Activity
Mon
Wed
Fri
Sun
Aug
Sep
Oct
Nov
Dec
Jan
Feb
Mar
Apr
May
Jun
Jul
What is this?
Less
More

Memberships

CyberMAYnia CAREER

536 members • Free

CyberMAYnia Club

61 members • Free

AI University (AIU)

110 members • Free

CISSP Study Group

2.2k members • Free

56 contributions to CISSP Study Group
CISSP Practice Question (Domain 6: Security Assessment and Testing - AI Exam Guidance)
Your organization fine-tuned a large language model on internal customer support records and deployed it as an employee-facing assistant. An internal audit is scheduled, and the audit committee asks you to demonstrate that the model cannot be induced to reveal sensitive training data. What is the MOST appropriate assessment approach? A. Perform static analysis of the model's source code and dependencies B. Conduct adversarial prompt testing designed to elicit training data memorization C. Validate that role-based access controls restrict who can query the model D. Review data classification labels applied to the fine-tuning dataset Come back for the answer tomorrow, or study more now!
0 likes • 7h
I would opt for D’ … Reviewing data classification labels applied to the fine-tuning dataset would give me an idea of what those sensitive data are - after which I conduct an adversarial prompting test. So “D” . However, under the condition that the client provides all sensitive data to watch out for then, I’d go straight to “B” .
CISSP Practice Question (Domain 6: Security Assessment and Testing - AI Exam Guidance)
Your organization deploys a customer-facing AI model that passed standard penetration testing. Leadership wants assurance the model itself cannot be manipulated or stolen. As the security assessment lead, what is the MOST appropriate NEXT step? A. Commission AI red teaming for evasion and model extraction attacks B. Repeat penetration testing with expanded application scope C. Review the vendor's secure development attestation D. Enable runtime anomaly monitoring on model outputs Come back for the answer tomorrow, or study more now!
1 like • 4d
A - for proactive actions towards protection (results of which would be great for alert creation and hence detection by monitoring = D) .
CISSP Practice Question (Domain 5: Identity and Access Management - AI Exam Guidance)
An AI scheduling agent needs calendar and email access for all executives. The vendor requests a single privileged service account to simplify deployment before next month's rollout deadline. As the IAM lead, what is the MOST appropriate action? A. Approve the account with session recording enabled B. Issue scoped non-human identities per function with credential rotation C. Delay rollout until the vendor supports federated authentication D. Grant access but restrict it to business hours only Come back for the answer tomorrow, or study more now!
1 like • 10d
B serves a preventive function ; issuing scoped non-human identities per function with cred rotation allows for principle of least privilege. A on the other hand helps detect suspicious activities but that is after the fact also this is not pragmatic long-term as resources are required to review the recorded sessions. Final answer is B.
CISSP Practice Question (Domain 4: Communication and Network Security - AI Exam Guidance)
Your organization runs a high-value AI model training environment on the same internal network segment as general corporate workstations. A risk assessment flags the shared segment as a concern. As the network security architect, what is the BEST control to implement? A. Deploy AI-driven network detection and response to monitor the segment B. Microsegment the training environment to isolate it from the corporate network C. Encrypt all traffic to and from the training environment D. Place an intrusion prevention system at the segment boundary Come back for the answer tomorrow, or study more now!
1 like • 27d
B - Microsegment the network
0 likes • 10d
B
CISSP Practice Question (Domain 1: Security and Risk Management - AI Exam Guidance)
Your organization adopts an AI-driven system to automate loan approval decisions. Compliance raises concerns that the model may produce discriminatory outcomes against protected groups. As the CISO advising leadership, what is the MOST appropriate FIRST step? A. Implement explain ability tooling to interpret model decisions B. Establish AI governance with bias assessment and accountability for automated decisions C. Retrain the model on a more representative dataset D. Add a human reviewer to approve all model-rejected applications Come back for the answer tomorrow, or study more now!
1 like • Jun 10
B - bias assessment and accountability for automated response :)
1-10 of 56
Idris Onimole
3
2points to level up
@idris-onimole-7612
CS Incident Responder - Love learn and share knowledge, find a mentor towards being a Security consultant / Infosec manager. Taking CISSP soon.

Active 7h ago
Joined Sep 14, 2025
ENTP
Prague
Powered by