📘 Free AAISM Sample Questions
An AI research team is developing a natural language processing model that relies on several open-source
libraries. Which of the following is the team's BEST course of action to ensure the integrity of the software
packages used?
A
Maintain a list of frequently used libraries to ensure consistent application in projects.
B
Retrain the model regularly to handle package and library updates.
C
Scan the packages and libraries for malware prior to installation.
D
Use the latest version of all libraries from public repositories.
Correct Answer:
C. Scan the packages and libraries for malware prior to installation.
Explanation:
The team's BEST course of action is to scan packages and libraries for malware prior to installation (C)
because it directly addresses the fundamental concern of software integrity in a proactive and preventative
manner. Software integrity refers to ensuring that the code is free from unauthorized modifications, malicious
injections, or known vulnerabilities. Open-source libraries, while beneficial, are increasingly targets for supply
chain attacks, where malicious code is inserted into legitimate-looking packages, or even legitimate packages
are compromised.
Scanning prior to installation helps detect various threats such as malware, ransomware, cryptominers, and
vulnerabilities (CVEs) that could be present in the downloaded packages. This preventative step is crucial for
preventing malicious code from entering the development environment or, worse, production systems, which
could lead to data breaches, system compromise, or model poisoning in an AI context. This practice aligns
with the principles of DevSecOps, integrating security checks early in the software development lifecycle.
In cloud computing environments, robust security scanning can be automated within CI/CD pipelines. Cloud
providers offer services like container scanning (e.g., AWS ECR, Azure Container Registry, GCP Artifact
Registry) and security posture management tools (e.g., AWS Security Hub, Azure Security Center, GCP
Security Command Center) that integrate vulnerability and malware scanning for dependencies and images.
These tools can analyze package manifests, identify known vulnerabilities using databases, and perform
static analysis on the code.
Authoritative Links for Further Research:
While other options have merit, they do not primarily ensure software integrity. Maintaining a list (A) aids in
governance and consistency but doesn't guarantee the integrity of the listed packages themselves.
Retraining the model (B) is related to model performance and adaptation, not the security of the underlying
software packages. Using the latest versions (D) is generally good practice for receiving security patches, but
it doesn't prevent new, zero-day vulnerabilities or sophisticated supply chain attacks where even a "latest"
version might be compromised or introduce new, undetected issues. Moreover, blindly using the latest version
without vetting can introduce breaking changes or new bugs. Therefore, scanning (C) provides the most direct
and effective protection against integrity threats posed by malicious or vulnerable open-source software
packages.
1. NIST Special Publication 800-204D, Securing Software Supply Chains for Cloud Native
Applications: https://csrc.nist.gov/pubs/sp/800/204d/final
2. OWASP Software Supply Chain Security: https://owasp.org/www-project-software-supply-chain
security/
3. Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) - Supply Chain Management (SCM):
https://cloudsecurityalliance.org/research/artifacts/cloud-controls-matrix/ (Look for sections related
to SCM controls)
An organization plans to apply an AI system to its business, but developers find it difficult to predict system
results due to lack of visibility to the inner workings of the AI model. Which of the following is the GREATEST
challenge associated with this situation?
A
Assigning a risk owner who is responsible for system uptime and performance
B
Continuing operations to meet expected AI security requirements
C
Determining average turnaround time for AI transaction completion
D
Gaining the trust of end users through explainability and transparency
Correct Answer:
D. Gaining the trust of end users through explainability and transparency
Explanation:
The greatest challenge in this situation, where developers struggle to predict AI system results due to a lack
of visibility into its inner workings (a "black box" model), is indeed Gaining the trust of end users through
explainability and transparency.
Here's a detailed justification:
1. Fundamental Problem: The core issue described is the opacity of the AI model. This directly
undermines the ability to explain why the AI makes certain decisions or produces particular outputs.
2. Definition of Explainability (XAI): Explainability, often referred to as eXplainable AI (XAI), is the
ability to communicate the AI's internal mechanisms, decisions, and reasoning in a human
understandable way. Without visibility, achieving XAI is inherently difficult, if not impossible.
