Pass the CompTIA CompTIA SecAI+ CY0-001 Questions and answers with CertsForce

Basic Concept: Different ML model architectures offer varying degrees of explainability. In cybersecurity, understanding why a model classified a log entry as malicious or benign is critical for analyst trust, investigation, and regulatory compliance. CompTIA SecAI+ covers model explainability under responsible AI and basic AI concepts.

Why C is Correct: Decision trees are inherently interpretable models that classify data through a series of transparent if-then rules. Every classification decision can be traced through the exact path of conditions that led to it, showing precisely which log entry features triggered the classification. Analysts can read and understand the decision path, making decision trees the gold standard for explainable ML classification in security applications where understanding the reason for a classification is as important as the classification itself.

Why A is Wrong: Large language models are complex transformer architectures with hundreds of billions of parameters. They function as black boxes — their internal decision-making processes are not human-interpretable, making them poor choices when explainability is the primary requirement.

Why B is Wrong: Neural networks are non-linear black box models. While they can achieve high classification accuracy, their multi-layer architecture makes it extremely difficult to explain why specific decisions were made in human-understandable terms.

Why D is Wrong: Generative adversarial networks are designed for generating synthetic data, not for classification tasks. They consist of competing generator and discriminator networks and are fundamentally unsuitable for log entry classification with explainability requirements.

Basic Concept: Threat modeling for AI systems requires a framework specifically designed to address AI-specific attack techniques, tactics, and procedures. General cybersecurity or governance frameworks do not capture the unique adversarial attack surface of AI and ML systems. CompTIA SecAI+ Exam Objectives identify MITRE ATLAS as the primary AI threat modeling resource.

Why B is Correct: MITRE ATLAS (Adversarial Threat Landscape for AI Systems) is specifically designed as an AI and ML threat modeling framework. It catalogs real-world adversarial tactics, techniques, and procedures targeting AI systems, enabling security architects to identify and assess threats unique to ML models such as data poisoning, model extraction, and evasion attacks. It is the industry standard for AI-specific threat modeling.

Why A is Wrong: Responsible AI is a set of ethical principles and governance guidelines for developing and deploying AI systems fairly and safely. It addresses ethics and fairness, not technical adversarial threat modeling.

Why C is Wrong: The OECD provides non-binding policy recommendations and principles for AI governance at an international level. It does not provide technical threat modeling taxonomies or AI-specific attack catalogs.

Why D is Wrong: ISO standards such as ISO 42001 establish management system requirements for AI governance. They are compliance and management frameworks, not threat modeling tools for identifying adversarial AI attack vectors.

Basic Concept: When authentication is enabled on an LLM system, users must prove their identity before the system processes any requests. The authentication process must occur at the point where users first attempt to access the system before any data can be transmitted. CompTIA SecAI+ Study Guide covers the order of authentication controls in AI system access architectures.

Why B is Correct: Endpoint access control is the first requirement when authentication is enabled, as it governs the initial connection from the user ' s device to the system. Before any prompt can be sent or response received, the endpoint must be authenticated and authorized to access the LLM service. Endpoint access control verifies user identity and device compliance at the earliest possible point in the request flow, gating all subsequent processing.

Why A is Wrong: A front-end web proxy gateway routes and manages web traffic between users and backend services. While it may participate in the authentication flow, it is a routing and mediation component that operates after the endpoint has been validated, not the first authentication requirement.

Why C is Wrong: An API gateway manages API traffic, authentication tokens, and rate limiting for API interactions. It processes requests after initial endpoint authentication has been established and the request is being routed to the LLM backend.

Why D is Wrong: A back-end access gateway controls access to backend services and resources. It operates downstream from both endpoint authentication and API gateway processing, representing a deeper layer of the access control architecture rather than the first authentication requirement.

Basic Concept: Various regulatory frameworks govern AI use in different contexts. For auditing legal compliance in high-risk AI applications such as employment and HR, binding regulatory legislation takes precedence over voluntary standards. CompTIA SecAI+ Exam Objectives cover AI governance and compliance frameworks under Domain 4.

Why C is Correct: The EU AI Act is the world ' s first comprehensive, legally binding AI regulation. It explicitly classifies AI systems used in employment, worker management, and recruitment as high-risk AI systems, subjecting them to strict compliance requirements including conformity assessments, transparency obligations, and human oversight mandates. An auditor reviewing HR AI for legal non-compliance must reference this binding legislation.

