CISSP 0.5
Watch on YouTube The current CISSP exam weaves AI security across all eight domains - data poisoning hits integrity, adversarial attacks degrade availability, and model inversion is a confidentiality breach you can execute through a public API. This deep-dive maps every major AI threat to the CIA triad, shows exactly which domain each threat lives in, and covers the two named frameworks: the NIST AI Risk Management Framework and the OWASP Top 10 for Large Language Models.
With Professor Erica, Bella, Lewis, and Elena, we cover the AI thread you will see in every domain on exam day, and the governance-1st manager mindset that picks the right answer.
In this video:
- Why (ISC)2 wove AI into every domain instead of adding a 9th
- CIA triad applied to AI: what violates confidentiality, integrity, and availability
- Data poisoning as a supply-chain integrity attack on the training pipeline
- Adversarial attacks and evasion: how crafted inputs fool ML-based security controls
- Model theft and model inversion: two confidentiality attacks that need only API access
- Prompt injection (OWASP LLM01) and LLM data leakage
- Shadow AI as a Domain 1 governance failure
- NIST AI RMF: Govern, Map, Measure, Manage
- OWASP LLM Top 10: recognizing the top-ranked risks
- The manager lens: AI risk is a governance decision before it is a technical one
Watch the next video in this series for the security governance frameworks (COBIT, ISO 27001, NIST 800-53) that Domain 1 is built on - and the one framework distinction that eliminates a wrong answer on almost every governance scenario.
Anchored to the (ISC)2 CISSP Detailed Content Outline effective April 15, 2024. CISSP(r) is a registered trademark of (ISC)2. This channel is not affiliated with, endorsed by, or sponsored by (ISC)2. All content is created independently for educational purposes only.
▶ Watch next: CISSP Domain 1: Ethics & the 5 Pillars (Canon Order) https://www.youtube.com/watch?v=0Sn04fbYrnM
📺 Full playlist: CISSP (2026) v2 https://www.youtube.com/playlist?list=PLlIAFxS2964_K3g6WysWnLpifoxilduGi
Chapters
- 0:00 The Thread You Will See in Every Domain
- 3:08 Why (ISC)2 Wove AI Into the Whole Exam
- 5:46 The CIA Triad Applied to AI Systems
- 8:06 Data Poisoning: The Integrity Attack on Training Data
- 11:13 Adversarial Attacks and Model Evasion
- 13:44 Model Theft, Inversion, and Confidentiality
- 16:32 Prompt Injection and LLM Data Leakage
- 19:31 Shadow AI: The Governance Gap You Did Not Plan For
- 22:20 Where AI Appears by Domain
- 25:27 The Governance Lens: NIST AI RMF and OWASP LLM Top 10
- 28:31 Think Like a Manager: AI Risk Is a Governance Decision
- 32:28 Quiz Time
- 37:12 Key Takeaways
The current CISSP exam weaves AI security across all eight domains - data poisoning hits integrity, adversarial attacks degrade availability, and model inversion is a confidentiality breach you can execute through a public API. This...
Key Topics
- The Thread You Will See in Every Domain
- Why (ISC)2 Wove AI Into the Whole Exam
- The CIA Triad Applied to AI Systems
- Data Poisoning: The Integrity Attack on Training Data
- Adversarial Attacks and Model Evasion
- Model Theft, Inversion, and Confidentiality
- Prompt Injection and LLM Data Leakage
- Shadow AI: The Governance Gap You Did Not Plan For