3. Impact on Trust: When an AI system's decisions cannot be explained, end users, stakeholders, and
even regulatory bodies lose trust. Imagine an AI recommending a critical medical treatment or
denying a loan without any justification; users will inherently question its reliability and fairness. This
lack of transparency leads to suspicion, skepticism, and a reluctance to adopt or rely on the system.
4. Consequences of Lacking Trust: A lack of user trust can lead to several severe problems:
Low Adoption: If users don't trust the AI, they won't use it, rendering the entire development effort
futile.
raise significant ethical questions about bias, fairness, and accountability.
in the system's integrity.
5. Why it's the GREATEST challenge:
Ethical Concerns: In high-stakes applications (e.g., finance, healthcare, legal), opaque AI systems
Regulatory Compliance: Emerging regulations, such as the EU's AI Act or data privacy laws like
GDPR (with its "right to explanation"), increasingly mandate a degree of explainability for AI systems,
especially those impacting individuals. Non-compliance can result in legal penalties and reputational
damage.
Auditing and Debugging: While the question focuses on end-user trust, the lack of internal visibility also
makes auditing for errors, biases, or security vulnerabilities incredibly difficult, further eroding confidence
While other options like assigning risk owners (A) or determining turnaround time (C) are operational
concerns, they can often be addressed or measured externally even with an opaque system.
Meeting AI security requirements (B) is certainly challenging with black-box models, as identifying
attack vectors or vulnerabilities is harder. However, the inability to build trust can fundamentally
prevent the system's successful deployment and adoption at all, making it a more existential threat
to the AI initiative. An insecure system might be fixed, but a deeply untrusted one will likely be
abandoned.
Cloud computing platforms provide robust tools for AI development and deployment, including
monitoring and MLOps, but they do not inherently solve the intrinsic explainability challenges of
certain complex AI models (e.g., deep neural networks) that lack visibility into their decision-making
processes. The responsibility to design and implement explainable components often falls on the
organization.
In conclusion, an AI system that cannot explain its reasoning, irrespective of its technical prowess, will
struggle to gain widespread acceptance and trust. This fundamental hurdle can undermine the entire purpose
and success of the AI initiative, making it the greatest challenge stemming from the lack of visibility into the
AI model's inner workings.
Authoritative Links for Further Research:
NIST's Explainable AI (XAI):
NIST's AI Risk Management Framework (Sections on Trustworthiness, Explainability)
IBM's perspective on XAI and Trust:
What is explainable AI (XAI)?
Google AI Principles
Google's Responsible AI principles, including explainability:
European Union's AI Act (focused on trustworthy AI and transparency):
European Commission - The EU AI Act
Which of the following is MOST important to consider when validating a third-party AI tool?
A
Terms and conditions
B
Roundtable testing
C
Right to audit
D
. Industry analysis and certifications
Correct Answer:
C. Right to audit
Explanation:
The most important consideration when validating a third-party AI tool is the "Right to audit." This contractual
provision grants an organization the necessary access and authority to independently verify the vendor's
security controls, operational processes, compliance posture, and the inherent characteristics of the AI tool
itself. Given the inherent opaqueness of many AI models and their critical role in decision-making, direct
verification becomes paramount.
AI tools, especially those offered as Software-as-a-Service (SaaS) in cloud environments, often operate as
"black boxes," making it challenging to understand their internal workings, data provenance, potential biases,
and specific security implementations. A robust right to audit allows an organization to delve beyond vendor
covered in generic security certifications.
attestations and certifications, enabling a thorough assessment of the AI model's training data, algorithms,
explainability features, ethical considerations, and resilience against adversarial attacks. This directly
addresses unique AI risks like algorithmic bias, data poisoning, and model drift, which are not typically
In cloud computing, where a shared responsibility model applies, the customer retains significant
accountability for the data and the use of the AI service, even if the underlying infrastructure and software
are managed by the vendor. The right to audit is crucial for fulfilling this responsibility, ensuring that the third
party AI tool's deployment and operation align with the customer's internal security policies and regulatory
obligations. Without this right, an organization cannot adequately assess or demonstrate compliance with
increasingly stringent data privacy regulations (e.g., GDPR, CCPA) or upcoming AI-specific legislation that
mandates transparency and accountability.
