Your company adopts Zero Trust and replaces the legacy VPN with identity-based access for remote workers. Six weeks in, helpdesk tickets spike: users complain that access to internal apps breaks unpredictably throughout the day. What is the MOST likely root cause? A. Insufficient bandwidth at the identity provider B. Continuous authentication is re-evaluating trust signals and revoking sessions C. DNS resolution failures between the client and the policy enforcement point D. Certificate pinning conflicts with the new SSO provider Come back for the answer tomorrow, or study more now!

Your SOC integrates an AI-driven SOAR platform that auto-remediates low-severity alerts. After three months, analysts notice the model's false positive rate has doubled and it is closing legitimate incidents without investigation. What should the SOC manager address FIRST? A. Revert to manual triage until the model is retrained on updated threat data B. Evaluate the model for drift and establish ongoing performance monitoring baselines C. Escalate to the vendor and demand a root cause analysis under the SLA D. Increase analyst headcount to manually review all auto-closed incidents Come back for the answer tomorrow, or study more now!

A financial services firm acquires a pre-trained ML model from a third-party vendor for fraud detection. During onboarding, the security team discovers the vendor cannot provide documentation on the origin of the training dataset. What should the CISO address FIRST? A. Commission an independent bias audit before production deployment B. Classify the model and its training data as high-value intellectual property C. Assess whether the undocumented data sourcing introduces unmanageable supply chain risk D. Require the vendor to retrain the model using only internally sourced datasets Come back for the answer tomorrow, or study more now!

4th Time

A newly acquired subsidiary uses a separate identity provider with no federation to the parent company. Executives want immediate single sign-on access to the subsidiary's financial reporting system. The subsidiary's IT team warns their directory contains orphaned accounts from prior layoffs. What should you address FIRST? A. Establish federated trust between both identity providers B. Perform an access review and remove orphaned accounts in the subsidiary's directory C. Provision executive accounts directly in the subsidiary's identity provider D. Implement multi-factor authentication on the financial reporting system Come back for the answer tomorrow, or study more now!