25d β’ πββοΈ CISSP
CISSP Practice Question (Domain 8: Software Development Security - AI Exam Guidance)
Your organization wants to integrate a third-party pre-trained ML model into an internal application. The vendor provides the model weights but no documentation on the training data sources. As the security lead, what is the MOST appropriate action BEFORE integration?
A. Run the model in an isolated sandbox and monitor its behavior
B. Require a software bill of materials covering the model and its provenance
C. Scan the model file for embedded malware before deployment
D. Limit the model's runtime permissions to read-only data access
Come back for the answer tomorrow, or study more now!
3
28 comments
CISSP Practice Question (Domain 8: Software Development Security - AI Exam Guidance)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+26
2
+23
3
+22
4
+20
5
+15
Powered by