CompTIA AI+ AI0-001 (AI0-001) — Questions 901975

1000 questions total · 14pages · All types, answers revealed

Page 12

Page 13 of 14

Page 14
901
MCQmedium

A security analyst is reviewing logs from an AI chatbot and notices that users can trick the chatbot into revealing its system prompt. Which type of attack is this?

A.Jailbreaking
B.Direct prompt injection
C.Model extraction
D.Prompt leaking
AnswerD

Prompt leaking is a specific attack that causes the LLM to reveal its system prompt.

Why this answer

Prompt leaking is a specific type of attack where an adversary manipulates an AI chatbot into revealing its system prompt or other sensitive instructions. In this scenario, the user tricks the chatbot into outputting the system prompt, which is the exact definition of prompt leaking. This differs from general jailbreaking or injection attacks because the goal is to extract the hidden prompt, not to bypass restrictions or execute unauthorized commands.

Exam trap

Cisco often tests the distinction between prompt leaking and direct prompt injection, where candidates mistakenly choose direct prompt injection because they conflate any manipulation of the prompt with injection, but the key differentiator is the specific goal of extracting the system prompt.

How to eliminate wrong answers

Option A is wrong because jailbreaking refers to bypassing the model's safety filters or restrictions to generate prohibited content, not specifically extracting the system prompt. Option B is wrong because direct prompt injection involves inserting malicious instructions into the user input to override the model's behavior, but the primary goal is not to leak the system prompt; it is to execute unauthorized actions. Option C is wrong because model extraction is a technique used to steal the underlying model's architecture, weights, or parameters (e.g., via repeated API queries), not to reveal the system prompt text.

902
Multi-Selectmedium

A deep learning engineer is training a convolutional neural network for image classification. The model is overfitting the training data. Which three techniques can help reduce overfitting? (Choose three.)

Select 3 answers
A.Add dropout layers
B.Apply L2 regularization
C.Use data augmentation
D.Use a smaller learning rate
E.Increase the number of convolutional layers
AnswersA, B, C

Dropout randomly drops units during training, reducing co-adaptation.

Why this answer

Option A is correct because dropout layers randomly deactivate a fraction of neurons during training, which prevents co-adaptation and forces the network to learn more robust features. This reduces overfitting by acting as a form of ensemble learning without increasing model complexity.

Exam trap

Cisco often tests the misconception that reducing the learning rate or increasing model depth can mitigate overfitting, when in fact these adjustments either have no effect on overfitting or worsen it.

903
MCQhard

An organization implements AI governance following the NIST AI Risk Management Framework. They need to ensure that all model decisions are logged with sufficient detail for later audit. Which logging requirement is most critical for traceability?

A.Input data and model name only
B.Source code and training dataset hash
C.Model outputs and confidence scores only
D.Timestamp, input data, output, and model version
AnswerD

These four elements enable full reconstruction and audit of each decision.

Why this answer

Option D is correct because timestamp, input/output data, and model version together provide full traceability for audit. Option A is wrong because logging only outputs and confidence is insufficient without inputs. Option B is wrong because logging only inputs and model name misses version and outputs.

Option C is wrong because code and training data logs are not typically part of inference audit trails.

904
MCQmedium

A company is deploying a text generation model for customer service emails. They want to ensure the model's responses are factual and based on internal knowledge bases. Which technique is most effective?

A.Use Retrieval-Augmented Generation (RAG)
B.Fine-tune the model on historical customer service emails
C.Write a detailed system prompt
D.Set the temperature to 0
AnswerA

RAG retrieves relevant knowledge base content at query time, providing the model with factual context to generate accurate responses.

Why this answer

RAG retrieves relevant documents from the knowledge base at inference time, grounding the model's responses in facts. Prompt engineering alone can't ensure factual accuracy; fine-tuning may still hallucinate; temperature reduction only reduces randomness.

905
Multi-Selecthard

A company is building a secure AI system that must comply with GDPR. They want to allow users to request deletion of their personal data from training sets and model outputs. Which THREE techniques should they implement?

Select 3 answers
A.Model ensembling
B.Differential privacy
C.Data retention and deletion policies
D.Machine unlearning
E.Federated learning
AnswersB, C, D

Differential privacy ensures that the model does not memorize individual data points.

