Your development team is using an AI coding assistant that auto-suggests code snippets sourced from public repositories. A senior engineer discovers some suggestions closely mirror a competitor's proprietary library. What should you do FIRST? A. Engage legal counsel to evaluate intellectual property exposure B. Ban all AI coding assistants until a formal usage policy is approved C. Restrict the tool's access to internal repositories and require peer code review D. Implement software composition analysis to flag externally sourced code Come back for the answer tomorrow, or study more now!

During a penetration test, the red team discovers a critical vulnerability in a production system that could allow full privilege escalation. From a CISSP perspective, what’s the right next step, should they exploit it fully to prove impact, or stop short and document the finding? How do you balance business risk, liability, and the test’s objectives?

An organization is experiencing a distributed denial-of-service (DDoS) attack that is overwhelming its internet bandwidth. Which of the following is the MOST effective immediate response? A Unplugging the primary internet connection. B Contacting their upstream internet service provider (ISP) for assistance. C Blacklisting the source IP addresses of the attack traffic. D Reconfiguring the firewall to block the malicious traffic.

What is the MOST important element when considering the effectiveness of a training program for Business Continuity (BC) and Disaster Recovery (DR)? A. Management support B. Consideration of organizational need C. Technology used for delivery D. Target audience

A corporation does not have a formal data destruction policy. During which phase of a criminal legal proceeding will this have the MOST impact? A. Sentencing B. Trial C. Discovery D. Arraignment