While terms and conditions establish the legal framework, and industry certifications provide a baseline, they
do not offer the dynamic, deep, and specific assurance needed for complex AI systems. Roundtable testing is
a valuable validation activity but often lacks the technical depth and continuous oversight that an audit can
provide. Ultimately, the right to audit provides the essential mechanism for actionable oversight, enabling an
organization to proactively manage risks, ensure ethical deployment, and maintain continuous confidence in a
third-party AI solution's integrity and security.
Authoritative Links for Further Research:
now-blog/2023/auditing-ai-what-auditors-need-to-know
intelligence/ai-risk-management-framework
ISACA - Auditing AI: What Auditors Need to Know: https://www.isaca.org/resources/news-and-trends/isaca
NIST - Artificial Intelligence Risk Management Framework (AI RMF 1.0): https://www.nist.gov/artificial
Cloud Security Alliance (CSA) - Cloud Controls Matrix (CCM):
https://cloudsecurityalliance.org/artifacts/cloud-controls-matrix/ (Relevant for understanding cloud audit
domains)
After implementing a third-party generative AI tool, an organization learns about new regulations related to how
organizations use AI. Which of the following would be the BEST justification for the organization to decide not to
comply?
A
The AI tool is widely used within the industry.
B
The AI tool is regularly audited.
C
The risk is within the organization's risk appetite.
D
The cost of noncompliance was not determined.
Correct Answer:
C. The risk is within the organization's risk appetite.
Explanation:
The best justification for an organization to decide not to comply with new AI regulations is C. The risk is
within the organization's risk appetite.
This option represents a deliberate and strategic decision made through a structured risk management
process. An organization's risk appetite defines the level of risk it is willing to accept to achieve its objectives.
When new regulations emerge, a responsible organization conducts a risk assessment to understand the
potential impact of non-compliance (e.g., fines, legal action, reputational damage) versus the cost and effort
of achieving compliance (e.g., reconfiguring the AI tool, retraining staff, altering data pipelines). If, after this
analysis, the organization determines that the consequences of non-compliance fall within its established
tolerance for risk, it might strategically choose not to comply, accepting the identified penalties and impacts.
Generative AI tools are often deployed as cloud-based Software-as-a-Service (SaaS) or Platform-as-a-Service
(PaaS) solutions. While the cloud provider adheres to its own compliance standards for the underlying
infrastructure, the organization using the AI tool remains ultimately responsible for the regulatory compliance
of its use of the tool, its data inputs, and the ethical implications of its outputs. This is a core tenet of the
shared responsibility model in cloud computing; the organization owns the "security in the cloud" related to
data and application-level compliance. Deciding non-compliance indicates the organization is accepting the
regulatory risk associated with its portion of this shared responsibility.
Options A, B, and D are less suitable justifications. A. The AI tool is widely used within the industry is not a
valid reason for non-compliance. Market prevalence does not exempt an organization from specific regulatory
obligations; other users may operate under different rules or also be non-compliant. B. The AI tool is regularly
audited refers to past activities, typically against existing policies or known regulations. It does not address
new regulations and provides no justification for not complying with them. An audit might even reveal areas of
non-compliance if it were to cover the new regulations. D. The cost of noncompliance was not determined
signifies a failure in risk management and due diligence, not a justification. A lack of understanding regarding
potential costs makes any decision to not comply reckless, not justified.
Therefore, only the determination that the inherent risks of non-compliance align with the organization's
predefined risk appetite represents a measured, informed business decision for deliberately choosing not to
comply with new regulations.