Why A is Wrong: The OECD AI Principles are non-binding international guidelines promoting responsible AI. They offer policy guidance but carry no legal enforcement power for compliance auditing.

Why B is Wrong: The NIST AI RMF is a voluntary, risk management-focused framework. It is not a legal compliance standard and cannot be used to assess legal non-compliance.

Why D is Wrong: ISO standards such as ISO 42001 are voluntary international best practice standards. They are not legal compliance instruments with enforceable penalties for HR AI systems.

Basic Concept: System prompt extraction is an attack where users manipulate an LLM into revealing its confidential system instructions. This violates the confidentiality of proprietary prompts and can expose security controls and business logic to adversaries. CompTIA SecAI+ Study Guide identifies guardrails as the primary control for preventing system prompt disclosure.

Why C is Correct: Enhancing model guardrails can specifically include instructions and filters that prevent the model from revealing its system prompt contents, regardless of how users attempt to extract them. Guardrails can detect and block attempts to retrieve conversation history, repeat system-level instructions, or disclose confidential operational context. This directly addresses the demonstrated attack where the user prompted the chatbot to reveal its entire context including the system prompt.

Why A is Wrong: Restricting the LLM ' s access to internal services limits what external resources the model can query. While this reduces the potential impact of system compromise, it does not prevent the model from disclosing its own system prompt in response to carefully crafted user queries.

Why B is Wrong: Data version control tracks changes to datasets and documents over time. It is a data management tool that does not inspect or control what the model discloses in its conversational responses to users.

Why D is Wrong: Segregating and identifying external content is relevant for preventing prompt injection from external data sources. It does not directly prevent a user from successfully prompting the model to reveal its own internal system instructions.

Basic Concept: Modern security operations require automation of complex, multi-step workflows. Different AI architectures have different capabilities. Understanding which AI type is best suited for task decomposition and autonomous execution is fundamental to AI-assisted security operations. CompTIA SecAI+ covers agentic AI capabilities under AI-assisted security.

Why A is Correct: Agentic AI systems are specifically designed to autonomously plan, decompose complex tasks into subtasks, execute multi-step workflows, use tools and APIs, and adapt their approach based on intermediate results. For a SOC analyst needing to automate multiple security tasks as a series of smaller coordinated steps, agentic AI is the ideal architecture as it can orchestrate an entire workflow including threat hunting, alert investigation, log analysis, and response actions.

Why B is Wrong: RAG AI enhances language model responses by retrieving relevant documents from a knowledge base. While useful for answering questions with current information, it is not designed for autonomous multi-step task execution or workflow automation.

Why C is Wrong: Generative AI creates content based on prompts including text, code, and summaries. While it can assist with individual tasks, it requires continuous human prompting for each step rather than autonomously breaking down and executing complex multi-step security workflows.

Why D is Wrong: A chatbot is a conversational interface designed for question-answering or guided dialogue. It responds reactively to user input rather than proactively planning and executing multi-step automated security workflows.

Basic Concept: RAG-based AI systems retrieve information from knowledge bases to augment their responses. The differential access to sensitive employee data based on user role demonstrates that role-based data access controls are functioning correctly, restricting what data different users can retrieve through the AI interface. CompTIA SecAI+ Study Guide covers data access controls as the primary mechanism for preventing sensitive data exposure in RAG systems.

Why A is Correct: Data access controls define what information each user role is permitted to retrieve from the knowledge base. In this scenario, administrator-level users can access employee directory information while employee-level users cannot. The RAG system enforces these permissions when retrieving data for the AI ' s responses, preventing unauthorized users from accessing sensitive employee data through the chatbot interface regardless of how they phrase their queries.

Why B is Wrong: Model-specific guardrails filter responses based on content policies. While they can prevent certain categories of sensitive information from being disclosed, the scenario specifically shows differential access based on user role, which is the characteristic of access control enforcement, not content-based guardrail filtering.

Why C is Wrong: Rate limiting restricts request frequency. It does not differentiate what data different users can access; it only controls how often they can make requests. Both the administrator and employee could be subject to the same rate limit while still receiving different data based on their access controls.

Why D is Wrong: Prompt templates standardize how queries are structured. They do not implement user role-based data access restrictions or prevent specific user types from accessing sensitive information in the underlying knowledge base.