cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
archicissp
Newcomer II

Technical Vs Managerial answer to a CISSP question.

Hello All,
 
I have been thinking about the tip where you should choose the answer to a question "as a manager" would and not like a technical person would. Here is an example I came up with:
 
Exit interviews are conducted because:
  1. Disable the employee's account ?
  2. Signing the NDA ?
The second one is managerial answer so would be correct but 1st one is more like thinking technical person would think. Is my understanding right ? Any more thoughts or examples please ?
 
4 Replies
Thalpius
Newcomer III

I don’t see this as a technical or administrative question. I do agree you have to answer as a “manager” instead of a technical person.

The NDA is something you sign when you enter a company, not at an exit interview. You sign a paper saying you don’t “disclose” company information during your assignment.

What they mean with “answer a question like a manager” it more something like this:

What do you have to declare at the US customs when traveling from Europe:

A. USB drive
B. Hard disk
C. Encryption software
D. CD-Rom

As a technical guy I would say you can put the encryption software on all portable media and you can encrypt is with the same software probably. That’s not something you need to think of. The answer would be “Encryption software”.

Don’t overthink any technical issues. For me this was quite difficult as a technical person.

Not sure if this is a good example, but you’ll get the idea.
archicissp
Newcomer II

Thank You for the great insight & example.

 

As far as NDA agreement during the Exit interview is concerned I meant going over it what you signed. So making sure you won't disclose that information. That came straight from Sybex book.

denbesten
Community Champion

Another example:

 

You figure out that somebody has broken into your web server.  What is your first action:

 

1) Unplug the network cable.

2) Engage the Emergency response team.

 

A technician is more likely to focus on immediate mitigation, whereas a manager will want to know the cost of mitigation vs not mitigating.  For example, they may ultimately decide that the best solution is to leave it alone until the end of a work shift.

archicissp
Newcomer II

Great example. Thank You !