Authoritative Links for Further Research:
ISACA – The Risk IT Framework: https://www.isaca.org/resources/isaca-journal/issues/2009/volume-1/the
risk-it-framework (Provides context on enterprise risk management)
NIST AI Risk Management Framework (RMF): https://www.nist.gov/itl/ai-risk-management-framework
(Details how organizations can manage risks associated with AI)
Cloud Security Alliance (CSA) – Shared Responsibility Model: (General concept, specific documentation
varies by cloud provider, e.g., AWS, Azure, GCP. Search "Cloud Security Alliance Shared Responsibility Model"
for broader understanding.) This concept is foundational to understanding an organization's compliance
obligations when using cloud services.
Defining Risk Appetite and Risk Tolerance: (Search "COSO ERM Risk Appetite" or "ISO 31000 Risk Appetite"
for detailed definitions and frameworks from leading bodies.)
Which of the following is the MOST important consideration when deciding how to compose an AI red team?
A
Resource availability
B
. Time-to-market constraints
C
Skills matrix
D
AI use cases
Correct Answer:
C. Skills matrix
Explanation:
The MOST important consideration when deciding how to compose an AI red team is the Skills matrix.
An effective AI red team requires a highly specialized and diverse set of capabilities to identify the complex
and often unique vulnerabilities inherent in artificial intelligence systems. The skills matrix defines the
essential competencies, knowledge, and experience needed across various domains to conduct
comprehensive adversarial testing. This includes deep expertise in machine learning (ML) algorithms, deep
learning architectures, adversarial ML techniques (e.g., data poisoning, model evasion, prompt injection),
explainable AI (XAI), and data science to understand how models function and can be manipulated.
Beyond core AI knowledge, a robust skills matrix must encompass traditional security disciplines like
penetration testing, vulnerability analysis, and secure coding practices, as AI systems often have conventional
software components. Crucially, given that most AI workloads operate in cloud environments, proficiency in
cloud security (e.g., AWS, Azure, GCP IAM, network security, data storage, container security) is
indispensable. The team must understand how cloud-native AI services (like SageMaker, Azure ML, or Vertex
AI) can be exploited or misconfigured.
Ethical AI principles, bias detection, and privacy-enhancing technologies are also critical skills, as AI red
teaming extends beyond technical exploits to uncover societal and ethical risks. While resource availability,
time-to-market constraints, and AI use cases are undoubtedly important, they are secondary to the underlying
capabilities of the team. Without the right skills, even ample resources or a clear understanding of use cases
will lead to superficial testing and missed vulnerabilities. A skilled team can adapt to resource limitations,
prioritize within time constraints, and effectively tailor their approach to specific AI use cases. Therefore,
ensuring the team possesses the necessary multi-disciplinary expertise is foundational to conducting
meaningful and impactful AI red teaming.
Authoritative Links for Further Research:
NIST AI Risk Management Framework (AI RMF): https://www.nist.gov/artificial-intelligence/ai-risk
management-framework (Provides context on managing AI risks, which necessitates skilled red teams).
OWASP Machine Learning Security Top 10: https://ml.owasp.org/ (Highlights specific vulnerabilities requiring
specialized skills to detect and mitigate).
MITRE ATLAS (Adversarial Threat Landscape for Artificial-intelligence Systems): https://atlas.mitre.org/
(Catalogues AI-specific attack techniques, underscoring the need for diverse defensive skills).
Microsoft Responsible AI principles and red teaming: https://www.microsoft.com/en-us/ai/responsible-ai
resources (Often discusses the multi-disciplinary approach to AI security and responsible deployment).
An organization's CIO provided the AI steering committee with a list of AI technologies in use and tasked them with
categorizing the technologies by risk. Which of the following should the committee do FIRST?
A
Begin grouping similar AI products and solutions together.
B
Ensure the AI technologies are included in the asset inventory.
C
Assess risk levels based on risk appetite and regulatory requirements.
D
Identify vulnerabilities related to the technologies in use.
Correct Answer:
B. Ensure the AI technologies are included in the asset inventory.
Explanation:
The very first, foundational step an AI steering committee must take when tasked with categorizing AI
technologies by risk is to ensure these technologies are accurately included in the organization's asset
inventory.
