Feb 26 • 🙋♂️ CISSP
CISSP Practice Question (Domain 7: Security Operations)
Your SOC detects that an internal AI-powered threat detection system is generating automated containment actions based on false positives, intermittently isolating legitimate production servers. Analysts are overwhelmed restoring services. What should you do FIRST?
A. Retune the AI detection thresholds to reduce false positive rates
B. Revoke the system's automated containment authority and require human approval
C. Add more SOC analysts to handle the increased restoration workload
D. Escalate to the vendor to patch the AI model's classification accuracy
Come back for the answer tomorrow, or study more now!
3
23 comments
CISSP Practice Question (Domain 7: Security Operations)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+45
2
+40
3
+34
4
+31
5
+27
Powered by