7d • 🙋♂️ CISSP
CISSP Practice Question (Domain 8: Software Development Security)
A company deploys an internal generative AI assistant trained on corporate documents to support developers and analysts. Leadership wants rapid adoption, but legal raises concerns about sensitive data being exposed through prompts and outputs. What is the MOST appropriate control to implement FIRST?
A. Log and monitor all AI prompts and responses for misuse
B. Classify and restrict training and prompt-accessible data sources
C. Add contractual liability clauses for AI misuse to employment agreements
D. Conduct periodic audits of AI model accuracy and bias
Come back for the answer tomorrow, or study more now!
2
24 comments
CISSP Practice Question (Domain 8: Software Development Security)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+86
2
+59
3
+42
4
+33
5
+31
Powered by