Activity
Mon
Wed
Fri
Sun
Aug
Sep
Oct
Nov
Dec
Jan
Feb
Mar
Apr
May
Jun
Jul
What is this?
Less
More

Memberships

CISSP Study Group

2.2k members • Free

121 contributions to CISSP Study Group
CISSP Practice Question (Domain 6: Security Assessment and Testing - AI Exam Guidance)
Your organization deploys a customer-facing AI model that passed standard penetration testing. Leadership wants assurance the model itself cannot be manipulated or stolen. As the security assessment lead, what is the MOST appropriate NEXT step? A. Commission AI red teaming for evasion and model extraction attacks B. Repeat penetration testing with expanded application scope C. Review the vendor's secure development attestation D. Enable runtime anomaly monitoring on model outputs Come back for the answer tomorrow, or study more now!
1 like • 7d
A. AI read teaming is specifically intented for detecting theft and manipulation in AI. B is "more of the same". It is not tailored to AI threats. C. A review is useful but does not test or gaurentee the actual AI. D. Is a reactive measure. while pentesting is a proactive measure.
CISSP Practice Question (Domain 5: Identity and Access Management - AI Exam Guidance)
An AI scheduling agent needs calendar and email access for all executives. The vendor requests a single privileged service account to simplify deployment before next month's rollout deadline. As the IAM lead, what is the MOST appropriate action? A. Approve the account with session recording enabled B. Issue scoped non-human identities per function with credential rotation C. Delay rollout until the vendor supports federated authentication D. Grant access but restrict it to business hours only Come back for the answer tomorrow, or study more now!
0 likes • 11d
B.
CISSP Practice Question (Domain 4: Communication and Network Security - AI Exam Guidance)
Your organization runs a high-value AI model training environment on the same internal network segment as general corporate workstations. A risk assessment flags the shared segment as a concern. As the network security architect, what is the BEST control to implement? A. Deploy AI-driven network detection and response to monitor the segment B. Microsegment the training environment to isolate it from the corporate network C. Encrypt all traffic to and from the training environment D. Place an intrusion prevention system at the segment boundary Come back for the answer tomorrow, or study more now!
0 likes • 30d
B
CISSP Practice Question (Domain 1: Security and Risk Management - AI Exam Guidance)
Your organization adopts an AI-driven system to automate loan approval decisions. Compliance raises concerns that the model may produce discriminatory outcomes against protected groups. As the CISO advising leadership, what is the MOST appropriate FIRST step? A. Implement explain ability tooling to interpret model decisions B. Establish AI governance with bias assessment and accountability for automated decisions C. Retrain the model on a more representative dataset D. Add a human reviewer to approve all model-rejected applications Come back for the answer tomorrow, or study more now!
1 like • Jun 10
B. A is as such does not prevent potential bias. It explains only after the fact. C datasets alone is no guarantee against bias. To prevent bias you also need to look at the algorithm design. D. Only looks at rejections. What about the approved loans. They might have been approved because of the bias.
Provisionally passed the exam
I’m excited to let you all know that I passed the exam today. I’m still pretty overwhelmed am not sure how well I did but I guess it was good enough!
0 likes • Jun 6
Be proud! Nicely done.
1-10 of 121
Ivo Mulders
4
20points to level up
@ivo-mulders-1100
ISO Netherlands CISM, CISSP, (aspiring) AAISM

Active 11h ago
Joined Oct 28, 2025
Netherlands
Powered by