nerdexam
Isaca

AAISM · Question #200

When robust input controls cannot prevent prompt injections in an LLM, what is the BEST compensating control?

The correct answer is D. Review and annotate the AI system's outputs. When input-side defenses fail to stop prompt injection, output review becomes the critical last line of defense. Reviewing and annotating outputs intercepts harmful, misleading, or unauthorized content before it reaches end users, limiting the damage from a successful injection.

AI Security Operations and Monitoring

Question

When robust input controls cannot prevent prompt injections in an LLM, what is the BEST compensating control?

Options

  • AFine-tune the system to validate inputs
  • BImplement identity and access management (IAM)
  • CConduct human reviews of AI system inputs
  • DReview and annotate the AI system's outputs

How the community answered

(26 responses)
  • A
    8% (2)
  • B
    8% (2)
  • C
    27% (7)
  • D
    58% (15)

Explanation

When input-side defenses fail to stop prompt injection, output review becomes the critical last line of defense. Reviewing and annotating outputs intercepts harmful, misleading, or unauthorized content before it reaches end users, limiting the damage from a successful injection. Fine-tuning for input validation (A) is still an input-side control - the same layer that already failed. IAM (B) governs who can access the system but does not filter malicious content. Human review of inputs (C) is resource-intensive and would have been part of the input controls that already failed. Output review catches the actual harm regardless of how the injection entered.

Topics

#Prompt Injection#LLM Security#Compensating Controls#Output Validation

Community Discussion

No community discussion yet for this question.

Full AAISM Practice