Study Notes and Theory

“You used every second studying without waste — the outcome was always obvious: CISSP!” – Luke Ahmed Today is Day 34 of Yihenew’s CISSP study plan, focusing on Role-Based Access Control (RBAC)  — one of the most widely implemented and exam-tested access models in the CISSP. RBAC is about assigning permissions to roles , not individuals. This ensures consistent access control management, reduced administrative burden, and tighter alignment between business functions and system

“Rain or shine a CISSP will do what they have to do.” – Luke Ahmed Today is Day 33 of Yihenew’s CISSP study plan, focusing on SAML — Security Assertion Markup Language , one of the most important identity federation standards every CISSP must understand. SAML allows users to authenticate once and access multiple systems or services across domains — it’s the foundation of Single Sign-On (SSO)  in enterprise environments. Knowing how  and why  SAML works connects directly to yo

“Highlighting and note taking — your secret resource for the exam and THE best way to maintain subject matter retention.” – Luke Ahmed Today is Day 32 of Yihenew’s CISSP study plan, focusing on Threat Modeling  — the art of predicting, identifying, and reducing potential threats before  they happen. Threat modeling is where technical knowledge meets foresight. You’re not reacting to incidents — you’re designing systems with security built in  from the start. Key Areas Covered

“Everyone goes on their own pace, and you did it perfectly. Not only that, your entire journey is documented — now that's a powerful statement!” – Luke Ahmed Today is Day 31 of Yihenew’s CISSP study plan, focusing on one of the most overlooked yet powerful tools in your entire journey — your mistakes. Every wrong answer, every confusing question, every note you had to rewrite three times — that’s not failure. That’s progress recorded. Mistakes are data points showing where yo

This was the toughest exam I’ve taken so far and, in my opinion, it’s much more challenging than the CCSP I passed last year. For me, studying wasn't just about preparing for an exam—it was a genuine passion to improve myself in all 8 domains. The journey... Right from the start, I chose LukeAhmed’s course from https://www.studynotesandtheory.com/ (the same one that helped me pass the CCSP last year), and I truly believe it offers the best explanations and structure for CISS

"It's a lonely journey, but man, that ending is worth it!!" – Luke Ahmed Today is Day 30 of Yihenew’s CISSP study plan, focusing on penetration testing  — a critical concept that blends technical skill with management-level understanding of risk validation. Key Areas Covered: Purpose of Pen Testing  — to simulate real-world attacks and test how effective existing controls are, both technically and procedurally. Pen Test vs. Vulnerability Scan  — vulnerability scans identify p

"It's been 5 years since I wrote that book, so good to see it in your hands. The ultimate measure of its success will be the completion...

"15 minutes for each practice question set, brilliant move as you study this deep into the CISSP game! Sometimes the wrong answers tell...

"Song lyrics says it all. Keep those notebooks my friend! You'll miss these days of studying when you're massively successful!" – Luke...

"The Memory Palace – one of my favorites!" – Luke Ahmed Today is Day 26 of Yihenew’s CISSP study plan, focusing on Ransomware  — not just...