🏠 Back to Exam Syllabus 📺 RooCloud on YouTube 🌐 RooCloud Practice Exams

CISSP 20.4 - Understanding Knowledge-Based Systems

This episode of the ISC2 Certified Information Systems Security Professional (CISSP) exam prep series explores systems that try to reason the way people do, closing Domain 8. It covers how expert systems, machine learning, and neural networks reason, where they strengthen security, and how to develop and run artificial intelligence safely.

What this episode covers

Watch the full episode above for the worked examples and detailed explanations of each concept.

Frequently Asked Questions

What is an expert system, and how does it decide?

An expert system captures the accumulated wisdom of human experts and applies it consistently to future decisions, often outperforming people on routine calls. It has two core parts: a knowledge base that holds the expertise as a long series of if-then rules, and an inference engine that reads those rules and reasons through them using logic and fuzzy techniques. Its strength is deciding without emotion clouding the judgment, though it is only as good as its rules and its reasoning.

How does machine learning build knowledge from data?

Machine learning develops knowledge directly from datasets without a human spelling out every rule. Supervised learning trains on labeled data, where the analyst supplies both the examples and the correct answers, so a model of malicious logins learns from records already marked good or bad. Unsupervised learning trains on unlabeled data, where the algorithm groups similar items on its own and an analyst inspects the clusters to judge which might be malicious.

What are neural networks, and how do they learn?

A neural network chains together many computational units to loosely imitate how the human mind reasons, setting up long chains of small decisions that sum to a final output. They are a subset of machine learning, also known as deep learning, powering tasks like voice and face recognition. They work in many layers of weighted summation, and those weights are tuned during a training period using known answers and a process built on the Delta rule.

Where do these systems help in security?

Knowledge-based techniques have real value in security because they make rapid, consistent decisions. One of the hardest problems in the field is that human administrators cannot pore over the enormous volumes of log and audit data thoroughly enough to catch every anomaly. A system that never tires and applies the same criteria every time is a natural fit for that grind, flagging the oddities a human would inevitably miss.

How do you develop and run AI safely?

Secure AI guidelines from national cybersecurity authorities call for security across the entire AI life cycle, built on a secure-by-design and secure-by-default mindset, in four stages. Secure design treats security as a core requirement with threat modeling for risks like data poisoning. Secure development protects the AI supply chain and training pipeline. Secure deployment ships hardened defaults, and secure operation monitors for model drift and live adversarial behavior.

📚 Master the ISC2 CISSP Exam!

Ready to test your knowledge? Access chapter-specific Multiple Choice Questions (MCQs) and full-length practice exams for the ISC2 CISSP certification at RooCloud.com. Solve the chapter-wise questions to reinforce this lesson before moving to the next episode.


Reference: This article is based on concepts discussed in CISSP 20.4 - Understanding Knowledge-Based Systems.