17d • 🙋♂️ CISSP
CISSP Practice Question (Domain 7: Security Operations - AI Exam Guidance)
Your SOC integrates an AI-driven SOAR platform that auto-remediates low-severity alerts. After three months, analysts notice the model's false positive rate has doubled and it is closing legitimate incidents without investigation. What should the SOC manager address FIRST?
A. Revert to manual triage until the model is retrained on updated threat data
B. Evaluate the model for drift and establish ongoing performance monitoring baselines
C. Escalate to the vendor and demand a root cause analysis under the SLA
D. Increase analyst headcount to manually review all auto-closed incidents
Come back for the answer tomorrow, or study more now!
1
22 comments
CISSP Practice Question (Domain 7: Security Operations - AI Exam Guidance)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+37
2
+35
3
+34
4
+31
5
+29
Powered by