6d • 🙋♂️ CISSP
CISSP Practice Question (Domain 8: Software Development Security)
Your engineering team integrates a third-party AI API that generates dynamic access control policies based on user behavior analytics. During testing, the API occasionally grants excessive permissions that violate least privilege. What should you address FIRST?
A. Implement a policy validation layer that enforces least privilege before applying AI-generated rules
B. Request the AI vendor to retrain the model to reduce permission over-granting
C. Revert to static role-based access control until the AI system is reliable
D. Log all AI-generated policy decisions for quarterly audit review
Come back for the answer tomorrow, or study more now!
0
18 comments
CISSP Practice Question (Domain 8: Software Development Security)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+62
2
+42
3
+41
4
+38
5
+34
Powered by