An asset inventory serves as the authoritative source for all IT assets, including critical AI models, data
pipelines, training infrastructure, deployment platforms, and associated services. Without a comprehensive
and up-to-date inventory, the committee lacks complete visibility into what AI technologies are truly in use
across the organization. This absence creates significant blind spots, making it impossible to effectively
manage or assess risk. Uninventoried assets represent "shadow AI," operating outside established
governance, security controls, and management frameworks.
Effective risk management frameworks, such as those prescribed by NIST and ISO 27001, fundamentally
begin with asset identification and management. You cannot protect, categorize, or assess the risk of
something you do not officially know exists and for which you lack basic attributes like ownership, purpose,
data criticality, and deployment environment.
In cloud computing environments, where AI services can be rapidly provisioned and de-provisioned (e.g.,
serverless machine learning, managed AI platforms), maintaining an accurate asset inventory becomes even
more critical due to the dynamic and often ephemeral nature of resources. Cloud-native inventory services
(e.g., AWS Config, Azure Inventory, Google Cloud Asset Inventory) become indispensable tools for tracking
these assets.
Grouping similar AI products (Option A) is a subsequent analytical step that requires a fully identified and
documented set of assets first. Assessing risk levels (Option C) is the ultimate objective, but it cannot be done
accurately or comprehensively without a complete understanding of the scope, which the inventory provides.
Similarly, identifying vulnerabilities (Option D) is a component of risk assessment and depends entirely on
knowing which specific technologies are in use and their detailed configurations, all typically derived from or
linked to the asset inventory.
Therefore, establishing a complete and accurate asset inventory for all AI technologies is the essential
prerequisite for any subsequent risk categorization, assessment, or management activity.
Authoritative Links for Further Research:
1. NIST Special Publication 800-53 Rev. 5, "Security and Privacy Controls for Information Systems
and Organizations" (Control AT-2 Asset Inventory): This document emphasizes the importance of
maintaining an inventory of organizational assets.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf (See control section
related to "Asset Management")
2. ISO/IEC 27001:2022 (Information security, cybersecurity and privacy protection — Information
security management systems — Requirements): This international standard outlines requirements
for establishing, implementing, maintaining, and continually improving an information security
management system, with asset management being a core component.
https://www.iso.org/standard/82875.html (Refer to Annex A controls, particularly A.5.9 and A.5.10
for inventory of information and other associated assets, and acceptable use of information and other
associated assets, respectively)
3. Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) - AEM-01 (Asset Management): The
CSA CCM provides a cybersecurity control framework for cloud computing, highlighting asset
management as a foundational domain.
https://cloudsecurityalliance.org/research/cloud-controls-matrix/ (Look for control related to Asset
Management, typically AEM-01)
A large pharmaceutical company using a new Al solution to develop treatment regimens is concerned about
potential hallucinations with the introduction of real-world data. Which of the following is MOST likely to reduce
this risk?
A
Penetration testing
B
Data asset validation
C
. Human-in-the-loop
D
Al impact analysis
Correct Answer:
C. . Human-in-the-loop
Explanation:
The most likely approach to reduce the risk of AI hallucinations when a pharmaceutical company introduces
real-world data to develop treatment regimens is C. Human-in-the-loop (HITL).
Detailed Justification:
AI hallucinations refer to instances where an AI model generates plausible-sounding but factually incorrect or
nonsensical information. In the high-stakes domain of pharmaceutical treatment regimens, such errors could
have severe patient safety implications. The introduction of real-world data, which is often noisy, incomplete,
biased, or contains novel patterns not extensively seen during initial training, significantly increases the
potential for an AI model to misinterpret information and produce hallucinatory outputs.
Human-in-the-loop (HITL) directly addresses this challenge by integrating human intelligence and domain
expertise into the AI's operational workflow. In this context, medical professionals, pharmacologists, or
clinical experts would review, validate, and potentially correct the treatment regimens proposed by the AI
solution before they are finalized or deployed. This human oversight serves as a critical safety net, catching
erroneous or hallucinated recommendations that the AI might generate due to the complexities of real-world
data.
