"You pictured your goals and made them a reality! It all paid off and always will."

– Luke Ahmed

Today is Day 9 of Yihenew’s CISSP study plan, continuing with Software Development Security, now focusing on Continuous Integration and Continuous Deployment (CI/CD) and their security implications.

Key Areas Covered:

• Continuous Integration (CI) — frequent merging of code changes into a shared repository with automated builds and tests

• Continuous Deployment/Delivery (CD) — automating release processes so secure, tested code moves into production quickly

• Security in CI/CD — integrating code scanning, dependency checks, and automated testing into the pipeline

• DevSecOps Mindset — shifting security left by embedding controls earlier in the development cycle

• CISSP Tie-In — the exam tests your ability to balance speed, automation, and governance with secure development practices

  
  

In this CISSP study plan session, Yihenew highlighted that CI/CD is about more than speed—it’s about creating a predictable, controlled pipeline where vulnerabilities are caught before they ever reach production.

Quick CISSP Practice Question

In a CI/CD environment, which practice best supports secure code delivery?

A. Relying only on manual code reviews

B. Deploying to production after developer approval

C. Automating security testing within the build pipeline

D. Releasing updates less frequently to reduce exposure

✅ Correct Answer: C. Automating security testing within the build pipeline

Explanation: Automated security testing ensures vulnerabilities are detected early and consistently. Manual reviews add value but can’t replace automation at scale. Less frequent releases don’t guarantee security—they often delay fixing vulnerabilities.

Check out Yani's TikTok or see Day 8 or Day 10.

👉 Can you take the Yani Challenge?

55 days of consistent CISSP prep, tackling one domain at a time, using only the resources below:

Course

Luke's CISSP Course (2 months access, $89.98)

One-to-one Zoom sessions with Luke Ahmed (2 weeks before exam)

Books, Notes, and Practice Questions

All-In-One Study Guide by Shon Harris (Around $45)

Sybex 10th Edition (Around $52.55)

Official CISSP Practice Tests, 4th Edition by Mike Chapple & David Seidl (Around $35)

How To Think Like A Manager for the CISSP Exam ($29.99)

Total Cost: approxiamately $250 depending on your geographic location. Yani is located in East Africa.

📚 Study Plan (55 Days of Dedication):

- Weekdays: 2–3 hours of focused study—late nights and early mornings (5 AM).

- Weekends: 5–6 hours of deep study sessions.

Pass CISSP in first attempt within 100 questions.

Yani's biggest expense was his time, committment, consistency, and dedication! It was worth it because he passed first attempt in 100 questions using the above resources only.

If Yihenew could do it, so can you.

All the best Future CISSP. You can feel free to contact me anytime as well.

Thank you.

Luke Ahmed