22h • 🙋♂️ CISSP
CISSP Practice Question (Domain 1: Security and Risk Management)
Your organization adopts an AI tool that processes employee performance data to recommend terminations. The privacy officer warns that no data protection impact assessment has been conducted. The HR director insists the tool is urgently needed.
What should you do FIRST?
A. Allow limited deployment while the impact assessment is completed in parallel
B. Conduct a data protection impact assessment before operational deployment
C. Require legal review of the vendor contract to confirm data processing terms
D. Restrict the tool to anonymized data until privacy concerns are resolved
I think this question is a great example of why CISSPs will remain relevant. The tools replacing people still need implementation and governance, the future of cyber is not necessarily about turning technical control knobs. Do you think CISSPs will stay more relevant than other certifications over the next 5–10 years, given the shift toward AI and automation?
Come back for the answer tomorrow, or study more now!
1
15 comments
CISSP Practice Question (Domain 1: Security and Risk Management)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+62
2
+42
3
+41
4
+38
5
+34
Powered by