AAISM Practice Questions
265 real AAISM exam questions with expert-verified answers and explanations. Page 2 of 6.
- Question #51AI Security Strategy and Governance
When addressing privacy concerns related to AI systems, which of the following is the GREATEST significance of user consent for an organization?
User ConsentData PrivacyLawful Basis for Data ProcessingAI Governance - Question #52AI Security Assurance and Resilience
During red-team testing of an AI system used to make lending decisions, which of the following techniques BEST simulates a data poisoning attack?
Data poisoningRed team testingAI attack typesAI security testing - Question #53AI Security Strategy and Governance
When evaluating a new AI tool for intrusion prevention, which of the following is the MOST important consideration to ensure the tool fits within the existing program architecture?
AI tool evaluationControl objectivesProgram architectureStrategic alignment - Question #54AI Security Strategy and Governance
The PRIMARY purpose of adopting and implementing AI architecture as part of an organizational AI program is to:
AI ArchitectureOrganizational AI StrategyBusiness AlignmentAI Governance - Question #55AI Security Assurance and Resilience
Which of the following would BEST ensure a proper business continuity plan (BCP) is in place for an AI solution?
Business Continuity PlanningFailover testingAI resilienceDisaster recovery - Question #56AI Security Strategy and Governance
A newly hired programmer suspects that the organization's AI solution is inferring users' sensitive information and using it to advise future decisions. Which of the following is t...
AI GovernanceEthical AIData PrivacyReporting Procedures - Question #57AI Security Design and Implementation
Which of the following is the MOST effective defense against cyberattacks that alter input data to avoid detection by the model?
Adversarial attacksAdversarial trainingModel robustnessInput data integrity - Question #58AI Security Design and Implementation
Which of the following BEST describes an adversarial attack on an AI model?
Adversarial attacksAI model securityModel integrityInput manipulation - Question #59AI Security Design and Implementation
Which of the following is the BEST control for preventing deepfakes?
DeepfakesProvenance verificationSynthetic mediaAI security controls - Question #60AI Security Design and Implementation
A large corporation has received an influx of sophisticated credential-phishing emails and wants to leverage an AI solution to detect and quarantine these messages before they reac...
Phishing DetectionNatural Language Processing (NLP)AI in CybersecurityEmail Security - Question #61AI Security Strategy and Governance
An organization plans to use AI to analyze the shopping patterns of its customers to predict interests and send targeted, customized marketing emails. Which of the following should...
Customer ConsentData PrivacyAI EthicsLegal Compliance - Question #62AI Security Strategy and Governance
Which of the following should be included in an AI acceptable use policy?
AI Acceptable Use PolicyAI GovernanceEthical AILegal Compliance - Question #63AI Security Risk Management
Which of the following approaches BEST helps to reduce model bias?
Model BiasData DiversityBias MitigationTraining Data - Question #64AI Security Risk Management
A CISO has been tasked with providing key performance indicators (KPIs) on the organization's newly launched AI chatbot. Which of the following are the BEST metrics for the CISO to...
AI Security KPIsAI Risk ManagementAI Bias DetectionAI System Integrity - Question #65AI Security Design and Implementation
Which of the following methods provides the MOST effective protection against model inversion attacks?
Model Inversion AttacksAI PrivacyOutput RegularizationAI Security Defenses - Question #66AI Security Risk Management
A global organization has experienced multiple incidents of staff copying confidential data into public chatbots and acting on the model outputs. Which of the following is MOST imp...
AI security awarenessEmployee trainingData leakage preventionShort-term risk reduction - Question #67AI Security Strategy and Governance
A large financial services organization is integrating a third-party AI solution into its critical fraud detection system. Which of the following is the BEST way for the organizati...
AI Vendor RiskSupply Chain SecurityContractual Security RequirementsThird-Party Risk Management - Question #68AI Security Strategy and Governance
Which of the following BEST describes the role of transparency in AI?
AI TransparencyExplainable AIAI GovernanceAI Ethics - Question #69AI Security Assurance and Resilience
Which of the following BEST ensures AI components are validated as part of disaster recovery testing?
Disaster Recovery TestingAI System ResilienceModel Performance MonitoringFailover Validation - Question #70AI Security Risk Management
Which of the following AI data life cycle phases presents the GREATEST inherent risk?
AI data lifecycleData preparation risksInherent riskAI security - Question #71AI Security Assurance and Resilience
AI developers often find it difficult to explain the processes inside deep learning systems PRIMARILY because:
AI ExplainabilityDeep LearningNeural NetworksBlack Box AI - Question #72AI Security Risk Management
During the deployment of a generative AI platform, a risk assessment highlighted threats such as data leakage and prompt manipulation. Which of the following is the BEST way to ens...
AI risk managementControl selectionThreat mitigationGenerative AI security - Question #73AI Security Risk Management
A financial organization uses AI to detect potential fraudulent activities but is concerned about the impact of potential data poisoning. Which of the following controls would BEST...
Data poisoningAI risk mitigationTraining data integrityModel robustness - Question #74AI Security Risk Management
A preliminary risk assessment of a SaaS-based large language model (LLM) business support system has identified prompt injection, data poisoning, and model exfiltration as material...
Risk ManagementThreat Control MatrixAI Security ControlsRisk Treatment - Question #75AI Security Strategy and Governance
When using AI as part of incident response, which of the following BEST ensures the automation aligns with regulatory and governance obligations?
