A business unit deploys an AI agent that autonomously negotiates vendor contracts within predefined spend limits. The agent improves efficiency but occasionally commits the company to unfavorable terms. Executives want to continue using it. What is the MOST appropriate action for the security leader? A. Disable autonomous execution and require human approval for commitments B. Update the organization’s risk register to reflect agent decision authority C. Require explainability reports for every AI-driven contract decision D. Transfer contractual risk to vendors through revised legal language Come back for the answer tomorrow, or study more now!

After a merger, two companies federate identity systems to allow cross access to shared applications. An incident later reveals one company’s disabled accounts remained active in the partner environment. Both sides claim the other owns deprovisioning. What is the MOST appropriate control to establish FIRST? A. Enforce shorter session timeouts across federated applications B. Implement continuous access monitoring with anomaly detection C. Define authoritative identity ownership and revocation responsibility D. Require periodic manual access recertification for all shared users Come back for the answer tomorrow, or study more now!

If you missed it last time, May Brooks is graciously welcoming CISSP Study Group members back into her CISSP Masterclass! Completely free! This live session will be held on: Sunday, December 7th — 7:00 PM to 9:00 PM *Dubai time* (please check your time zone conversion) May is one of the most respected CISSP instructors worldwide. She’s an ISC2 Board Member, co-author of the Official CISSP Study Guide, a TEDx speaker, bestselling author (Scams, Hacking, and Cybersecurity). Having her open her masterclass to our group speaks volumes about the reputation you all have built here. Here’s what this means for you: 📚 Free Access to Mae’s Masterclass – If you’re serious about passing the CISSP, this is one of the most valuable sessions you can attend 💡 Ideal for All Levels – Whether you’re early in your studies or testing soon, Mae’s perspective will give you insights you won’t get anywhere else. 🤝 Community Recognition – May specifically wanted our study group to join because she believes in what you’re building here. See you there! Link & Access Info

The IT department is updating the budget for the following year, and they want to include enough money for a hardware refresh for some older systems. Unfortunately, there is a limited budget. Which of the following should be a top priority? A) Systems with an end-of-life (EOL) date that occurs in the following year B) Systems used for data loss prevention C) Systems used to process sensitive data D) Systems with an end-of-support (EOS) date that occurs in the following year

Hello Team, I’m thrilled to share that I have successfully passed the CISSP! This milestone wouldn’t have been possible without the collective effort and inspiring discussions we shared throughout our study journey in this group. Reflecting on my preparation, I found a few resources particularly valuable that I’d like to recommend: - Thoroughly reviewing official documents and guides helped build a solid foundation. *Cissp Study Guide 3rd Edition (Eric Conrad- Seth Misenar- Joshua Feldman). * ISC2 CISSP Certified Information Systems Security Professional Official Study Guide & Practice Tests Bundle (Sybex Study Guide) *11th Hour CISSP study Guide *Certified Information Systems security Professional (CISSP) Exam guide ( Ted Jordan, Ric Daza and Hinne Hettema) * https://study.pocketprep.com/study @90%, very helpful. *CISSP-Prep (Honestly, it was not helpful, and the style of questions can easily discourage your efforts) *Andrew 50 CISSP questions :https://www.youtube.com/watch?v=qbVY0Cg8Ntw * Luke's 25 CISSP Practice: https://www.youtube.com/watch?v=MHbdNMRLafA - Watched Pete Zerger: https://www.youtube.com/@InsideCloudAndSecurity - Went through all Coffee shot per domain video of Prah (Vey important and very close to exam style question) - Fully engaged and attended study sessions - Utilizing test bank resources was instrumental in familiarizing myself with the exam format and question styles. - Leveraging research engines like Perplexity proved incredibly helpful for clarifying complex concepts quickly and efficiently. Example: Please provide me with 15 CISSP-style MCQ to help you master the differences between the following protocols: SAML,OAuth,OIDC