CISSP Practice Question (Domain 4: Communication and Network Security)

Your organization discovers that an AI-powered DNS filtering system has been silently reclassifying legitimate vendor portals as malicious, blocking procurement staff from completing time-sensitive contract renewals. Operations has been manually whitelisting domains without documentation. What should you address FIRST?

A. Audit all manual whitelist entries for unauthorized or risky domain approvals

B. Retune the AI classification engine to reduce vendor portal false positives

C. Implement a formal exception process requiring documented approval for whitelist changes

D. Revert to static DNS filtering rules until the AI system is validated

Come back for the answer tomorrow, or study more now!

15 comments