7d • 🙋♂️ CISSP
CISSP Practice Question (Domain 3: Security Architecture - AI/ML Systems)
Your firm is procuring a third-party LLM to summarize client contracts containing privileged legal data. The vendor's standard agreement permits using customer inputs to improve their model. What should the security architect recommend FIRST?
A. Negotiate a contract addendum prohibiting input use for model training
B. Conduct a data flow and risk assessment to classify exposure boundaries
C. Require the vendor to deploy a tenant-isolated model instance
D. Implement DLP controls to redact privileged content before submission
Come back for the answer tomorrow, or study more now!
1
21 comments
CISSP Practice Question (Domain 3: Security Architecture - AI/ML Systems)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+45
2
+40
3
+34
4
+31
5
+27
Powered by