Basic Concept: AI systems interact with different resource layers including models, data stores, and infrastructure. Controlling what data an AI system can access requires implementing access controls at the data layer. CompTIA SecAI+ Study Guide differentiates between model access, data access, and network access controls for AI systems.
Why D is Correct: Data access controls govern what data resources an AI system can interact with, including which databases, tables, and records it can read or modify. To control an AI system ' s ability to list database tables, the administrator must implement data access controls that define precisely which tables the AI can enumerate and query, following the principle of least privilege for data interactions.
Why A is Wrong: Agentic AI access refers to permissions granted to autonomous AI agents to perform actions and use tools. It is a broader concept about what an AI agent can do operationally rather than a specific data-layer access control mechanism.
Why B is Wrong: A Network Access Control List controls network traffic at the IP and port level, determining which hosts can communicate with which network resources. It operates at the network layer and cannot enforce fine-grained control over which database tables an AI system is allowed to list.
Why C is Wrong: Model access controls govern who and what can interact with the AI model itself — who can query it, update it, or access its parameters. This is distinct from data access, which controls what the model can read from data stores during operation.
Submit