WEBVTT

00:00:00.640 --> 00:00:05.090
Your tactics of approaching the answer can be as important as having

00:00:05.090 --> 00:00:08.460
the knowledge and competency to address the topic.

00:00:08.940 --> 00:00:12.870
Each question should be read so that you parse each word

00:00:12.880 --> 00:00:17.820
and not summarize. The question stems should be read twice

00:00:17.830 --> 00:00:19.650
along with the answer stem.

00:00:20.040 --> 00:00:24.200
You can quickly eliminate reading and comprehension errors in this

00:00:24.200 --> 00:00:28.490
way. Let's discuss some guidelines for answering questions with some

00:00:28.490 --> 00:00:32.250
realistic questions from the CCSP topics.

00:00:32.940 --> 00:00:35.550
If you want to take your time and practice,

00:00:35.760 --> 00:00:39.150
pause the video and reflect on your answers.

00:00:39.940 --> 00:00:43.270
The first principle is if you are given a generic question,

00:00:43.310 --> 00:00:45.010
select a generic answer.

00:00:45.160 --> 00:00:48.960
If you're given a specific question, select a specific answer.

00:00:49.540 --> 00:00:52.960
See how you can apply that guideline to this question.

00:00:54.140 --> 00:00:57.520
The services you are consuming from your cloud platform appear

00:00:57.520 --> 00:01:00.890
to be struggling to meet the minimum performance you pay for.

00:01:00.890 --> 00:01:03.180
As a provider of cloud services,

00:01:03.190 --> 00:01:06.650
which configuration element would directly affect the guaranteed

00:01:06.650 --> 00:01:10.950
resources for what you are being charged? You can pause the video

00:01:10.950 --> 00:01:13.960
if you'd like to reflect on the answer.

00:01:14.940 --> 00:01:21.270
A contract and SLA are tools used to provide an expectation of services, but

00:01:21.280 --> 00:01:24.600
you note that neither of them is a configuration element.

00:01:24.750 --> 00:01:30.060
This is a specific question that needs a specific answer if the question were

00:01:30.070 --> 00:01:35.330
what management element sets expectation of services rendered? Then the big

00:01:35.330 --> 00:01:41.460
fish of SLA would eat the little fish of the reservations. Guideline two,

00:01:41.840 --> 00:01:44.550
eliminate answers that are nonsensical or wrong.

00:01:44.780 --> 00:01:49.630
Some brain health reasons for this include getting clutter out of your mind.

00:01:49.630 --> 00:01:53.940
Like any other capability that your body produces from energy,

00:01:53.950 --> 00:01:58.730
your brain needs rest, and it's no exception. If you've ever taken

00:01:58.730 --> 00:02:01.500
an exam and after a few hours of engaging it,

00:02:01.640 --> 00:02:05.310
you may have thought to yourself, I honestly don't care if I pass

00:02:05.310 --> 00:02:10.080
the exam or not at this point, you've experienced the finite energy

00:02:10.210 --> 00:02:12.760
allocated to your brain for that period.

00:02:13.440 --> 00:02:17.970
Keep this in mind as you go through the next point. Point

00:02:17.970 --> 00:02:22.380
number three, follow where you are in the stream of time and

00:02:22.380 --> 00:02:24.380
don't let yourself outside of that.

00:02:24.630 --> 00:02:29.250
What may be an appropriate activity or response in the answer stem may be the

00:02:29.250 --> 00:02:34.350
wrong answer based upon where you are in the line of time.

00:02:34.840 --> 00:02:37.150
See if you can apply that principle to this question.

00:02:38.040 --> 00:02:42.170
Your organization wants to verify that the controls that you have applied

00:02:42.170 --> 00:02:46.880
to the services you are consuming from your cloud provider meet business,

00:02:46.880 --> 00:02:49.160
regulatory, and best practice requirements.

00:02:49.740 --> 00:02:53.110
The audit process will most definitely require testing to

00:02:53.110 --> 00:02:55.050
prove the effectiveness of the controls.

00:02:55.640 --> 00:03:00.880
What should you do first? Recall the previous guideline

00:03:00.890 --> 00:03:04.160
about eliminating nonsensical answers.

00:03:05.240 --> 00:03:09.170
One of these answers can be immediately eliminated.

00:03:09.240 --> 00:03:10.850
Which one would you remove?

00:03:11.060 --> 00:03:15.510
C is extreme and all encompassing. Be concerned

00:03:15.510 --> 00:03:17.560
about words like always and never.

00:03:18.840 --> 00:03:23.700
The fourth principle is don't respond with the variable to an answer.

00:03:23.700 --> 00:03:26.630
We talked about this earlier with the middle question

00:03:26.630 --> 00:03:29.200
in life. Respond with the standard.

00:03:29.310 --> 00:03:31.950
Don't add or subtract from the context.

00:03:31.960 --> 00:03:36.200
Stay within the borders and the framing designed in the question. Don't

00:03:36.210 --> 00:03:40.140
induce possibilities beyond what is included in the body in the

00:03:40.140 --> 00:03:43.560
scenario of the question. Review this question.

00:03:44.340 --> 00:03:47.870
Your organization is interested in a new cloud service provider.

00:03:48.180 --> 00:03:52.830
They have a service you've been looking for that more completely fits your

00:03:52.830 --> 00:03:56.530
business requirements than all the other providers you've reviewed. While

00:03:56.530 --> 00:04:00.770
your company's senior management doesn't have concerns about their

00:04:00.770 --> 00:04:05.670
technology controls, they are concerned that the company has only started

00:04:05.670 --> 00:04:08.280
doing business in the last four months.

