Activity
Mon
Wed
Fri
Sun
Jul
Aug
Sep
Oct
Nov
Dec
Jan
Feb
Mar
Apr
May
Jun
What is this?
Less
More
Memberships
CISSP Study Group
2.2k members ā¢ Free
121 contributions to CISSP Study Group
10d ā¢Ā
CISSP Practice Question (Domain 1: Security and Risk Management - AI Exam Guidance)
Your organization adopts an AI-driven system to automate loan approval decisions. Compliance raises concerns that the model may produce discriminatory outcomes against protected groups. As the CISO advising leadership, what is the MOST appropriate FIRST step? A. Implement explain ability tooling to interpret model decisions B. Establish AI governance with bias assessment and accountability for automated decisions C. Retrain the model on a more representative dataset D. Add a human reviewer to approve all model-rejected applications Come back for the answer tomorrow, or study more now!
1 like ā¢ 8d
B ...nice question @Vincent Primiani
10d ā¢Ā
š„ Leaderboard Shout-out
Congratulations to our leaders in daily question likes! š @Antony Onamu @Ed Morawski @Keri Matthews @Deepak Nv @Lanre Ojurongbe Your perspectives being heard and appreciated by the group!! Keep up the great work! We all learn best from each other.
2 likes ā¢ 10d
@Michael Samson-Metzger Thank you for the kind words my friend.
1 like ā¢ 8d
@Vincent Primiani I think some of my credits were from my post about @Enrico Sciullo 's classes and his material he had created.
Feb 5 ā¢Ā
CEUs
I'm not going to get CISSP, but just continue with my SEC+. I'm going to be part of this group to continue to get CEUs. I thought at one point my job would require that I get something higher than SEC+, but that isn't true.
1 like ā¢ 12d
Hi @Salvador Sanchez and @Anjali Gupta. One of the quickest ways you can obtain free CEU's is by joining the study groups that we have at least once a day. You can obtain a minimum of 12 CEU's per week for joining in on the sessions. There are some great discussions within all of the domains of the CISSP that you can use for the Security+. It's free and you can learn along the way!
15d ā¢Ā
CISSP Practice Question (Domain 8: Software Development Security - AI Exam Guidance)
Your organization wants to integrate a third-party pre-trained ML model into an internal application. The vendor provides the model weights but no documentation on the training data sources. As the security lead, what is the MOST appropriate action BEFORE integration? A. Run the model in an isolated sandbox and monitor its behavior B. Require a software bill of materials covering the model and its provenance C. Scan the model file for embedded malware before deployment D. Limit the model's runtime permissions to read-only data access Come back for the answer tomorrow, or study more now!
0 likes ā¢ 14d
B
28d ā¢Ā
CISSP Practice Question (Domain 2: Asset Security - AI Exam Guidance)
Your data science team plans to fine-tune a large language model using historical customer support transcripts containing PII. The business wants the model deployed organization-wide for internal use. As the CISO, what is the MOST appropriate action BEFORE training begins? A. Encrypt the training dataset at rest and restrict access to data scientists B. Apply data minimization and de-identification techniques to the training corpus C. Require model output filtering to prevent PII disclosure in responses D. Obtain renewed customer consent for the new processing purpose Come back for the answer tomorrow, or study more now!
1 like ā¢ 27d
B. This is a preventive control.
0 likes ā¢ 16d
B
1-10 of 121