A remote workforce uses split-tunnel VPN to reduce bandwidth costs. The security team discovers employees are accessing sanctioned SaaS applications directly from home networks, bypassing the corporate proxy and DLP controls. Management values the current performance gains. What is the MOST appropriate recommendation? A. Switch to full-tunnel VPN to route all traffic through corporate controls B. Deploy a cloud-based secure web gateway to enforce policy at the endpoint C. Accept the risk and document the DLP gap as a known exception D. Restrict SaaS access to corporate-managed devices only Come back for the answer tomorrow, or study more now!

4th Time

Hi All, I used this group heavily for my CISSP studying last year. This year I studied for the CCSP so I did not participate in the group. However, I used the https://cissp.app/ app in the last week for practice questions and the mock exam feature. It is excellent! The mock exam was the hardest and most realistic of all the practices exam I took for the CCSP. It is adaptive based on your responses and has similar style to the real exam where you can't make sense of the question or answers until rereading a few times. I highly recommend it!

An AI-powered identity analytics platform recommends revoking access for 200 employees flagged as "anomalous users" based on behavioral patterns. The system cannot explain why these users were flagged. Business unit managers protest that many are legitimate power users. What should you do FIRST? A. Implement the revocations with an expedited appeal process for affected employees B. Require the platform to provide explainable justification before any access changes C. Suspend automated revocation and conduct manual access reviews for flagged users D. Adjust the anomaly detection threshold to reduce the number of flagged accounts Come back for the answer tomorrow, or study more now!

Your SOC integrates an AI-powered alert triage system that automatically closes low-severity tickets. A post-incident review reveals that a genuine intrusion was repeatedly auto-closed because the AI misclassified lateral movement as routine traffic. What should you address FIRST? A. Retrain the AI model using the missed intrusion as a new labeled training example B. Establish human review requirements for all AI-driven ticket closure decisions C. Reopen and investigate all tickets auto-closed during the intrusion timeframe D. Remove the AI triage system and revert to manual analyst classification Come back for the answer tomorrow, or study more now!