CY0-001 Exam Questions

During the selection of a machine learning (ML)-based threat classification model, a cybersecurity administrator verifies that label distribution is highly unbalanced. Which of the...

A healthcare organization plans to deploy a chatbot for appointment scheduling and patient records. Which of the following is the first step a security administrator should take?

Which of the following helps in managing potential security issues related to model training?

Which of the following improves the observability and auditing of an AI system?

Users report that the output of a generative AI application seems unrelated to the prompts and contains offensive content. A security team investigates and determines that there wa...

Which of the following is used to train an AI model with unstructured data?

A security architect performs threat modeling of an AI system. The architect needs to determine which attacks can be performed against the system. Which of the following actions sh...

Which of the following is the most impactful security risk associated with the use of a generative AI chatbot?

When should containment occur during the incident response lifecycle?

Which control BEST prevents attackers from harvesting password hashes during lateral movement?

Which techniques belong to the MITRE ATT&CK Command-and-Control phase? (Choose two.)

Which log type is MOST useful for detecting DNS tunneling?

An organization is developing and implementing AI features into a customer service application. Which of the following practices should the organization put the place before releas...

An internal user enters a client credit card number into an internal generative machine learning (ML) model: #User prompt: Customer Jane Doe has a new credit card that she wants to...

A security alert triggers an agentic system. An analyst notices the following payload in the logs" The alert includes multiple shell commands that are not typically run as part of...

A global security operations center (SOC) wants to adapt and leverage the strength of AI in order to enhance its security operations. Which of the following is the best way to enha...

An attacker successfully completes a denial-of-service (DoS) attack through the context window of an AI system. Thousands of characters are obfuscated and hidden behind an emoji. W...

An AI architect reviews AI utilization and wants to improve the user experience. Which of the following should the architect review within the logs?

A human resources officer is using AI to evaluate resumes and help select candidates that meet minimum criteria. To improve the results, the human resources officer adjusts the que...

A line of business wants to onboard an application that uses a custom AI model for employee assessments. The Chief Information Officer (CIO) agrees to allow the engagement to proce...

A security analyst finds that the AI system is under a denial-of-wallet attack. Which of the following should the analyst enforce to protect the company? (Choose two.)

A financial organization implements a new AI-based fraud detection system to flag suspicious transactions. A security analyst discovers that it occasionally blocks legitimate trans...

A security operations center (SOC) analyst needs to automate multiple security tasks by breaking them down into smaller parts. Which of the following AI tools is the best for this...

Which of the following responsible AI standards refers to a principle that clearly states the reasons behind the decisions for a particular conclusion?

A web server shows signs of SQL injection. Which control BEST prevents this?

Which tool prevents unauthorized system file modifications?

What is the PRIMARY purpose of an MSSP for small businesses?

Which methods identify vulnerabilities BEFORE deployment? (Choose two.)

A cybersecurity analyst wants to choose a machine learning (ML) model to classify log entries while providing the best explainability. Which of the following models should the anal...

Which of the following is the primary purpose of validating data for an AI system?

A manufacturing company wants to use AI within its operations to improve the efficiency and accuracy of its processes. Which of the following should the organization do first to en...

Customer feedback for an AI chatbot has a high-rate of non-answers, which is causing higher central processing unit (CPU) utilization. Which of the following should be implemented?

A security consultant needs to detect attacks across a large language model (LLM) firewall. Which of the following techniques should the consultant use?

Which of the following is most resistant to AI manipulation?

An organization recently developed an AI-powered product and discovers that it is vulnerable to attacks in which malicious actors can alter the input, causing the system to recomme...

An IT company implements an adaptable chatbot that learns from user prompts. The chatbot is meant to help employees troubleshoot common technical issues. Based on the following: [U...

Which of the following is required first in order to send a prompt query and response in a language model (LLM) system when authentication is enabled?

Global IPs attempt logins against thousands of accounts with known breached credentials. What attack is occurring?

What control reduces the impact radius when a single host is compromised?

A company wants to detect abnormal insider activity based on historical logs. Which technology is BEST?

Which IR document defines who must be contacted during a breach and within what timeframe?

A detection engineering team wants to use AI to automatically prevent vulnerable code from reaching production. Which of the following is the most effective way to accomplish this...

A penetration tester is assessing the controls of a deployed AI system that is designed to search and return the contents of files. The tester runs the following: Which of the foll...

A customer-facing, AI-powered chatbot has been jailbroken through prompt injections. As a result, the AI model is offering a 99% discount on the purchase of a new vehicle. Which of...

User experience is declining since the launch of a large language model (LLM) in internal networks. Which of the following should be the highest priority for the prompt engineers?

A data set containing medical information is put into a machine learning (ML) model that is designed to predict specific illnesses for a population. In the process of verifying the...