Why this answer

Differential privacy (B) is correct because it adds calibrated noise to training data or model outputs, ensuring that the inclusion or exclusion of any individual's data does not significantly affect the model's behavior. This provides a mathematical guarantee of privacy, which is essential for GDPR compliance when handling personal data. By limiting information leakage, differential privacy helps protect user data even if deletion requests are not fully implemented.

Exam trap

Cisco often tests the misconception that federated learning alone satisfies GDPR deletion requirements, when in fact it only addresses data locality, not the ability to remove a specific user's influence from a trained model.

906
MCQmedium

Refer to the exhibit. The training log shows loss and accuracy for a binary classification model. What is the most likely issue with this model?

A.Overfitting
B.Insufficient epochs
C.Underfitting
D.Data leakage
AnswerA

The divergence between decreasing training loss and increasing validation loss indicates overfitting.

Why this answer

The training log shows that training loss continues to decrease while validation loss increases after a certain point, and training accuracy approaches 100% while validation accuracy plateaus or drops. This divergence is the classic signature of overfitting, where the model memorizes noise in the training data rather than learning generalizable patterns.

Exam trap

Cisco often tests the distinction between overfitting and underfitting by showing a training log where accuracy is high but validation accuracy is low, tricking candidates who only look at final accuracy numbers without comparing the two curves.

How to eliminate wrong answers

Option B is wrong because insufficient epochs would show both training and validation loss still decreasing at the end of training, not a divergence. Option C is wrong because underfitting would show high loss and low accuracy on both training and validation sets, not the high training accuracy seen here. Option D is wrong because data leakage typically causes unusually high performance on both sets that does not degrade, not a gap between training and validation metrics.

907
MCQmedium

A team is training a neural network for image classification. They observe that training loss decreases steadily but validation loss starts increasing after 20 epochs. What is the most likely issue?

A.Underfitting
B.Vanishing gradients
C.Data leakage
D.Overfitting
AnswerD

Correct; the model is fitting noise in training data.

Why this answer

The training loss decreasing while validation loss increases after 20 epochs is the classic signature of overfitting. The model is memorizing the training data (including noise) rather than learning generalizable patterns, causing it to perform poorly on unseen validation data.

Exam trap

Cisco often tests the distinction between overfitting and underfitting by showing a loss curve that decreases then increases, which candidates may misinterpret as a learning rate issue or vanishing gradient problem.

How to eliminate wrong answers

Option A is wrong because underfitting would show both training and validation loss remaining high or not decreasing, not a divergence. Option B is wrong because vanishing gradients cause the network to stop learning early (loss plateaus), not a late-stage validation loss increase. Option C is wrong because data leakage typically causes both training and validation metrics to be artificially high or inconsistent from the start, not a clear divergence after many epochs.

908
MCQhard

A developer is building a RAG system and needs to choose a similarity metric for retrieving document chunks. The embedding model they use produces normalized vectors (unit vectors). Which similarity metric is equivalent to cosine similarity in this case?

A.Jaccard similarity
B.Euclidean distance
C.Manhattan distance
D.Dot product
AnswerD

For unit vectors, dot product equals cosine similarity because ||a|| ||b|| = 1.

Why this answer

For normalized vectors, cosine similarity and dot product are equivalent because the dot product equals the cosine of the angle times the product of magnitudes (which are 1).

909
Multi-Selecteasy

Which THREE are common machine learning algorithms used for regression?

Select 3 answers
A.Logistic regression
B.K-means
C.Linear regression
D.Decision tree
E.K-nearest neighbors
AnswersC, D, E

Correct; linear regression predicts a continuous target.

Why this answer

Linear regression is a fundamental supervised learning algorithm used for regression tasks, where the goal is to predict a continuous numeric output based on one or more input features. It models the relationship between the dependent and independent variables by fitting a linear equation to the observed data, making it a core algorithm for regression problems.

Exam trap

CompTIA often tests the distinction between regression and classification algorithms, and the trap here is that candidates mistakenly associate 'logistic regression' with regression tasks due to its name, when it is actually a classification algorithm.

