I’m excited to let you all know that I passed the exam today. I’m still pretty overwhelmed am not sure how well I did but I guess it was good enough!

Your data science team plans to fine-tune a large language model using historical customer support transcripts containing PII. The business wants the model deployed organization-wide for internal use. As the CISO, what is the MOST appropriate action BEFORE training begins? A. Encrypt the training dataset at rest and restrict access to data scientists B. Apply data minimization and de-identification techniques to the training corpus C. Require model output filtering to prevent PII disclosure in responses D. Obtain renewed customer consent for the new processing purpose Come back for the answer tomorrow, or study more now!

Your organization deploys an autonomous AI agent that queries multiple internal data repositories to generate executive reports. The development team requests broad read access "so the model can learn what's relevant." As the security architect, what is the MOST appropriate approach? A. Grant read-only access to all repositories and log every query for review B. Provision a non-human identity with least-privilege, task-scoped entitlements C. Route all agent queries through a human-approved request workflow D. Use the developer's service account credentials for traceability Come back for the answer tomorrow, or study more now!

During a ransomware incident, the IR team contains affected systems and begins recovery from backups. Mid-recovery, the CFO authorizes paying the ransom to accelerate restoration. As the incident commander, what should you do FIRST? A. Comply with the CFO's directive and coordinate the payment through counsel B. Halt recovery and escalate to the executive crisis team and legal for a documented decision C. Continue recovery from backups and refuse the payment on policy grounds D. Engage law enforcement to evaluate the legality of the ransom payment Come back for the answer tomorrow, or study more now!

A vendor proposes a new SaaS platform that processes regulated customer data. Procurement wants to sign by quarter-end, and the vendor's SOC 2 Type II report is six months old. As the security architect, what is the MOST appropriate next step? A. Accept the SOC 2 report and proceed with contract execution B. Require the vendor to complete your standard security questionnaire C. Perform a risk assessment mapped to your control requirements D. Demand a fresh penetration test before signing Come back for the answer tomorrow, or study more now!