Study Notes and Theory

“I’d be nervous for you on this day… but I already know the result :)” – Luke Ahmed Today is Day 50 of Yihenew’s CISSP study plan — the last-minute review day  before the exam. At this point, you’ve gone through dozens of domains, hundreds of concepts, and probably thousands of questions. But today isn’t about cramming  — it’s about calm control . This is where everything you’ve studied over the past 49 days aligns into clarity. You’re not a student anymore — you’re a profess

“Getting close to exam date, my brother! Contact me and we can discuss any last-minute passing advice!!” – Luke Ahmed Today is Day 49 of Yihenew’s CISSP study plan, focusing on Common Criteria (CC)  — one of the most testable topics under Security Engineering  and Evaluation Frameworks . Common Criteria is about trust  — verifying that security products actually do what they claim to do. As a CISSP, you’re expected to understand not how to configure a system, but how to evalu

“Flashcards are essential for quick review and to remind yourself what you need to remind yourself :)” – Luke Ahmed Today is Day 48 of Yihenew’s CISSP study plan, focusing on one of the most management-centric topics in Domain 1: Policies, Standards, Baselines, and Procedures  — the foundational hierarchy of security governance. These documents define how an organization translates security intent  into consistent action . CISSP students often mix them up, but understanding h

“Countdown to destiny!” – Luke Ahmed Today is Day 47 of Yihenew’s CISSP study plan — a reflection and reinforcement day focused on handwritten notes  and one of the most fundamental CISSP concepts: the OSI Model . At this stage of the journey, you’re not just studying — you’re consolidating . The goal is to strengthen neural connections between concepts you’ve already learned. Reviewing your notes and testing your recall on frameworks like OSI is how you move from understandi

“No quote today — because incident response doesn’t wait for perfect timing. It demands readiness, action, and composure.” – Luke Ahmed Today is Day 46 of Yihenew’s CISSP study plan, focusing on Incident Response (IR)  — one of the most real-world, high-pressure topics in the CISSP exam and in the cybersecurity profession. Incident response is where theory meets crisis. It’s not about preventing every incident — it’s about preparing for the inevitable, minimizing impact, and

“STRIDE and threat modeling — essential CISSP topics to know FULLY!” – Luke Ahmed Today is Day 45 of Yihenew’s CISSP study plan, focusing on the STRIDE Model  — one of the most recognized threat modeling frameworks in cybersecurity. Developed by Microsoft, STRIDE helps identify, categorize, and mitigate potential security threats during system design. For CISSP candidates, understanding STRIDE is critical because it aligns directly with risk management , software security , a

“Not many face actual power outages when they're studying CISSP. But it’s these real-life experiences that no doubt become an advantage!” – Luke Ahmed Today is Day 44 of Yihenew’s CISSP study plan, focusing on Power Outage Recovery  — one of the most practical real-world lessons in Business Continuity Planning (BCP)  and Disaster Recovery Planning (DRP) . This topic is a reminder that disasters don’t always involve hackers or malware. Sometimes, it’s a simple power outage tha

“We had a great Zoom session! There were obvious hints that I observed that you were the perfect CISSP student.” – Luke Ahmed Today is Day 43 of Yihenew’s CISSP study plan, diving into Identity and Access Management (IAM)  — one of the most essential and exam-heavy topics across multiple CISSP domains. IAM defines how users are identified, authenticated, and authorized to access systems and data. It’s not just a technical topic — it’s a governance framework  that enforces who

“Maybe these little attacks like data diddling or salami attack won't be in the exam, but they build upon the core foundations of CISSP.” – Luke Ahmed Today is Day 42 of Yihenew’s CISSP study plan, covering two classic — and often overlooked — security threats: Data Diddling  and the Salami Attack . These attacks may sound simple, even outdated, but they represent the heart of what CISSP teaches: understanding how small, unnoticed manipulations  can lead to large-scale integr

“Tough cryptography topic! It took me at least 3 days to understand it. Keep going, Yani!!!” – Luke Ahmed Today is Day 41 of Yihenew’s CISSP study plan, diving into one of the most mind-bending cryptographic principles on the exam — the Birthday Attack , also known as the Birthday Paradox . This topic doesn’t just test your memory — it tests your ability to reason about probability and collisions . Understanding this concept solidifies your knowledge of hash functions , messa