910
MCQeasy

Which component in a RAG system is responsible for converting document chunks into numerical representations that enable similarity search?

A.Vector store index
B.Document chunker
C.Large language model (LLM)
D.Embedding model
AnswerD

The embedding model converts text chunks into vector embeddings.

Why this answer

An embedding model (or encoder) transforms text into dense vectors. The vector store indexes these vectors, and the LLM generates answers. Chunking is the splitting step.

911
MCQmedium

A team is building a retrieval-augmented generation (RAG) pipeline. They need to store embeddings of company documents and perform fast similarity searches. Which data store is BEST suited for this task?

A.Snowflake
B.Pinecone
C.Apache Kafka
D.Amazon S3
AnswerB

Pinecone is a vector database designed for high-dimensional embeddings and fast similarity search.

Why this answer

Pinecone is a purpose-built vector database designed for storing and querying high-dimensional embeddings with fast approximate nearest neighbor (ANN) search. In a RAG pipeline, embeddings of company documents must be retrieved quickly to feed relevant context to the LLM, and Pinecone’s optimized indexing (e.g., HNSW or IVF) and serverless scaling make it the ideal choice for this task.

Exam trap

The trap here is that candidates may confuse general-purpose storage (like S3 or Snowflake) with specialized vector databases, assuming any database can handle embeddings efficiently, but Cisco tests the understanding that only purpose-built vector stores provide the required ANN search performance for RAG.

How to eliminate wrong answers

Option A is wrong because Snowflake is a cloud data warehouse optimized for SQL-based analytical queries on structured data, not for low-latency vector similarity searches on embeddings. Option C is wrong because Apache Kafka is a distributed event streaming platform for real-time data pipelines and message brokering, not a storage and retrieval system for vector embeddings. Option D is wrong because Amazon S3 is an object storage service for static files and does not natively support vector indexing or similarity search operations.

912
MCQeasy

A developer is building a mobile app that uses a pre-trained image classification model on-device. Which framework should they use to run the model on iOS devices?

A.Hugging Face Transformers
B.TensorFlow Lite
C.PyTorch Mobile
D.Core ML
AnswerD

Core ML is Apple's native framework for on-device ML inference on iOS devices.

Why this answer

Core ML is Apple's framework for on-device machine learning inference on iOS. TensorFlow Lite is for mobile and embedded, but Core ML is native to iOS and optimized.

913
MCQeasy

A company is deploying an AI system that screens job applications. According to the EU AI Act, this system is likely classified as high-risk because it affects employment opportunities. Which requirement must the company implement for high-risk AI systems?

A.A human-in-the-loop mechanism that enables override of the AI's decisions
B.Full transparency by publishing the model's source code and training data
C.Annual third-party audits of the model's energy consumption
D.Obtaining explicit consent from each applicant to process their data
AnswerA

High-risk systems must allow human oversight, including the ability to override or halt automated decisions.

Why this answer

The EU AI Act requires human oversight for high-risk AI systems to allow operators to override or stop the system's decisions when necessary. The other options are not mandated by the Act for high-risk systems.

914
MCQeasy

During a penetration test, a security analyst crafts a prompt that tricks an LLM into revealing its system prompt. Which OWASP LLM Top 10 vulnerability does this exploit?

A.Model denial of service
B.Insecure output handling
C.Prompt injection
D.Sensitive information disclosure
AnswerD

Sensitive information disclosure covers the exposure of system prompts, training data, or other confidential information.

Why this answer

Option D is correct because tricking an LLM into revealing its system prompt directly exposes sensitive configuration details, which is a classic case of sensitive information disclosure. This vulnerability occurs when an attacker uses crafted inputs to bypass the model's intended boundaries and extract internal data that should remain confidential.

Exam trap

The trap here is that candidates see 'prompt injection' as the action and incorrectly choose option C, failing to recognize that the OWASP classification focuses on the resulting vulnerability (information disclosure) rather than the attack vector.

How to eliminate wrong answers

Option A is wrong because model denial of service involves overwhelming the LLM with resource-intensive requests to cause a crash or slowdown, not extracting information. Option B is wrong because insecure output handling refers to failing to sanitize or validate the LLM's outputs before they are used downstream, such as in a web application, not the act of manipulating inputs to leak data. Option C is wrong because prompt injection is the technique used to achieve the exploit, but the vulnerability being exploited is the disclosure of sensitive information, not the injection itself.

