Basic Concept: AI systems can inadvertently reveal sensitive information such as PII, credentials, or internal data in their outputs when not properly controlled. Sensitive information disclosure is a critical OWASP LLM Top 10 risk. CompTIA SecAI+ Study Guide covers both vulnerability identification and appropriate data protection controls for AI outputs.

Why D is Correct: The scenario describes the AI system outputting sensitive information in its responses, which is a sensitive information disclosure vulnerability. The appropriate control is masking, which replaces sensitive data values such as credit card numbers, SSNs, or API keys with redacted or tokenized equivalents in the model ' s outputs before they are returned to users. This prevents the AI from disclosing sensitive data while still providing useful responses.

Why A is Wrong: Prompt injection involves crafting inputs to override model instructions. If the penetration test revealed sensitive information, the primary vulnerability is the disclosure of that sensitive data, not the injection mechanism itself. EDR monitors endpoint behavior, not AI output content.

Why B is Wrong: Model hallucinations produce fabricated information rather than disclosing real sensitive data. The described scenario involves actual sensitive information being revealed, not fictitious content generation.

Why C is Wrong: Jailbreaking circumvents safety restrictions but the primary harm demonstrated is sensitive data exposure. RBAC manages access permissions but does not prevent the model from including sensitive data in responses once access is granted.

Why E is Wrong: Role impersonation involves the AI pretending to be a different entity. This may be a secondary technique used by the penetration tester but the primary vulnerability described is the disclosure of actual sensitive information in the output.