Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Pass the CompTIA CompTIA SecAI+ CY0-001 Questions and answers with CertsForce

Viewing page 4 out of 4 pages
Viewing questions 31-40 out of questions
Questions # 31:

A company deploys an internet-facing chatbot using RAG. Logs show that an administrator can retrieve employee names and usernames while an employee receives ' information not available. ' Which of the following is reducing the risk of sensitive data exposure in this scenario?

Options:

A.

Data access controls


B.

Model-specific guardrails


C.

Rate limiting


D.

Prompt templates


Expert Solution
Questions # 32:

A team of data scientists is ready to release a model for enterprise use. The team wants to protect the model from unintentional changes or tampering.

Which of the following is the most appropriate action?

Options:

A.

Change the model to a large language model (LLM) for interactive features with guardrails.


B.

Provide secure copies of the model for local runtime usage.


C.

Restrict access to only IT professionals in the organization.


D.

Integrate an application programming interface (API) with identity and access management (IAM) roles to interact with the model.


Expert Solution
Questions # 33:

As a compliance requirement, a large language model (LLM) application requires setting up guardrails.

Which of the following resources is most appropriate to use?

Options:

A.

Retrieval-augmented generation (RAG)


B.

Open Worldwide Application Security Project (OWASP)


C.

LLM libraries


D.

Security incident and event management (SIEM)


Expert Solution
Questions # 34:

Which of the following controls is the best way to mitigate a denial-of-service (DoS) attack?

Options:

A.

Model guardrails


B.

Rate limiting


C.

End-to-end encryption


D.

Access controls


Expert Solution
Questions # 35:

A security administrator needs to improve an AI model. During an initial investigation, the administrator notices that two successive login failures are recorded every day, and then a successful login occurs after a specific time interval. All the successful login attempts have been during office hours.

Which of the following techniques should the administrator use to improve the AI model ' s security?

Options:

A.

Access management


B.

Pattern recognition


C.

Signature matching


D.

Vulnerability analysis


Expert Solution
Questions # 36:

A cybersecurity administrator needs a security mechanism that can validate input.

Which of the following controls should the administrator use?

Options:

A.

Prompt firewall


B.

Rate limits


C.

Token limits


D.

Input quantity


Expert Solution
Questions # 37:

A healthcare organization plans to deploy a chatbot for appointment scheduling and patient records.

Which of the following is the first step a security administrator should take?

Options:

A.

Implement prompt firewalls.


B.

Enable role-based access management


C.

Conduct a risk assessment.


D.

Use a secure data communication channel for chat.


Expert Solution
Questions # 38:

An architect is creating a threat model for an agentic system.

Which of the following should the architect do first?

Options:

A.

Apply compensating controls based on exposure findings.


B.

Identify the trust boundary between the components.


C.

Calculate the risk to resources based on data sensitivity.


D.

Scan for vulnerabilities from the Open Worldwide Application Security Project (OWASP) Top 10.


Expert Solution
Questions # 39:

An IT company implements an adaptable chatbot that learns from user prompts. Based on the conversation shown — where User 2 injected false information about a company acquisition that caused the chatbot to give incorrect responses to User 3 — which of the following compensating controls should an administrator implement to mitigate the issue?

Options:

A.

Data encryption


B.

Rate-limiting application programming interfaces (APIs)


C.

Transfer learning


D.

Guardrails


Expert Solution
Questions # 40:

A social media company with more than a million lines of code wants to reduce the mean time to fix bugs and issues.

Which of the following is the most balanced AI strategy to automate the vulnerability management flow?

Options:

A.

Using AI to triage discovered issues and create tickets, but having a software engineer merge software


B.

Having security analysts triage discovered issues and create tickets, but using AI to merge software


C.

Having security analysts triage discovered issues and create tickets, but having a software engineer merge software


D.

Using AI to triage discovered issues, create tickets, and merge software fixes


Expert Solution
Viewing page 4 out of 4 pages
Viewing questions 31-40 out of questions