915
MCQeasy

Refer to the exhibit. A data engineer is training a binary classification neural network. The loss fluctuates and does not converge. Which hyperparameter adjustment is most likely to stabilize training?

A.Change the activation to tanh
B.Add dropout after each layer
C.Decrease the learning rate
D.Increase the number of units in the first dense layer
AnswerC

Lower learning rate makes updates smaller, reducing oscillations and promoting convergence.

Why this answer

Fluctuating loss that fails to converge during neural network training is a classic sign of an excessively high learning rate, causing the optimizer to overshoot the minimum. Decreasing the learning rate allows the gradient descent updates to take smaller, more stable steps, which smooths the loss curve and promotes convergence.

Exam trap

Cisco often tests the misconception that regularization techniques like dropout or activation changes can fix convergence issues, when in fact the most direct hyperparameter for stabilizing training loss is the learning rate.

How to eliminate wrong answers

Option A is wrong because changing the activation to tanh does not directly address the stability of gradient updates; tanh can help with vanishing gradients in deep networks but does not fix loss oscillation caused by a high learning rate. Option B is wrong because adding dropout is a regularization technique that reduces overfitting by randomly dropping neurons, but it does not stabilize the loss curve during training and may even increase variance in the loss. Option D is wrong because increasing the number of units in the first dense layer increases model capacity and can lead to more complex loss landscapes, potentially exacerbating instability rather than stabilizing training.

916
Multi-Selecthard

A security team is threat modeling an AI-powered recommendation system. Using STRIDE, which THREE threats are MOST relevant to the model's training data pipeline?

Select 3 answers
A.Tampering with training data (data poisoning)
B.Elevation of privilege to access the training pipeline
C.Spoofing of data sources
D.Repudiation of data provenance
E.Information disclosure of training data (model inversion)
AnswersA, B, E

Tampering is a core threat to data integrity; poisoning corrupts the model.

Why this answer

Option A is correct because data poisoning directly targets the integrity of the training data pipeline. In STRIDE, 'Tampering' refers to unauthorized modification of data, and an attacker injecting malicious samples into the training set can cause the recommendation model to learn biased or harmful behaviors. This is a primary threat to AI systems, as the model's outputs are only as trustworthy as its training data.

Exam trap

Cisco often tests the distinction between 'Tampering' (modifying data in transit or at rest) and 'Spoofing' (impersonating a user or source), leading candidates to incorrectly select spoofing when the real threat is data integrity compromise in the pipeline.

917
MCQhard

A researcher is developing a generative AI model that creates realistic images. To comply with emerging transparency obligations, the researcher must ensure that AI-generated content can be identified as such. Which technique embeds a digital identifier directly into the content that survives compression and cropping?

A.Model cards
B.Watermarking AI-generated content
C.Deepfake detection software
D.Disclosure statements in metadata
AnswerB

Watermarking embeds a persistent digital signature into the content, enabling provenance tracking even after transformations.

Why this answer

Watermarking embeds a persistent digital identifier directly into the pixel data of an image, using techniques like spread-spectrum or discrete wavelet transform to survive common transformations such as JPEG compression and cropping. This makes it the correct technique for ensuring AI-generated content remains identifiable even after editing or distribution.

Exam trap

Cisco often tests the distinction between passive metadata (which is fragile) and active content-level embedding (which is resilient), leading candidates to mistakenly choose disclosure statements in metadata because they confuse 'digital identifier' with 'metadata field.'

How to eliminate wrong answers

Option A is wrong because model cards are documentation artifacts that describe a model's intended use, performance, and limitations, not a technique for embedding identifiers into content. Option C is wrong because deepfake detection software analyzes content after the fact to identify manipulation, but does not embed a persistent identifier into the content itself. Option D is wrong because disclosure statements in metadata (e.g., EXIF or XMP fields) are easily stripped or altered during compression, cropping, or re-encoding, and do not survive as robustly as a watermark embedded in the pixel data.

