Which violation occurs when a security professional discloses client vulnerability data publicly to embarrass the client?
A CISSP practice question covering Domain 1: Security and Risk Management. Try answering before reading the explanation below.
Show options & answer
Why "Violation of (ISC)² Canon 3 — service to principals" is the right answer
Public disclosure to embarrass a client violates Canon 3 (diligent service to principals). It can also violate Canon 2 (act honorably) and possibly contracts/NDAs. Truth doesn't excuse breach of professional duty.
Study videos for this topic
Want to go deeper on Domain 1? Watch the full breakdown — every video is free, no account, no upsell.
CISSP Domain 1: Ethics & the 5 Pillars (Canon Order)
Domain 1 — Security and Risk Management
CISSP Domain 1: Governance, Roles & Due Care (2026)
Domain 1 — Security and Risk Management
CISSP Domain 1: Laws, IP & GDPR (Compliance)
Domain 1 — Security and Risk Management
CISSP Domain 1: Investigation Types & Security Docs
Domain 1 — Security and Risk Management
Take the full CISSP practice test
120 questions, instant explanations, study-video links on every miss. No account.