The HITL process often involves several feedback loops. Humans can:
1. Identify and Correct Hallucinations: Medical experts possess the contextual understanding, ethical
reasoning, and clinical experience to discern between accurate, evidence-based recommendations
and AI-generated fabrications.
2. Provide Labeled Data for Retraining: When an AI's output is corrected, this human feedback can be
used to generate new, accurately labeled data points. This data then helps retrain and fine-tune the
AI model, improving its accuracy and reducing the likelihood of similar hallucinations in the future.
This iterative learning process is crucial for continuous improvement as the AI encounters more
diverse real-world data.
3. Enhance Explainability: Human review can also prompt the AI to provide explanations for its
recommendations, allowing experts to scrutinize the underlying reasoning and identify potential
flaws that lead to hallucinations.
From a cloud computing perspective, HITL systems are increasingly facilitated by cloud platforms. Cloud
services offer the infrastructure for:
for learning or finalization.
process.
Scalable MLOps (Machine Learning Operations): Cloud-based MLOps pipelines can automate model
deployment, monitoring, and orchestration of human review tasks. They enable seamless integration of human
feedback into the model retraining and redeployment cycle.
Workflow Orchestration: Cloud workflow services (e.g., AWS Step Functions, Azure Logic Apps, Google Cloud
Workflows) can manage the hand-off of AI-generated regimens to human reviewers and then back to the AI
Secure Data Handling: Cloud environments provide robust security and compliance features (e.g., HIPAA,
GDPR readiness) essential for handling sensitive patient and pharmaceutical data during the human review
Distributed Human Workforce: Cloud platforms can support globally distributed teams of human annotators
and reviewers, ensuring efficient and timely feedback.
Why other options are less effective for reducing hallucination risk directly:
A. Penetration testing: Focuses on identifying security vulnerabilities and exploitable weaknesses in systems,
networks, and applications. While vital for overall system integrity, it does not directly address the internal
logical errors or factual inaccuracies (hallucinations) generated by an AI model.
B. Data asset validation: Is a crucial prerequisite for reducing hallucinations, as high-quality data input is
fundamental. However, even with validated data, complex AI models, especially those operating with dynamic
real-world inputs, can still generate plausible but incorrect outputs. Data validation addresses the input
quality, whereas HITL directly tackles the output quality and the model's interpretation capabilities. It's a
necessary foundation, but not the ultimate direct mechanism for correction.
D. AI impact analysis: Is a high-level assessment of the potential ethical, societal, legal, and operational
consequences of an AI system. It identifies potential risks like hallucinations but does not provide a concrete,
operational mechanism to detect, mitigate, or correct them in real-time or iteratively within the system's
runtime.
In conclusion, given the critical nature of developing treatment regimens and the inherent unpredictability of
AI models interacting with novel real-world data, Human-in-the-loop is the most direct and effective strategy
for mitigating and reducing the risk of AI hallucinations.
Authoritative Links for Further Research:
1. Google Cloud - Human-in-the-loop AI:
https://cloud.google.com/blog/products/ai-machine-learning/human-in-the-loop-for-ai-what-it-is
and-why-it-matters
2. Microsoft Azure - Human-in-the-Loop for Responsible AI:
discussed within Responsible AI frameworks)
3. AWS - Human-in-the-loop machine learning workflows:
https://learn.microsoft.com/en-us/azure/machine-learning/concept-responsible-ai-principles
https://aws.amazon.com/machine-learning/human-in-the-loop/
4. NIST - AI Risk Management Framework (AI RMF 1.0):
(Often
https://www.nist.gov/itl/ai-risk-management-framework (Provides guidance on managing AI risks,
including quality and safety, where HITL often plays a role).
5. Deloitte - When AI Hallucinates: Confronting the Risks of AI in the Enterprise:
https://www2.deloitte.com/us/en/insights/focus/cognitive-technologies/generative-ai-risk
management-hallucinations.html (While focused on Generative AI, the principles of addressing
hallucinations are relevant).
