AAISM Practice Questions
265 real AAISM exam questions with expert-verified answers and explanations. Page 4 of 6.
- Question #151AI Security Design and Implementation
Which of the following is the MOST effective way to prevent a model inversion attack?
Model Inversion AttackDifferential PrivacyAI PrivacyAI Security Controls - Question #152AI Security Strategy and Governance
The PRIMARY purpose of adopting and implementing AI architecture within an organizational AI program is to:
AI architectureBusiness alignmentAI program governanceStrategic planning - Question #153AI Security Strategy and Governance
Which of the following is the BEST way to ensure role clarity and staff effectiveness when implementing AI-assisted security monitoring tools?
Role ClarityStaff EffectivenessAI Security GovernanceSecurity Program Management - Question #154AI Security Risk Management
Which of the following BEST describes an adversarial attack on an AI model?
Adversarial AIAI model attacksInput manipulationModel robustness - Question #155AI Security Operations and Monitoring
Which of the following BEST strengthens information security controls around the use of generative AI applications?
AI Security ControlsGenerative AI RisksOutput MonitoringPolicy Compliance - Question #156AI Security Assurance and Resilience
A post-incident investigation finds that an AI-powered anti-money laundering system inadvertently allowed suspicious transactions because certain risk signals were disabled to redu...
AI GovernanceModel ValidationChange ControlAI Risk Management - Question #157AI Security Risk Management
Which of the following strategies is the MOST effective way to protect against AI data poisoning?
AI Data PoisoningData ValidationAnomaly DetectionAI Security Mitigation - Question #158AI Security Strategy and Governance
A CISO must provide KPIs for the organization's newly deployed AI chatbot. Which metrics are BEST?
AI Chatbot KPIsBias detectionAI error rateResponsible AI metrics - Question #159AI Security Risk Management
A global organization experienced multiple incidents of staff pasting confidential data into public chatbots. Which action is MOST important to reduce short-term risk?
AI security awareness trainingData leakage preventionHuman factor securityShort-term risk mitigation - Question #160AI Security Risk Management
A large financial institution is integrating a third-party AI solution into its fraud detection system. Which is the BEST way to reduce AI vendor/supply chain risk?
AI vendor riskSupply chain securityContractual agreementsSecure development practices - Question #161AI Security Risk Management
Employees are regularly using open-source generative AI without guidance. What should be the CISO's GREATEST concern?
Generative AI risksData leakageEmployee AI usageRisk prioritization - Question #162AI Security Design and Implementation
Which strategy BEST ensures generative AI tools do not expose company data?
Generative AI SecurityData Loss PreventionPreventative ControlsData Privacy - Question #163AI Security Risk Management
An organization is evaluating a SaaS-based HR system that uses AI for resume vetting. Which control is MOST important?
AI BiasTraining Data FairnessHR AI SystemsAI Risk Mitigation - Question #164AI Security Strategy and Governance
When addressing privacy concerns related to AI, what is the GREATEST significance of user consent?
User ConsentData PrivacyAI Data ProcessingLegal Basis for Data - Question #165AI Security Design and Implementation
An organization is deploying an automated AI cybersecurity system. Which strategy MOST effectively minimizes human error and improves security?
AI threat detectionMachine learning trainingMinimizing human errorAutomated security - Question #166AI Security Design and Implementation
Which of the following types of data is used to tune hyperparameters?
Machine Learning FundamentalsHyperparameter TuningData SplittingModel Development - Question #167AI Security Design and Implementation
An organization is designing an AI-based credit risk assessment system integrating sensitive financial data. Which option BEST supports security-by-design?
Security-by-DesignThreat ModelingAI System SecuritySecure Development Lifecycle - Question #168AI Security Design and Implementation
An organization is implementing AI agent development across engineering teams. What should AI-specific training focus on?
AI agent securityPrompt injectionSecure AI developmentInsecure tool execution - Question #169AI Security Risk Management
An organization deploying an LLM is concerned input manipulations could compromise security. What is the MOST effective way to determine an acceptable risk threshold?
Risk threshold determinationBusiness impact assessmentLLM input securityThreat assessment - Question #170AI Security Design and Implementation
For a life insurance company deploying AI for fraud detection, which factor is MOST critical?
AI robustnessAdversarial AIFraud detectionAI security principles - Question #171AI Security Design and Implementation
Which defense is MOST effective against cyberattacks that alter input data to avoid detection?
Adversarial attacksModel robustnessAdversarial trainingInput manipulation - Question #172AI Security Design and Implementation
Secure aggregation enhances federated learning security by:
Federated LearningSecure AggregationPrivacy-Preserving AIConfidentiality - Question #173AI Security Risk Management
What is the GREATEST benefit of performing AI security risk assessments?
AI Security Risk AssessmentRisk PrioritizationRisk Management Benefits - Question #174AI Security Design and Implementation
What is the GREATEST concern when a vendor enables generative AI features for an organization's critical system?