918
Multi-Selecteasy

A company wants to classify images of products into categories. They have a large dataset of labeled images. Which TWO types of neural networks are most suitable for this task? (Select TWO.)

Select 2 answers
A.Generative Adversarial Network (GAN)
B.Convolutional Neural Network (CNN)
C.Recurrent Neural Network (RNN)
D.Transformer (e.g., Vision Transformer)
E.Multi-layer Perceptron (MLP)
AnswersB, D

Specialized for image classification.

Why this answer

Convolutional Neural Networks (CNNs) are the standard architecture for image classification because they use convolutional layers to automatically learn spatial hierarchies of features (edges, textures, shapes) from pixel data. They are highly effective for large labeled image datasets due to their parameter efficiency and translation invariance.

Exam trap

Cisco often tests the misconception that any neural network can handle images, but the trap here is that RNNs and MLPs are technically capable of processing image data yet are fundamentally unsuitable for spatial feature extraction, leading candidates to select them over the correct specialized architectures.

919
Multi-Selecteasy

A company is preparing a dataset for training a supervised machine learning model. The dataset contains missing values, outliers, and categorical features. Which two preprocessing steps are typically performed to prepare the data? (Choose two.)

Select 2 answers
A.Normalize numerical features to a standard range
B.Impute missing values with the mean
C.Encode categorical variables using one-hot encoding
D.Remove all features with low variance
E.Increase the number of features using PCA
AnswersB, C

Imputation handles missing data and is commonly done.

Why this answer

Option B is correct because imputing missing values with the mean is a standard technique to handle incomplete data, ensuring the model can process all records without discarding potentially valuable information. Option C is correct because one-hot encoding converts categorical features into a binary vector representation, which is required by most machine learning algorithms that expect numerical input.

Exam trap

Cisco often tests the distinction between mandatory preprocessing steps (like handling missing values and encoding categories) and optional optimization techniques (like normalization or feature selection), leading candidates to select scaling or PCA as default steps when they are not universally required.

920
MCQmedium

A data scientist is using SHAP to explain a complex ensemble model's predictions. A business stakeholder asks why a particular prediction was made. The data scientist wants to show the most influential features for that single prediction. Which SHAP visualisation is most appropriate?

A.A SHAP summary plot showing mean absolute SHAP values across all features
B.A SHAP dependence plot for the top feature
C.A SHAP bar chart of absolute feature importance
D.A SHAP force plot for the individual prediction
AnswerD

Force plots display the contribution of each feature to a single prediction, ideal for local explanations.

Why this answer

A SHAP force plot is specifically designed to visualize the contribution of each feature to a single prediction, showing how features push the prediction from the base value (average model output) to the final prediction. This makes it the ideal choice for explaining an individual prediction to a business stakeholder, as it provides a clear, localized explanation of feature impacts.

Exam trap

Cisco often tests the distinction between global vs. local interpretability, and the trap here is that candidates confuse summary plots (global) or dependence plots (global) with force plots (local), leading them to choose a globally-focused visualization for a single-prediction explanation.

How to eliminate wrong answers

Option A is wrong because a SHAP summary plot shows global feature importance across all predictions (mean absolute SHAP values), not the contribution of features for a single prediction. Option B is wrong because a SHAP dependence plot shows how the value of a single feature affects the model's output across the dataset, not the feature contributions for a specific prediction. Option C is wrong because a SHAP bar chart of absolute feature importance aggregates feature importance globally, ignoring the direction and magnitude of feature contributions for an individual instance.

921
MCQmedium

A company implements an AI-based chatbot for customer service. After deployment, customers report that the chatbot sometimes uses offensive language. The development team reviews the training data and finds no explicit offensive content. What is the most likely explanation?

A.There is a bug in the deployment pipeline
B.The model is overfitting to rare examples
C.The model learned biased language patterns from the training corpus
D.The training data was poisoned by an attacker
AnswerC

The model may have learned offensive language from context, e.g., associating certain demographics with negative terms.

Why this answer

Option C is correct because the chatbot's offensive language likely stems from biased or toxic patterns present in the training corpus, even if no explicit offensive content was flagged. Large language models learn statistical associations from their training data, and if the corpus contains subtle biases, stereotypes, or indirect toxic language, the model can reproduce these patterns in its responses. This is a well-known issue in AI ethics and governance, where models inadvertently amplify societal biases embedded in the data.