00:04:08.290 --> 00:04:12.590
What type of audit report would most appropriately address this

00:04:12.590 --> 00:04:16.269
concern? Again, you can pause the video if you'd like to ponder the

00:04:16.269 --> 00:04:23.950
question. Note that the organization has no concerns about the

00:04:23.950 --> 00:04:28.960
technical controls. That would eliminate B through D, stay within

00:04:28.960 --> 00:04:30.790
the context of the scenario.

00:04:31.040 --> 00:04:36.310
The organization has decided, not you. Looking at their controls over

00:04:36.310 --> 00:04:43.340
financial reporting will illuminate their potential longevity. Point

00:04:43.340 --> 00:04:48.520
number five, don't concern yourself with memorizing specific document

00:04:48.520 --> 00:04:53.690
names and numbers. An expected challenge on the exam will be that you

00:04:53.690 --> 00:04:58.630
are questioned on principles from one framework or guideline that you

00:04:58.630 --> 00:05:00.340
will find in many.

00:05:00.400 --> 00:05:02.150
Let's consider this next question.

00:05:03.140 --> 00:05:07.340
A controller and organization consuming services on a cloud provider's

00:05:07.340 --> 00:05:11.980
platform and managing customers' data uses data beyond the agreement of when

00:05:11.980 --> 00:05:16.200
the customer first signed up for the service. In particular, the controller

00:05:16.200 --> 00:05:21.110
allows a partner organization to use the customer data to perform statistical

00:05:21.110 --> 00:05:23.360
analysis of a given population set.

00:05:23.740 --> 00:05:27.890
They have not informed their customers. What element of the code of practice

00:05:27.890 --> 00:05:32.140
for protection of personally identifiable information in public clouds

00:05:32.140 --> 00:05:40.110
ISO27018:2019 has been violated? You can pause the video if you would like to

00:05:40.120 --> 00:05:49.340
ponder your answer. Consent will be an element that is always evident within

00:05:49.350 --> 00:05:51.760
any framework related to privacy.

00:05:52.140 --> 00:05:56.160
Knowing the principles from all guidelines is essential.

00:05:56.840 --> 00:06:03.190
Knowing the specific guideline is not. Point number six, use

00:06:03.190 --> 00:06:08.150
reconciliation of reversing operators or linchpins like the word

00:06:08.160 --> 00:06:10.660
except, the word not, the word best.

00:06:11.040 --> 00:06:16.320
I will respond in my mind or notepaper with everything that is

00:06:16.320 --> 00:06:20.060
the operator within a question like not.

00:06:20.440 --> 00:06:22.480
That's how I reconcile the answer.

00:06:23.140 --> 00:06:24.810
Let's take a look at another question.

00:06:25.640 --> 00:06:28.710
The root account connected to the management console for

00:06:28.710 --> 00:06:32.130
your company appears to have recorded a suspicious login

00:06:32.130 --> 00:06:34.090
from an unexpected location.

00:06:34.220 --> 00:06:37.550
After determining from the administrator team that no one

00:06:37.550 --> 00:06:39.600
used the root account to access the console,

00:06:39.730 --> 00:06:42.650
they meet with the security team to determine the next steps.

00:06:43.140 --> 00:06:46.580
What is the best recommendation for safeguarding root

00:06:46.590 --> 00:06:51.030
account access? You can pause the video if you would like

00:06:51.030 --> 00:06:53.510
to reflect on the correct answer.

00:06:54.740 --> 00:06:59.160
The other answers are legitimate, but the one that is best for

00:06:59.160 --> 00:07:06.040
the context provided is to get multifactor access. Principle

00:07:06.040 --> 00:07:08.160
number seven is extremely important.

00:07:08.640 --> 00:07:11.750
Don't change answers unless you've read the answer

00:07:11.750 --> 00:07:13.950
stem or question stem incorrectly.

00:07:14.340 --> 00:07:19.610
The science of test taking related to what's known as psychometrics informs us

00:07:19.710 --> 00:07:23.660
that an answer selected initially happens through logic.

00:07:24.040 --> 00:07:26.660
When we revisit and change the answer,

00:07:26.770 --> 00:07:33.860
it is typically driven by anxiety or fear of the unknown. Point number eight,

00:07:33.860 --> 00:07:39.540
the last guideline, is if an answer is in doubt, throw it out.

00:07:39.640 --> 00:07:45.560
It may be a real thing placed in the wrong context or the wrong sequence.

00:07:46.540 --> 00:07:50.780
Be sure to look at the study guide posted for this course as it

00:07:50.780 --> 00:07:55.620
includes helpful links for the exam outlines, current and future, and a

00:07:55.620 --> 00:08:00.750
link to ISC2 flashcards and other exam prep information you can get for

00:08:00.750 --> 00:08:05.510
free. No matter how deeply connected you are to the information, the

00:08:05.510 --> 00:08:11.220
questions will be stated in a way that may look unfamiliar. But recall

00:08:11.220 --> 00:08:15.030
the principles of what you study, and you can manage through any

00:08:15.030 --> 00:08:15.960
complexity.

00:08:17.240 --> 00:08:21.650
Thanks for joining me on this brief journey of exam review and tips for

00:08:21.650 --> 00:08:27.540
CCSP, wishing you success in your CCSP certification challenge and I hope

00:08:27.540 --> 00:08:30.950
to see you again on the Pluralsight platform.