Which of the following should be the PRIMARY consideration for an organization concerned about liabilities
associated with unforeseen behavior from agentic AI systems?
A
Model dependencies
B
Approved base models
C
Acceptable risk level
D
Accountability model
Correct Answer:
D. Accountability model
Explanation:
When an organization faces potential liabilities from the unforeseen behavior of agentic AI systems, the
Accountability model is the primary consideration. This is because an accountability model fundamentally
establishes who is responsible when an AI system causes harm, makes a critical error, or behaves in an
unpredictable manner. Without a clear framework defining roles, responsibilities, and oversight mechanisms,
it becomes impossible to manage the legal, financial, and reputational risks associated with AI deployment
effectively.
While other factors like model dependencies, approved base models, and acceptable risk levels are crucial
components of a comprehensive AI governance strategy, they are secondary to establishing accountability.
Understanding model dependencies (A) is vital for explainability and risk assessment, but it doesn't assign
liability itself. Approved base models (B) ensure a baseline of security and trustworthiness, yet even an
approved model can exhibit unforeseen emergent behaviors; the question remains who is accountable for
those outcomes. Acceptable risk level (C) defines the organization's risk appetite, but an accountability
model dictates who bears the consequences when that risk materializes or is exceeded.
An effective accountability model clarifies who owns the AI system, who is responsible for its design, testing,
deployment, monitoring, and deactivation, and who is ultimately liable for its actions or inactions. This clarity
enables organizations to trace the root cause of issues, implement corrective actions, and demonstrate due
diligence to regulators and stakeholders. In a cloud computing context, while cloud providers operate under a
shared responsibility model for infrastructure, the customer organization remains accountable for the data,
applications, and ultimately the behavior of the AI systems they deploy on that infrastructure. Establishing an
accountability model ensures that even when utilizing external cloud services for AI development and
deployment, internal responsibility for AI outcomes is clearly delineated and managed, safeguarding the
Authoritative Links for Further Research:
associated with AI, including governance and accountability.
organization from potential legal and ethical repercussions. It forms the bedrock upon which all other risk
mitigation strategies are built.
NIST AI Risk Management Framework (AI RMF): Provides a comprehensive guide for managing risks
https://www.nist.gov/artificial-intelligence/ai-risk-management-framework
European Union AI Act: This proposed regulation heavily emphasizes accountability, transparency, and risk
management for AI systems.
https://artificialintelligenceact.eu/
World Economic Forum - Responsible AI: Discusses governance, ethics, and accountability in AI.
https://www.weforum.org/projects/responsible-ai/
During the creation of a new large language model (LLM), an organization procured training data from multiple
sources. Which of the following is MOST likely to address the CISO's security and privacy concerns?
A
Data minimization
B
. Data augmentation
C
Data classification
D
. Data discovery
Correct Answer:
C. Data classification
Explanation:
Data classification is the most likely answer because it provides the foundational understanding necessary for
a CISO to address security and privacy concerns when ingesting training data from multiple diverse sources
for a new LLM. This critical process involves categorizing data based on its sensitivity, regulatory
requirements, and business impact, allowing for appropriate risk management.
For security, classification enables the CISO to implement granular and commensurate security controls. By
identifying highly sensitive data (e.g., PII, financial records, intellectual property), security teams can apply
stronger encryption, stricter access controls, enhanced monitoring, and robust data loss prevention policies,
significantly reducing the risk of breaches or unauthorized access. It ensures that critical assets receive the
highest level of protection throughout their lifecycle, from ingestion to model training and deployment.
For privacy, classification is indispensable for regulatory compliance. It identifies data subject to specific
privacy regulations such as GDPR, CCPA, or HIPAA, allowing the organization to track, protect, and manage
sensitive personal data effectively. This enables the implementation of strategies like anonymization or
pseudonymization for PII, facilitates responses to data subject access requests, and ensures adherence to
data retention policies. Without knowing what sensitive data is present, compliance becomes nearly
impossible.