AI in Incident ResponseAI GovernanceRegulatory ComplianceHuman Oversight - Question #76AI Security Design and Implementation
Which of the following AI data management techniques involves creating validation and test data?
AI Data ManagementData SplittingValidation DataTest Data - Question #77AI Security Design and Implementation
Which of the following controls would BEST help to prevent data poisoning in AI models?
Data poisoning preventionAI security controlsData validationAI model integrity - Question #78AI Security Strategy and Governance
Which of the following is the BEST way to ensure role clarity and staff effectiveness when implementing AI-assisted security monitoring tools?
AI implementationRole definitionSecurity governanceOrganizational effectiveness - Question #79AI Security Operations and Monitoring
Which of the following is the MAIN objective of the operational phase of AI life cycle management?
AI Life CycleAI OperationsModel PerformanceMonitoring - Question #80AI Security Risk Management
A health services organization is developing a proprietary generative AI chatbot to assist patients with medical devices. Which of the following should be the organization's HIGHES...
AI Training DataData QualityHealthcare AIAI Risk Mitigation - Question #81AI Security Risk Management
A military contractor discovered that its large language model (LLM) is at high risk of being targeted by advanced persistent threat (APT) actors seeking to exploit the model to ac...
LLM securityModel inversionConfidentiality attacksAPT threats - Question #82AI Security Assurance and Resilience
An organization is adopting an agentic AI solution from an external vendor to support its internal IT operations. To evaluate the security posture of this system, which of the foll...
Third-party risk managementSecurity assuranceVendor security evaluationIndependent verification - Question #83AI Security Design and Implementation
An organization is deploying an automated AI cybersecurity system. Which of the following would be the MOST effective strategy to minimize human error and improve overall security?
AI Training DataAutomated Threat DetectionMinimizing Human ErrorAI System Effectiveness - Question #84AI Security Design and Implementation
Which of the following should be the PRIMARY objective of implementing differential privacy techniques in AI models leveraging fraud detection systems?
Differential PrivacyData PrivacyAI SecurityPrivacy-Enhancing Technologies - Question #85AI Security Design and Implementation
When robust input controls are not practical on a large language model (LLM) to prevent prompt injection attacks from external threats, which of the following would be the BEST com...
Prompt Injection MitigationCompensating ControlsLLM SecurityOutput Validation - Question #86AI Security Design and Implementation
An organization has implemented a natural language processing model to respond to customer questions when personnel are not available. A pre-implementation security assessment reve...
AI SecurityInjection AttacksInput ValidationSecure Design - Question #87AI Security Strategy and Governance
Which of the following is the MOST critical success factor for an AI implementation project?
Project ManagementStakeholder ManagementAI ImplementationOrganizational Readiness - Question #88AI Security Design and Implementation
Which of the following strategies is the MOST effective way to protect against AI data poisoning?
AI Data PoisoningData IntegrityData ValidationAnomaly Detection - Question #89AI Security Strategy and Governance
A post-incident investigation finds that an AI-powered anti-money laundering system inadvertently allowed suspicious transactions because certain risk signals were disabled to redu...
AI GovernanceModel ValidationChange ControlAI Risk Management - Question #90AI Security Design and Implementation
Implementing which of the following would MOST effectively address bias in generative AI models?
Bias mitigationGenerative AIFairness constraintsResponsible AI - Question #91AI Security Strategy and Governance
A school district contracts a third-party provider for AI-based curriculum recommendations. Which of the following is the BEST way to ensure the vendor uses AI responsibly?
Responsible AIAI vendor managementModel cardAI transparency - Question #92AI Security Design and Implementation
An organization is implementing AI agent development across multiple engineering teams. Which of the following is the MOST important focus of AI-specific security training for deve...
Prompt InjectionAI Agent SecuritySecure AI DevelopmentInsecure Tool Execution - Question #93AI Security Strategy and Governance
To ensure the ethical and responsible use of AI, which of the following AI usage policy metrics is MOST important for an organization to monitor?
AI GovernanceCompliance MonitoringEthical AIPolicy Enforcement - Question #94AI Security Strategy and Governance
Which of the following would MOST effectively obtain ongoing support from stakeholders to align AI initiatives with business objectives?
Stakeholder ManagementBusiness AlignmentValue CommunicationAI Strategy - Question #95AI Security Design and Implementation
The PRIMARY goal of data poisoning attacks is to:
Data poisoningAI attacksModel integrityAttack goals - Question #96AI Security Strategy and Governance
Which of the following involves documenting and monitoring the complete journey of data as it flows through an AI system?
Data LineageData FlowData GovernanceAI System Monitoring - Question #97AI Security Strategy and Governance
Which of the following would BEST help an organization align its AI initiatives with business objectives?
AI GovernanceBusiness AlignmentStrategic PlanningAI Strategy - Question #98AI Security Design and Implementation
Which of the following would BEST protect trade secrets related to AI technologies during their life cycle?
Trade SecretsIP ProtectionAccess ControlData Security - Question #99AI Security Risk Management
Which of the following is the MOST effective action an organization can take to address data security risk when using generative AI features in an application?
Generative AI securityData security riskThird-party risk managementContractual agreements - Question #100AI Security Strategy and Governance
Which of the following BEST describes the role of model cards in AI solutions?
Model cardsAI documentationResponsible AITransparency