14d • 🙋♂️ CISSP
CISSP Practice Question (Domain 7: Security Operations)
Your SOC integrates an AI-powered alert triage system that automatically closes low-severity tickets. A post-incident review reveals that a genuine intrusion was repeatedly auto-closed because the AI misclassified lateral movement as routine traffic.
What should you address FIRST?
A. Retrain the AI model using the missed intrusion as a new labeled training example
B. Establish human review requirements for all AI-driven ticket closure decisions
C. Reopen and investigate all tickets auto-closed during the intrusion timeframe
D. Remove the AI triage system and revert to manual analyst classification
Come back for the answer tomorrow, or study more now!
1
25 comments
CISSP Practice Question (Domain 7: Security Operations)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+46
2
+30
3
+29
4
+29
5
+28
Powered by