When data is procured from multiple sources, classification helps harmonize security and privacy policies
across disparate datasets. It identifies inconsistencies in data handling, potential conflicting contractual
obligations, and ensures a unified approach to data governance, which is crucial for maintaining a strong
security posture and avoiding legal pitfalls.
While other options have merit, they are either precursors or subsequent steps. Data discovery (D) identifies
where data resides and what types it contains, but classification then assigns meaning to that data in terms of
risk and policy. Data minimization (A) is a vital privacy principle, but you must first classify data to know what
data can be minimized or removed without impacting model utility. Data augmentation (B) is a technique for
enhancing a dataset's size and diversity for model performance, not primarily a security or privacy control, and
could even introduce new privacy risks if not managed carefully.
Authoritative Links for Further Research:
In a cloud computing context, data classification tools (e.g., AWS Macie, Azure Purview, GCP Data Loss
Prevention) are often automated and integrated into cloud data lakes and warehouses. These services can
scan, identify, and tag sensitive data at scale, enforcing policies that dictate how data is stored, processed,
and accessed across various cloud services, thereby enabling robust data governance and security
management. This systematic categorization empowers the CISO to make informed decisions regarding data
protection, compliance, and overall risk posture, making it the most fundamental step.
NIST Special Publication 800-171 Rev. 2 - Protecting Controlled Unclassified Information in Nonfederal
Systems and Organizations (Section 3.8 - Media Protection, which includes classification principles):
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r2.pdf (Refer to Section 3.8.3 for data
labeling and marking)
AWS Macie (Data Security and Privacy Service): https://aws.amazon.com/macie/
Azure Purview (Unified Data Governance Service): https://azure.microsoft.com/en-us/products/purview/
Google Cloud Data Loss Prevention (DLP): https://cloud.google.com/dlp
An organization is reviewing an Al application to determine whether it is still needed. Engineers have been asked to
analyze the number of incorrect predictions against the total number of predictions made. Which of the following
is this an example of?
A
. Model validation
B
Control self-assessment (CSA)
C
Explainable decision-making
D
Key performance indicator (KPI)
Correct Answer:
D. Key performance indicator (KPI)
Explanation:
The analysis of incorrect predictions against the total number of predictions made is a quintessential example
of a Key Performance Indicator (KPI). A KPI is a measurable value that demonstrates how effectively an
organization is achieving key business objectives. In the context of an AI application, the ratio of incorrect
predictions to total predictions directly quantifies its operational performance, reliability, and accuracy – all
critical aspects that determine its value and necessity.
This metric, often inversely related to accuracy (e.g., error rate), serves as a direct indicator of whether the AI
model is fulfilling its intended purpose and contributing positively to the organization's goals. If the error rate
is consistently high, it signifies that the application might not be effectively solving the problem it was
designed for, thereby questioning its continued operational relevance. Organizations leverage such KPIs to
monitor the health and performance of AI models in production, a vital component of the AI lifecycle often
Further Research:
facilitated by cloud machine learning platforms like AWS SageMaker, Azure Machine Learning, or Google
Cloud AI Platform, which provide tools for continuous monitoring and alerting based on these metrics.
Unlike model validation, which is typically a pre-deployment or periodic assessment to confirm a model meets
requirements, this scenario describes an ongoing review of an operational application for its continued need.
Explainable decision-making (XAI) focuses on understanding why a model made a specific prediction, rather
than quantifying its overall error rate. Control self-assessment (CSA) is a broader governance technique for
evaluating internal controls, not a specific performance metric of an AI model. Therefore, analyzing incorrect
predictions as a proportion of total predictions directly measures the AI application's effectiveness against its
objectives, making it a clear and actionable KPI for determining its ongoing value and justification.
Key Performance Indicator (KPI): Gartner IT Glossary: Key Performance Indicator (KPI)
AI Model Monitoring & Performance Metrics: Amazon Web Services (AWS) - Monitor Machine Learning
Models
Metrics for Machine Learning: Microsoft Azure - Evaluate machine learning model performance
Questions: 1-10 out of 284
Continue Full Practice..
GET ALL 284 QUESTIONS