity Today
178 Listeners
CISO Series Podcast
192 Listeners
Defense in Depth
73 Listeners
Cybersecurity Headlines
137 Listeners
The AI Daily Brief: Artificial Intelligence News and Analysis
693 Listeners
Reduce Cyber Risk Podcast - Cyber Security Made Simple
0 Listeners