"Song lyrics says it all. Keep those notebooks my friend! You'll miss these days of studying when you're massively successful!"– Luke Ahmed

Today is Day 27 of Yihenew’s CISSP study plan, focusing on Physical Security Controls — the often-overlooked foundation of information security.

Key Areas Covered:

• Deterrent Controls — discourage malicious activity before it starts (signage, guards, lighting, visible cameras).

• Preventive Controls — stop unauthorized access (locks, fences, security doors, mantraps).

• Detective Controls — identify incidents in progress (CCTV, motion detectors, alarms).

• Corrective Controls — limit damage and restore operations (fire suppression, backup power, emergency response).

• Compensating Controls — alternatives when primary controls can’t be used (security patrols when cameras are down).

• Layered Defense — perimeter → facility exterior → interior zones → data center. Each layer adds delay and detection.

• CISSP Exam Tie-In — questions often test whether you can match the control type (deterrent, preventive, detective) with the example given.

In this CISSP study plan session, Yihenew reinforced that without physical controls, even the best encryption or IAM can be bypassed by simply walking into the server room.

Quick CISSP Practice Question

Which of the following is considered a deterrent physical control?

A. Fire suppression system

B. CCTV cameras in visible areas

C. Mantrap with badge reader

D. Motion detection alarm

✅ Correct Answer: B. CCTV cameras in visible areas

Explanation:

• Deterrent = discourages an attacker before they act (visible cameras, signage).

• Preventive = stops entry (locks, mantraps).

• Detective = alerts you once activity starts (alarms, motion sensors).

• Corrective = responds after the fact (fire suppression, sprinklers).

Think Like a Manager: The exam tests your ability to classify controls. Don’t just name the device — think: Does it stop, discourage, detect, or correct? That framing leads you to the right answer.

Check out Yani's TikTok or see Day 26 or Day 28.

👉 Can you take the Yani Challenge?

55 days of consistent CISSP prep, tackling one domain at a time, using only the resources below:

Course

Luke's CISSP Course (2 months access, $89.98)

One-to-one Zoom sessions with Luke Ahmed (2 weeks before exam)

Books, Notes, and Practice Questions

All-In-One Study Guide by Shon Harris (Around $45)

Sybex 10th Edition (Around $52.55)

Official CISSP Practice Tests, 4th Edition by Mike Chapple & David Seidl (Around $35)

How To Think Like A Manager for the CISSP Exam ($29.99)

Total Cost: approxiamately $250 depending on your geographic location. Yani is located in East Africa.

📚 Study Plan (55 Days of Dedication):

- Weekdays: 2–3 hours of focused study—late nights and early mornings (5 AM).

- Weekends: 5–6 hours of deep study sessions.

Pass CISSP in first attempt within 100 questions.

Yani's biggest expense was his time, committment, consistency, and dedication! It was worth it because he passed first attempt in 100 questions using the above resources only.

If Yihenew could do it, so can you.

All the best Future CISSP. You can feel free to contact me anytime as well.

Thank you.

Luke Ahmed