Generative AI securityAccess controlVendor risk managementCritical systems - Question #175AI Security Risk Management
A viral video shows a blurry person making claims about a product safety issue. The video has random low-quality sections. This MOST likely represents what threat?
DeepfakeSynthetic mediaMisinformationAI threats - Question #176AI Security Strategy and Governance
Which of the following should be the MOST important consideration when conducting an AI impact assessment?
AI Impact AssessmentBusiness ObjectivesAI GovernanceStrategic Alignment - Question #177AI Security Strategy and Governance
Who is responsible for implementing recommendations in a final report after an external AI compliance audit?
AI governanceRoles and responsibilitiesAudit remediationModel lifecycle - Question #178AI Security Assurance and Resilience
Which of the following BEST ensures AI components are validated during disaster recovery testing?
Disaster Recovery TestingAI Model ValidationOperational ResilienceModel Performance Monitoring - Question #179AI Security Strategy and Governance
Which of the following MOST effectively secures ongoing stakeholder support for AI initiatives?
Stakeholder ManagementAI Value CommunicationAI StrategyAI Governance - Question #180AI Security Risk Management
Which phase of the AI data life cycle presents the GREATEST inherent risk?
AI Lifecycle RisksModel Training SecurityInherent Risk Assessment - Question #181AI Security Design and Implementation
A security assessment revealed that attackers could access sensitive company data through chat interface injection. What is the BEST mitigation?
Input ValidationInjection AttacksAI SecurityMitigation Strategies - Question #182AI Security Risk Management
A financial organization is concerned about AI data poisoning. Which control BEST mitigates this risk?
AI Data PoisoningThreat MitigationTraining Data SecurityAI Risk Management - Question #183AI Security Design and Implementation
Which AI data management technique involves creating validation and test data?
Data SplittingValidation DataTest DataAI Data Management - Question #184AI Security Strategy and Governance
What is the PRIMARY purpose of a dedicated AI management system policy?
AI PolicyAI GovernanceManagement SystemAI Objectives - Question #185AI Security Risk Management
When evaluating a third-party AI service provider, which master services agreement (MSA) provision is MOST critical for managing security risk?
Third-party AI riskMSA security provisionsData usage restrictionsModel training data security - Question #186AI Security Strategy and Governance
Which BEST describes the role of model cards in AI solutions?
Model CardsAI DocumentationAI TransparencyAI Governance - Question #187AI Security Risk Management
A SaaS-based LLM system has risks including prompt injection, data poisoning, and model exfiltration. What is the BEST way to ensure consistent risk treatment?
AI Risk ManagementThreat Control MatrixConsistent Risk TreatmentLLM Security - Question #188AI Security Assurance and Resilience
AI developers often find deep learning systems difficult to explain PRIMARILY because:
Deep Learning ExplainabilityAI Black Box ProblemNeural Network ComplexityAI Interpretability - Question #189AI Security Risk Management
Which BEST addresses hallucination risk in AI systems?
AI HallucinationRisk MitigationHuman OversightAI Safety - Question #190AI Security Design and Implementation
A data scientist creating categories and training an algorithm on large data sets is performing which learning technique?
Supervised LearningMachine Learning TechniquesData LabelingAI Training - Question #191AI Security Assurance and Resilience
Which testing technique is BEST for determining how an AI model makes decisions?
AI testingWhite box testingAI explainabilityModel interpretability - Question #192AI Security Strategy and Governance
When evaluating a new AI tool for intrusion prevention, which is MOST important to ensure fit within the existing program architecture?
AI tool evaluationSecurity program integrationControl objectives alignmentIntrusion prevention systems - Question #193AI Security Strategy and Governance
To ensure ethical and responsible AI use, which AI usage policy metric is MOST important to monitor?
AI EthicsAI GovernancePolicy MonitoringEthical AI Metrics - Question #194AI Security Strategy and Governance
What BEST protects trade secrets related to AI technologies during their life cycle?
Trade Secret ProtectionIntellectual PropertyAccess ControlAI Governance - Question #195AI Security Risk Management
A regulator warns of increased risk of AI re-identification attacks on anonymized datasets. What should the information security manager do FIRST?
AI privacyData re-identificationRisk managementAdversarial testing - Question #196AI Security Design and Implementation
Cybersecurity teams should FIRST be embedded in the:
Secure by DesignAI Development SecurityEarly Security Integration - Question #197AI Security Design and Implementation
Which of the following MOST effectively addresses bias in generative AI models?
AI BiasFairnessGenerative AIBias Mitigation - Question #198AI Security Assurance and Resilience
What BEST ensures a proper business continuity plan (BCP) for an AI solution?
Business Continuity Plan (BCP)AI ResilienceFailover TestingDisaster Recovery (DR) - Question #199AI Security Operations and Monitoring
A critical AI system shows biased outcomes. What is the BEST course of action?
AI BiasRoot Cause AnalysisAI System RemediationAI Incident Management - Question #200AI Security Operations and Monitoring
When robust input controls cannot prevent prompt injections in an LLM, what is the BEST compensating control?
Prompt InjectionLLM SecurityCompensating ControlsOutput Validation