Think about an issue that you’ve encountered at work. Now think about how you went about resolving the problem. What was the root cause? And how did you arrive at that answer? What could you have done better? This is a methodological approach to passing the CISSP. As you can see, experience wins the day as about a third of the questions that I’ve encountered on the test were intuitive. However, those who have NOT worked in the environments that I’ve worked might have a different thought process. Ironically, it’s not that you’re “wrong” in your assessment in that many of the questions have 4 of 4 technically RIGHT answers. You should know that ‘best practice’ is no misnomer or euphemism that’s used amongst technology professionals. You master these things by working in a security environment and applying the principles and best practices.
@Lamont29 is correct that experience is a huge thing.
Another huge thing is thinking like a manager instead of a technician. In Lamont's example, if you resolved the problem by making a configuration change, you are likely the technician. In this case, you need to think about how your boss (or boss's boss) went about solving the problem. This includes things like seeking other people's opinions, gaining consensus on the most appropriate course of action, maintaining the lines of communications with the technicians, customers, IR teams, and other involved parties.
Another trick is if one of the answers is "human life safety", that is the correct answer, almost regardless of the question.