AAISM Practice Questions
265 real AAISM exam questions with expert-verified answers and explanations. Page 5 of 6.
- Question #201AI Security Strategy and Governance
A programmer suspects an AI system is inferring sensitive user information. What is the BEST action?
AI GovernanceData PrivacyIncident ReportingEthical AI - Question #202AI Security Strategy and Governance
How can an organization best remain compliant when decommissioning an AI system that recorded patient data?
AI system decommissioningData destruction complianceSensitive data handlingAudit documentation - Question #203AI Security Strategy and Governance
A vendor switched its chatbot's AI model without due diligence, causing unethical investment advice. What control BEST prevents this scenario?
Change ManagementAI GovernanceVendor Risk ManagementEthical AI - Question #204AI Security Design and Implementation
Which attack type is MOST likely to cause model drift?
Model DriftData PoisoningAI Security AttacksML Vulnerabilities - Question #205AI Security Assurance and Resilience
The MOST effective AI-driven capability to ensure real-time business continuity is:
AI business continuityAutomated failoverSystem resilienceDisaster recovery - Question #206AI Security Operations and Monitoring
What is the MOST effective metric for monitoring AI solutions provided by AI vendors?
AI monitoringReal-time anomaly detectionAI operationsVendor management - Question #207AI Security Design and Implementation
Within which stage of the AI development life cycle should effective feature engineering be conducted?
AI development lifecycleFeature engineeringML development phases - Question #208AI Security Design and Implementation
A financial institution plans to deploy an AI system to provide credit risk assessments for loan applications. Which of the following should be given the HIGHEST priority in the sy...
Ethical AIBias preventionHuman-in-the-loopAI system design - Question #209AI Security Strategy and Governance
A retail organization implements an AI-driven recommendation system that utilizes customer purchase history. Which of the following is the BEST way for the organization to ensure p...
AI PrivacyRegulatory ComplianceLegal FrameworksData Governance - Question #210AI Security Strategy and Governance
An organization is updating its vendor arrangements to facilitate the safe adoption of AI technologies. Which of the following would be the PRIMARY challenge in delivering this ini...
Vendor ManagementAI GovernanceContract NegotiationVendor Risk - Question #211AI Security Risk Management
After implementing a third-party generative AI tool, an organization learns about new regulations related to how organizations use AI. Which of the following would be the BEST just...
Risk appetiteRegulatory complianceRisk acceptanceAI risk management - Question #212AI Security Risk Management
Which of the following is the MOST serious consequence of an AI system correctly guessing the personal information of individuals and drawing conclusions based on that information?
AI privacyData inferenceInformation revelationPrivacy violations - Question #213AI Security Strategy and Governance
Which of the following should be done FIRST when developing an acceptable use policy for generative AI?
Acceptable Use PolicyGenerative AI governancePolicy developmentAI scope definition - Question #214AI Security Operations and Monitoring
A model producing contradictory outputs based on highly similar inputs MOST likely indicates the presence of:
Adversarial AttacksEvasion AttacksAI Model IntegrityAI Security Operations - Question #215AI Security Risk Management
Which of the following recommendations would BEST help a service provider mitigate the risk of lawsuits arising from generative AI's access to and use of internet data?
Generative AI riskIntellectual PropertyData filteringRisk mitigation strategies - Question #216AI Security Strategy and Governance
Which of the following is the BEST approach for minimizing risk when integrating acceptable use policies for AI foundation models into business operations?
AI GovernanceAI Risk ManagementAcceptable Use PolicyAI Lifecycle Management - Question #217AI Security Design and Implementation
Which of the following metrics BEST evaluates the ability of a model to correctly identify all true positive instances?
AI Model EvaluationMachine Learning MetricsRecallPerformance Metrics - Question #218AI Security Operations and Monitoring
An organization uses an AI tool to scan social media for product reviews. Fraudulent social media accounts begin posting negative reviews attacking the organization's product. Whic...
AI attacksAvailability attacksSocial media analyticsFraudulent data - Question #219AI Security Design and Implementation
An attacker crafts inputs to a large language model (LLM) to exploit output integrity controls. Which of the following types of attacks is this an example of?
LLM securityPrompt injectionAttack typesAI vulnerabilities - Question #220AI Security Design and Implementation
An organization using an AI model for financial forecasting identifies inaccuracies caused by missing data. Which of the following is the MOST effective data cleaning technique to...
Data CleaningMissing DataModel PerformanceData Preprocessing - Question #221AI Security Assurance and Resilience
Which of the following is MOST important to consider when validating a third-party AI tool?
Third-party AI riskVendor validationRight to auditAI assurance - Question #222AI Security Design and Implementation
Which of the following is the BEST mitigation control for membership inference attacks on AI systems?
Membership inference attacksDifferential privacyAI privacyMitigation controls - Question #223AI Security Strategy and Governance
Which of the following is the MOST effective approach to mitigate privacy concerns when an organization collects personal data through a third-party AI application?
PrivacyData Subject ConsentThird-Party DataAI Data Collection - Question #224AI Security Design and Implementation
A hospital adopts an AI solution from an external vendor to help diagnose rare diseases. Which of the following BEST demonstrates the verification of security requirements for this...
AI SecurityData ProtectionRegulatory ComplianceSecurity Requirements - Question #225AI Security Strategy and Governance
When an AI impact assessment reveals biased training data, what is the MOST effective method to ensure regulatory compliance?
