An AI research team is developing a natural language processing model that relies on several open-source libraries. Which of the following is the team's BEST course of action to ensure the integrity of the software packages used?
AMaintain a list of frequently used libraries to ensure consistent application in projects.
BRetrain the model regularly to handle package and library updates.
CScan the packages and libraries for malware prior to installation.
DUse the latest version of all libraries from public repositories.
An organization's CIO provided the AI steering committee with a list of AI technologies in use and tasked them with categorizing the technologies by risk. Which of the following should the committee do FIRST?
ABegin grouping similar AI products and solutions together.
BEnsure the AI technologies are included in the asset inventory.
CAssess risk levels based on risk appetite and regulatory requirements.
DIdentify vulnerabilities related to the technologies in use.
Which of the following is the MOST important consideration when deciding how to compose an AI red team?
AResource availability
BTime-to-market constraints
CSkills matrix
DAI use cases
A large pharmaceutical company using a new AI solution to develop treatment regimens is concerned about potential hallucinations with the introduction of real-world data. Which of the following is MOST likely to reduce this risk?
APenetration testing
BData asset validation
CHuman-in-the-loop
DAI impact analysis
Which of the following should be the PRIMARY consideration for an organization concerned about liabilities associated with unforeseen behavior from agentic AI systems?
AModel dependencies
BApproved base models
CAcceptable risk level
DAccountability model
Question 6
AI Risk Management
0
Question 7
AI Technologies and Controls
Question 8
AI Risk Management
Question 9
AI Risk Management
Question 10
AI Risk Management
Question 11
AI Risk Management
Question 12
AI Governance and Program Management
Question 13
AI Governance and Program Management
Question 14
AI Risk Management
Question 15
AI Governance and Program Management
Question 16
AI Risk Management
Question 17
AI Technologies and Controls
Question 18
AI Risk Management
Question 19
AI Technologies and Controls
Question 20
AI Risk Management
Question 21
AI Governance and Program Management
Question 22
AI Risk Management
Question 23
AI Technologies and Controls
Question 24
AI Technologies and Controls
Question 25
AI Governance and Program Management
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ad
Want a break from the ads?
Become a Supporter and enjoy a completely ad-free experience, plus unlock Learn Mode, Exam Mode, AstroTutor AI, and more.
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
During the creation of a new large language model (LLM), an organization procured training data from multiple sources. Which of the following is MOST likely to address the CISO's security and privacy concerns?
AData minimization
BData augmentation
CData classification
DData discovery
An organization is reviewing an AI application to determine whether it is still needed. Engineers have been asked to analyze the number of incorrect predictions against the total number of predictions made. Which of the following is this an example of?
AModel validation
BControl self-assessment (CSA)
CExplainable decision-making
DKey performance indicator (KPI)
Which of the following is the MOST critical key risk indicator (KRI) for an AI system?
AThe amount of data in the model
BThe rate of drift in the model
CThe accuracy rate of the model
DThe response time of the model
How can an organization BEST protect itself from payment diversions caused by deepfake attacks impersonating management?
ARequire mandatory deepfake detection training for all employees.
BImplement resilient payment approval processes.
CMandate that payments be sent only once per week.
DIssue a security policy on deepfakes.
An organization decides to contract a vendor to implement a new set of AI libraries. Which of the following is MOST important to address in the master service agreement to protect data used during the AI training process?
AData pseudonymization
BRight to audit
CIndependent certification
DContinuous data monitoring
Which of the following factors is MOST important for preserving user confidence and trust in generative AI systems?
AData anonymization
BBias minimization
CTransparent disclosure and informed consent
DAccess controls and secure storage solutions
Which of the following BEST enables an organization to maintain visibility to its AI usage?
AMeasuring the impact of AI implementation using key performance indicators (KPIs)
BMaintaining a comprehensive inventory of AI systems and business units that leverage them
CMaintaining a monthly dashboard that captures all AI vendors
DEnsuring the board approves the policies and standards that define corporate AI strategy
An organization is updating its vendor arrangements to facilitate the safe adoption of AI technologies. Which of the following would be the PRIMARY challenge in delivering this initiative?
AFailure to adequately assess AI risk
BUnwillingness of large AI companies to accept updated terms
CInsufficient legal team experience with AI
DInability to sufficiently identify shadow AI within the organization
Which of the following is the MOST effective way to mitigate the risk of deepfake attacks?
ALimiting employee access to AI tools
BValidating the provenance of the data source
CRelying on human judgment for oversight
DUsing a general-purpose large language model (LLM) to detect fraud
In a new supply chain management system, AI models used by participating parties are interactively connected to generate advice in support of management decision making. Which of the following is the GREATEST challenge related to this architecture?
AExplaining the overall benefit of the system to stakeholders
BEstablishing clear lines of responsibility for AI model outputs
CIdentifying hallucinations returned by AI models
DDetermining the aggregate risk of the system
Which of the following is the MOST important course of action when implementing continuous monitoring and reporting for AI-based systems?
AImplement real-time monitoring of key risk indicators (KRIs) for AI systems.
BImplement a risk dashboard for visualizing and tracking AI-related risk over time.
CDevelop standardized risk reporting templates for different stakeholder groups.
DEstablish an automated alert system for threshold breaches in risk metrics.
The PRIMARY benefit of implementing moderation controls in generative AI applications is that it can:
Afilter out harmful or inappropriate content.
Bincrease the model's ability to generate diverse and creative content.
Censure the generated content adheres to privacy regulations.
Doptimize the model's response time.
When integrating AI for innovation, which of the following can BEST help an organization manage security risk?
AEvaluating compliance requirements
BRe-evaluating the risk appetite
CAdopting a phased approach
DSeeking third-party advice
Which of the following BEST represents a combination of quantitative and qualitative metrics that can be used to comprehensively evaluate AI transparency?
AAI explainability reports and bias metrics
BAI system availability and downtime metrics
CAI ethical impact and user feedback metrics
DAI model complexity and accuracy metrics
Which of the following is the GREATEST benefit of implementing an AI tool to safeguard sensitive data and prevent unauthorized access?
ATimely initiation of incident response
BReduced number of false positives
CTimely analysis of endpoint activities
DReduced need for data classification
When documenting information about machine learning (ML) models, which of the following artifacts BEST helps enhance stakeholder trust?
AModel card
BModel prototyping
CHyperparameters
DData quality controls
From a risk perspective, which of the following is the MOST important step when implementing an adoption strategy for AI systems?
AEstablishing a comprehensive AI risk assessment framework
BImplementing a robust risk analysis methodology tailored to AI-specific tasks
CConducting an AI risk assessment and updating the enterprise risk register
DBenchmarking against peer organizations' AI risk strategies
Which of the following types of testing can MOST effectively mitigate prompt hacking?
AAdversarial
BInput
CLoad
DRegression
Which of the following BEST describes how supervised learning models help reduce false positives in cybersecurity threat detection?
AThey dynamically generate new labeled data sets.
BThey analyze patterns in data to group legitimate activity from actual threats.
CThey learn from historical labeled data.
DThey use real-time feature engineering to automatically adjust decision boundaries.
Which of the following information is MOST important to include in a centralized AI inventory?
