4d • 🙋♂️ CISSP
CISSP Practice Question (Domain 8: Software Development Security)
A product team deploys an AI assisted code generation tool directly into the CI pipeline. Developers report faster releases, but security finds no reliable way to prove which portions of code were human written versus AI generated during post incident review. Leadership values speed and traceability.
What is the MOST appropriate control to implement FIRST?
A. Require manual peer review of all AI generated code
B. Enforce code provenance and artifact attestation in the pipeline
C. Limit the AI tool to non production repositories only
D. Increase static analysis coverage on all builds
Come back for the answer tomorrow, or study more now!
6
21 comments
CISSP Practice Question (Domain 8: Software Development Security)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+57
2
+53
3
+45
4
+35
5
+26
Powered by