"Good to see The Memory Palace there as well Future CISSP! You can do this! Flipping those pages of my book confidently!"– Luke Ahmed

Today is Day 20 of Yihenew’s CISSP study plan, reflecting on the mindset shift that separates pass from fail on the CISSP exam: learning how to Think Like a Manager.

Key Areas Covered:

• Managerial vs. Technical Mindset — CISSP isn’t about configuring firewalls; it’s about aligning controls with business goals.

• Risk-Based Decisions — managers evaluate impact, likelihood, and cost before selecting security solutions.

• Governance Over Configuration — exam answers usually prioritize policies, frameworks, and oversight over hands-on fixes.

• Business Alignment — the “right” answer often emphasizes minimizing risk while supporting business objectives.

• Luke’s Book Tie-In — How To Think Like a Manager for the CISSP Exam provides scenarios and reasoning frameworks to practice this shift.

• CISSP Exam Tie-In — many “gotcha” questions are designed to catch engineers who answer technically instead of strategically.

In this CISSP study plan session, Yihenew reinforced that success comes not from memorizing facts, but from consistently asking what the manager would do first.

Quick CISSP Practice Question

When reviewing a proposed new security control, what should a CISSP consider first?

A. The vendor’s technical specifications

B. The control’s alignment with business objectives and risk management

C. Whether competitors use the same control

D. The speed of implementation

✅ Correct Answer: B. The control’s alignment with business objectives and risk management

Explanation:Controls are only valuable if they support organizational goals and reduce risk in a measurable way. Technical specifications (A), competitor behavior (C), and speed of rollout (D) may matter, but they come after alignment with strategy and governance.

Think Like a Manager: On the exam, your role isn’t to be the smartest engineer in the room — it’s to be the decision-maker who ties technology back to business priorities. Always step back and ask: “How does this control serve the enterprise, reduce risk, and prove accountability?” That’s the CISSP mindset.

Check out Yani's TikTok or see Day 19 or Day 21.

👉 Can you take the Yani Challenge?

55 days of consistent CISSP prep, tackling one domain at a time, using only the resources below:

Course

Luke's CISSP Course (2 months access, $89.98)

One-to-one Zoom sessions with Luke Ahmed (2 weeks before exam)

Books, Notes, and Practice Questions

All-In-One Study Guide by Shon Harris (Around $45)

Sybex 10th Edition (Around $52.55)

Official CISSP Practice Tests, 4th Edition by Mike Chapple & David Seidl (Around $35)

How To Think Like A Manager for the CISSP Exam ($29.99)

Total Cost: approxiamately $250 depending on your geographic location. Yani is located in East Africa.

📚 Study Plan (55 Days of Dedication):

- Weekdays: 2–3 hours of focused study—late nights and early mornings (5 AM).

- Weekends: 5–6 hours of deep study sessions.

Pass CISSP in first attempt within 100 questions.

Yani's biggest expense was his time, committment, consistency, and dedication! It was worth it because he passed first attempt in 100 questions using the above resources only.

If Yihenew could do it, so can you.

All the best Future CISSP. You can feel free to contact me anytime as well.

Thank you.

Luke Ahmed