Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Pass the CompTIA CompTIA SecAI+ CY0-001 Questions and answers with CertsForce

Viewing page 2 out of 4 pages
Viewing questions 11-20 out of questions
Questions # 11:

A security architect performs threat modeling of an AI system. The architect needs to determine which attacks can be performed against the system.

Which of the following actions should the architect take next?

Options:

A.

Leverage a large language model (LLM) to map likely attack paths based on the code base.


B.

Quantify the risk of known vulnerabilities identified in the AI system.


C.

Identify trust boundaries and perform threat modeling with Open Worldwide Application Security Project (OWASP) Top 10.


D.

Analyze MITRE Adversarial Threat Landscape for AI Systems (ATLAS) for tactics, techniques, and procedures (TTPs).


Expert Solution
Questions # 12:

Which of the following attacks is most enabled by AI-generated content?

Options:

A.

Model poisoning


B.

Phishing


C.

Ransomware


D.

Remote code execution


Expert Solution
Questions # 13:

A company launches an AI application to monitor cloud misconfiguration and compliance. The AI application is shutting down development servers and opening ports during a client demonstration. Which of the following actions should the company take to return to normal operations and prevent future issues?

Options:

A.

Restarting the servers


B.

Disabling the cloud monitoring


C.

Reconfiguring the firewall


D.

Implementing human-in-the-loop


Expert Solution
Questions # 14:

A security analyst finds that the AI system is under a denial-of-wallet attack.

Which of the following should the analyst enforce to protect the company? (Choose two.)

Options:

A.

Endpoint access controls


B.

Content delivery network (CDN)


C.

Model fine-tuning


D.

Modality controls


E.

Application programming interface (API) rate controls


F.

Output token controls


Expert Solution
Questions # 15:

A customer-facing, AI-powered chatbot has been jailbroken through prompt injections. As a result, the AI model is offering a 99% discount on the purchase of a new vehicle.

Which of the following should be implemented to enhance the model ' s robustness against such attacks?

Options:

A.

Bias filtering


B.

System prompt


C.

Log monitoring


D.

Guardrails


Expert Solution
Questions # 16:

Customer feedback for an AI chatbot has a high-rate of non-answers, which is causing higher central processing unit (CPU) utilization.

Which of the following should be implemented?

Options:

A.

Guardrails


B.

Response confidence level


C.

Prompt logging


D.

Cost monitoring


Expert Solution
Questions # 17:

Which of the following technologies is used in deepfake?

Options:

A.

Generative adversarial network (GAN)


B.

Multi-shot prompting


C.

Prompt engineering


D.

Transfer learning


Expert Solution
Questions # 18:

After the latest software update, a developer receives reports that the system no longer requires reauthentication to display account balances because this issue was present in a previous release. Which of the following should the developer do to best mitigate the risk of recurrence?

Options:

A.

Ensure that AI approvals are required to push changes into production.


B.

Implement AI regression testing into the continuous integration/continuous deployment (CI/CD) pipeline.


C.

Deploy an AI-assisted change management system to schedule and track feature releases.


D.

Use code commit automation to perform AI-assisted static application security testing (SAST) scans.


Expert Solution
Questions # 19:

Which of the following responsible AI standards refers to a principle that clearly states the reasons behind the decisions for a particular conclusion?

Options:

A.

Accountability


B.

Auditability


C.

Transparency


D.

Explainability


Expert Solution
Questions # 20:

A user interface engineer adds new graphics to the latest release of an AI-integrated application. During the update, the engineer accidentally causes the model to retrain on unverified data. After the update, the model begins to return many errors.

Which of the following is the best way to mitigate future errors?

Options:

A.

Web application firewall


B.

Role-based access control


C.

Model development life cycle


D.

Generative adversarial network


Expert Solution
Viewing page 2 out of 4 pages
Viewing questions 11-20 out of questions