Activity
Mon
Wed
Fri
Sun
Jul
Aug
Sep
Oct
Nov
Dec
Jan
Feb
Mar
Apr
May
Jun
What is this?
Less
More
Owned by Vincent
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Share resources, get advice, and connect with peers studying for OpenAI certifications! Join our Study Group and meet fellow professionals today!
Memberships
CyberMAYnia CAREER
500 members • Free
Skoolers
174k members • Free
795 contributions to CISSP Study Group
2d •
Passed CISSP
I passed the CISSP exam today! For a long time, I kept postponing it, thinking it would be too difficult. However, the daily questions shared in this group helped me build the right mindset. The tips and guidance from those who had already cleared the exam were also incredibly helpful. I used the following study resources: OSG and Official practice tests cissp.app app - Helps with time management and provides clear explanations. Destination Cert YouTube series and their app for questions Eric Cornard CISSP study guide and other you tube videos/Questions
0 likes • 1d
Huge congratulations Nancy, you earned it
7d •
CISSP Practice Question (Domain 4: Communication and Network Security - AI Exam Guidance)
Your organization runs a high-value AI model training environment on the same internal network segment as general corporate workstations. A risk assessment flags the shared segment as a concern. As the network security architect, what is the BEST control to implement? A. Deploy AI-driven network detection and response to monitor the segment B. Microsegment the training environment to isolate it from the corporate network C. Encrypt all traffic to and from the training environment D. Place an intrusion prevention system at the segment boundary Come back for the answer tomorrow, or study more now!
10d •
CISSP Practice Question (Domain 1: Security and Risk Management - AI Exam Guidance)
Your organization adopts an AI-driven system to automate loan approval decisions. Compliance raises concerns that the model may produce discriminatory outcomes against protected groups. As the CISO advising leadership, what is the MOST appropriate FIRST step? A. Implement explain ability tooling to interpret model decisions B. Establish AI governance with bias assessment and accountability for automated decisions C. Retrain the model on a more representative dataset D. Add a human reviewer to approve all model-rejected applications Come back for the answer tomorrow, or study more now!
0 likes • 7d
@Anthony Knapkin Correct Answer: B. Establish AI governance with bias assessment and accountability for automated decisions Explanation (CISSP logic):ISC2's Domain 1 AI guidance explicitly calls for governance over AI ethics, mitigation of algorithmic bias, and ensuring automated decision-making aligns with legal, regulatory, and privacy requirements. The root issue is governance, not tooling. Before you can fix bias technically, you need the framework that defines acceptable outcomes, assigns accountability for the model's decisions, and ties them to regulatory obligations. Breakdown:A. Explainability is a valuable input to governance, but interpreting outputs without an accountability framework leaves no one owning the decision.B. ✅ Correct. Establishes the governance, assessment, and accountability structure that all technical fixes must serve.C. Retraining is an implementation step that's premature until governance defines what "fair" means and who signs off.D. A human reviewer addresses one error path but not the systemic bias or the accountability gap for automated approvals. Think like a manager:You can't engineer fairness you haven't defined. Governance sets the standard; tooling enforces it.
10d •
🥁 Leaderboard Shout-out
Congratulations to our leaders in daily question likes! 🏆 @Antony Onamu @Ed Morawski @Keri Matthews @Deepak Nv @Lanre Ojurongbe Your perspectives being heard and appreciated by the group!! Keep up the great work! We all learn best from each other.
0 likes • 9d
@Michael Samson-Metzger@Ed Morawski agreed
15d •
CISSP Practice Question (Domain 8: Software Development Security - AI Exam Guidance)
Your organization wants to integrate a third-party pre-trained ML model into an internal application. The vendor provides the model weights but no documentation on the training data sources. As the security lead, what is the MOST appropriate action BEFORE integration? A. Run the model in an isolated sandbox and monitor its behavior B. Require a software bill of materials covering the model and its provenance C. Scan the model file for embedded malware before deployment D. Limit the model's runtime permissions to read-only data access Come back for the answer tomorrow, or study more now!
0 likes • 11d
@Jerry Mensah what do you mean Jerry?
0 likes • 10d
@David Uchieng Correct Answer: B. Require a software bill of materials covering the model and its provenance Explanation (CISSP logic): ISC2's Domain 8 AI guidance addresses the ML software supply chain and the risk of model hijacking or poisoned components entering the SDLC. A model with unknown training provenance is an unverified supply-chain artifact. The SBOM (and emerging AI-BOM/model cards) establishes provenance and transparency, which is the governance prerequisite for due diligence before you ever run untrusted code or weights. Breakdown: A. Sandboxing is a sound runtime control, but it's an operational step that comes after you've assessed what you're integrating. B. ✅ Correct. Establishes provenance and supply-chain transparency, satisfying due diligence before integration. C. Malware scanning catches embedded payloads but misses poisoned training data and logic-level backdoors in the weights. D. Permission scoping limits blast radius but doesn't answer the foundational question: do we trust this model's origin? Think like a manager: Unknown provenance is unmanaged risk. Demand the bill of materials before you build it into your product.
1-10 of 795
Active 1d ago
Joined Apr 29, 2024
New York, NY
Powered by