3d • 🙋♂️ CISSP
CISSP Practice Question (Domain 7: Security Operations / Incident Response + AI Context)
Rymar Tech’s SOC deploys a new AI-based anomaly detection system that suddenly begins generating an unusually high volume of high-risk alerts after being retrained with third-party data the previous night. No malicious activity has been confirmed, but the alert surge is overwhelming SOC analysts and impacting monitoring effectiveness.
What should the incident response manager do FIRST?
A. Disable the AI platform and revert to manual triage
B. Escalate to the CISO and declare a security incident
C. Initiate the incident response process beginning with detection and verification
D. Conduct a model validation review with the third-party integrator
3
13 comments
CISSP Practice Question (Domain 7: Security Operations / Incident Response + AI Context)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+41
2
+30
3
+30
4
+26
5
+23
Powered by