AAISM Question #135: Real Exam Question with Answer & Explanation

The correct answer is B: Developing a testing strategy including AI-specific threat modeling and adversarial attack. The AAISM standard explicitly states that traditional penetration tests alone are insufficient for AI systems. Effective AI security testing requires: - AI-specific threat modeling (e.g., data poisoning, prompt injection, model theft) - Adversarial attack simulations (white-box,

AI Security Assurance and Resilience

Question

Which approach should an organization prioritize to effectively verify the security of its AI models?

Options

AAutomating vulnerability identification
BDeveloping a testing strategy including AI-specific threat modeling and adversarial attack
CTesting team competencies in IT threat mitigation
DUsing standard penetration testing methods

Explanation

The AAISM standard explicitly states that traditional penetration tests alone are insufficient for AI systems. Effective AI security testing requires: - AI-specific threat modeling (e.g., data poisoning, prompt injection, model theft) - Adversarial attack simulations (white-box, black-box, gradient-based attacks) - Evaluation of robustness and manipulation resistance

Topics

#AI Security Testing#AI Threat Modeling#Adversarial Attacks#AI Model Verification

Community Discussion

No community discussion yet for this question.

Full AAISM Practice Browse All AAISM Questions