AAISM · Question #23
During the creation of a new large language model (LLM), an organization procured training data from multiple sources. Which of the following is MOST likely to address the CISO's security and privacy
The correct answer is B. Data minimization. When training data is procured from multiple external sources, it is likely to contain excessive, sensitive, or personally identifiable information beyond what is actually needed to train the model. Data minimization (B) - the practice of collecting and retaining only the minimum
Question
During the creation of a new large language model (LLM), an organization procured training data from multiple sources. Which of the following is MOST likely to address the CISO's security and privacy concerns?
Options
- AData augmentation
- BData minimization
- CData classification
- DData discovery
How the community answered
(35 responses)- A6% (2)
- B77% (27)
- C14% (5)
- D3% (1)
Explanation
When training data is procured from multiple external sources, it is likely to contain excessive, sensitive, or personally identifiable information beyond what is actually needed to train the model. Data minimization (B) - the practice of collecting and retaining only the minimum data necessary for the intended purpose - directly addresses both security concerns (smaller attack surface, less data to breach or misuse) and privacy concerns (a foundational principle of GDPR and similar regulations). Data augmentation (A) increases data volume, which increases risk rather than reducing it. Data classification (C) labels data by sensitivity but does not reduce the quantity of sensitive data held. Data discovery (D) identifies what data exists but does not reduce risk. Only data minimization (B) proactively reduces both exposure and privacy liability.
Topics
Community Discussion
No community discussion yet for this question.