An AI-powered identity analytics platform recommends revoking access for 200 employees flagged as "anomalous users" based on behavioral patterns. The system cannot explain why these users were flagged. Business unit managers protest that many are legitimate power users. What should you do FIRST? A. Implement the revocations with an expedited appeal process for affected employees B. Require the platform to provide explainable justification before any access changes C. Suspend automated revocation and conduct manual access reviews for flagged users D. Adjust the anomaly detection threshold to reduce the number of flagged accounts Come back for the answer tomorrow, or study more now!

Your SOC integrates an AI-powered alert triage system that automatically closes low-severity tickets. A post-incident review reveals that a genuine intrusion was repeatedly auto-closed because the AI misclassified lateral movement as routine traffic. What should you address FIRST? A. Retrain the AI model using the missed intrusion as a new labeled training example B. Establish human review requirements for all AI-driven ticket closure decisions C. Reopen and investigate all tickets auto-closed during the intrusion timeframe D. Remove the AI triage system and revert to manual analyst classification Come back for the answer tomorrow, or study more now!

I couldn’t have done this alone. Thanks to everyone who supported me along the way—I’m excited to say I’m now CCIE and CISSP certified!

A global enterprise discovers that terminated employees in acquired subsidiaries retain active VPN credentials an average of 45 days post-termination. HR blames IT for slow deprovisioning; IT blames HR for delayed termination notifications. What should you address FIRST? A. Implement automated identity lifecycle management to eliminate manual delays B. Establish a unified offboarding SLA with defined handoff triggers between HR and IT C. Deploy continuous access certification reviews to catch orphaned accounts D. Require subsidiary IT teams to run weekly active directory reconciliation reports Come back for the answer tomorrow, or study more now!

Your board approves a risk appetite statement allowing moderate risk for innovation initiatives. Six months later, a business unit launches an AI product that processes health data without a privacy impact assessment. The unit claims it falls within approved risk appetite. What is the PRIMARY concern? A. The AI product lacks sufficient technical security controls B. Risk appetite does not override mandatory regulatory compliance obligations C. The business unit failed to obtain CISO approval before launch D. The risk appetite statement needs to be revised to exclude AI initiatives Come back for the answer tomorrow, or study more now!