AI BiasData GovernanceRegulatory ComplianceResponsible AI - Question #226AI Security Operations and Monitoring
Which of the following is the BEST method to uncover known vulnerabilities in an AI-based web application that has been recently deployed?
Application Security TestingDASTVulnerability ScanningWeb Application Security - Question #227AI Security Risk Management
The PRIMARY reason to conduct a privacy impact assessment (PIA) on an AI system is to:
Privacy Impact AssessmentData privacyAI governancePersonal data handling - Question #228AI Security Design and Implementation
Which of the following AI system vulnerabilities is MOST easily exploited by adversaries?
Access ControlVulnerability ManagementAI System SecurityExploitation - Question #229AI Security Strategy and Governance
An organization concerned about the ethical and responsible use of a newly developed AI product should consider implementing:
AI EthicsAccountabilityResponsible AIAI Governance - Question #230AI Security Operations and Monitoring
After deployment, an AI model's output begins to drift outside of the expected range. Which of the following is the development team's BEST course of action?
AI model driftAI lifecycle managementModel monitoringModel retraining - Question #231AI Security Risk Management
When implementing a generative AI system, which of the following approaches will BEST prevent misalignment between the corporate risk appetite and tolerance?
AI Risk ManagementRisk Appetite and ToleranceRisk MonitoringGenerative AI Security - Question #232AI Security Design and Implementation
Which of the following BEST reduces the risk of exposing sensitive data through the output of large language models (LLMs) in applications?
LLM data securityData sanitizationSensitive data protectionAI output security - Question #233AI Security Risk Management
Which of the following is the GREATEST risk inherent to implementing generative AI?
Generative AI risksIntellectual propertyRisk prioritizationAI legal compliance - Question #234AI Security Strategy and Governance
Which of the following should be the PRIMARY consideration for an organization concerned about liabilities associated with unforeseen behavior from agentic AI systems?
AI AccountabilityAI GovernanceLiability ManagementAgentic AI Risk - Question #235AI Security Operations and Monitoring
Which of the following is the GREATEST benefit of implementing an AI tool to safeguard sensitive data and prevent unauthorized access?
AI in SecurityData ProtectionFalse PositivesSecurity Operations - Question #236AI Security Risk Management
Which of the following employee awareness topics would MOST likely be revised to account for AI-enabled cyber risk?
AI cyber riskEmployee awarenessSocial engineeringAI-enabled attacks - Question #237AI Security Strategy and Governance
Which of the following BEST enables an organization to maintain visibility to its AI usage?
AI InventoryAI VisibilityAI Asset ManagementAI Governance - Question #238AI Security Strategy and Governance
What is the role of an AI governance committee within an organization?
AI governanceEthical AIAI oversightGovernance committees - Question #239AI Security Design and Implementation
Which of the following data management techniques BEST improves an AI model's performance by enhancing training data quality?
Data QualityAI Training DataData ScrubbingModel Performance - Question #240AI Security Design and Implementation
When designing an AI security architecture, what is the PRIMARY purpose of using adversarial training?
AI security architectureAdversarial trainingModel robustnessAdversarial attacks - Question #241AI Security Strategy and Governance
Which of the following is the MOST important consideration for an organization that has decided to adopt AI to leverage its competitive advantage?
AI StrategyStrategic PlanningAI AdoptionCompetitive Advantage - Question #242AI Security Design and Implementation
Personal data used to train AI systems can BEST be protected by:
AI Data PrivacyData AnonymizationPrivacy-Enhancing TechniquesAI Training Data Protection - Question #243AI Security Assurance and Resilience
How can an organization BEST protect itself from payment diversions caused by deepfake attacks impersonating management?
Deepfake securityPayment fraud preventionApproval processesOrganizational resilience - Question #244AI Security Design and Implementation
Which of the following would BEST help to prevent the compromise of a facial recognition AI system through the use of alterations in facial appearance?
AI Model RobustnessAdversarial Attack PreventionTraining Data EnhancementFacial Recognition Security - Question #245AI Security Strategy and Governance
Which of the following information is MOST important to include in a centralized AI inventory?
AI InventoryAI GovernanceAccountabilityOwnership - Question #246AI Security Operations and Monitoring
An organization is facing a deepfake attack intended to manipulate stock prices. The organization's crisis communication plan has been activated. Which of the following is MOST imp...
Deepfake responseCrisis communicationIncident managementFinancial impact mitigation - Question #247AI Security Strategy and Governance
An organization has requested a developer to apply AI algorithms to existing modules in order to improve customer service quality. At this stage, which of the following should be c...
AI GovernanceService Level AgreementsAI BehaviorIT Management - Question #248AI Security Strategy and Governance
Which of the following is MOST important to monitor in order to ensure the effectiveness of an organization's AI vendor management program?
AI Vendor ManagementCompliance MonitoringProgram EffectivenessThird-party Risk - Question #249AI Security Risk Management
When an attacker uses synthetic data to reverse engineer an organization's AI model, it is an example of which of the following types of attack?
AI Attack TypesModel InversionAdversarial Machine LearningData Privacy - Question #250AI Security Design and Implementation
Which of the following is MOST important for an organization to consider when implementing a preventive security safeguard into a new AI product?
Input sanitizationPreventive controlsAI security implementationData validation