Exam trap

Cisco often tests the distinction between explicit data contamination (poisoning) and implicit bias learned from benign-looking data, so the trap here is assuming that the absence of explicit offensive content in the training data means the model cannot produce offensive output.

How to eliminate wrong answers

Option A is wrong because a deployment pipeline bug would typically cause functional failures (e.g., model not loading, incorrect API calls) or output errors, not the generation of offensive language that is contextually coherent. Option B is wrong because overfitting to rare examples would cause the model to memorize specific training instances, leading to exact or near-exact reproductions of those rare inputs, not the generation of novel offensive language that was not present in the training data. Option D is wrong because data poisoning requires an attacker to deliberately inject malicious samples into the training set, which would likely leave traces of explicit offensive content; the scenario states no explicit offensive content was found, making this less likely than the model learning implicit biases from the existing corpus.

922
MCQhard

A team is building a model to predict stock prices based on time series data. They need to capture long-term dependencies and avoid vanishing gradients. Which architecture is best suited?

A.Standard RNN
B.LSTM
C.Autoencoder
D.CNN
AnswerB

LSTM excels at learning long-term dependencies.

Why this answer

LSTM (Long Short-Term Memory) networks are specifically designed to capture long-term dependencies in sequential data through their gating mechanisms (input, forget, and output gates), which regulate the flow of information and mitigate the vanishing gradient problem that plagues standard RNNs. This makes them ideal for time series forecasting tasks like stock price prediction, where historical context over many time steps is critical.

Exam trap

Cisco often tests the misconception that any recurrent architecture (like a standard RNN) can handle long sequences, when in fact only gated variants like LSTM or GRU are designed to overcome vanishing gradients in practice.

How to eliminate wrong answers

Option A (Standard RNN) is wrong because it suffers from the vanishing gradient problem during backpropagation through time, making it unable to effectively learn long-term dependencies in sequences longer than about 10–20 steps. Option C (Autoencoder) is wrong because it is an unsupervised learning architecture designed for dimensionality reduction or feature learning (e.g., anomaly detection), not for sequential prediction or capturing temporal dependencies. Option D (CNN) is wrong because while CNNs can be used for time series via 1D convolutions, they lack inherent memory mechanisms and are not optimized for capturing long-range temporal dependencies without extensive stacking or dilation, and they do not directly address vanishing gradients in the same way as LSTMs.

923
MCQeasy

A team wants to predict monthly sales using historical data. Which algorithm is most appropriate?

A.Linear regression
B.K-means
C.Decision tree
D.Logistic regression
AnswerA

Correct: Linear regression models the relationship between dependent and independent variables for continuous output.

Why this answer

Linear regression is the most appropriate algorithm because the goal is to predict a continuous numerical value (monthly sales) based on historical data. It models the relationship between input features and the target variable by fitting a linear equation, making it ideal for regression tasks where the output is a real number.

Exam trap

Cisco often tests the distinction between regression and classification algorithms, and the trap here is that candidates may confuse 'regression' in logistic regression with continuous prediction, not realizing it is actually a classification algorithm.

How to eliminate wrong answers

Option B (K-means) is wrong because it is an unsupervised clustering algorithm used to group unlabeled data into clusters, not for predicting continuous values. Option C (Decision tree) is wrong because while it can handle regression, it is more prone to overfitting and less optimal for simple linear relationships compared to linear regression; it is not the most appropriate choice for this straightforward prediction task. Option D (Logistic regression) is wrong because it is designed for binary classification problems, predicting probabilities of discrete outcomes, not continuous numerical values like sales.

924
MCQhard

A team is implementing an ML pipeline using a feature store. Which benefit does a feature store primarily provide in an AI operations context?

A.Automated scaling of inference endpoints
B.Real-time monitoring of model performance
C.Consistency of feature computation between training and inference
D.Automatic model versioning and rollback
AnswerC

Feature store provides a centralized, consistent feature computation pipeline.

Why this answer

A feature store ensures that feature engineering logic is stored, versioned, and reused consistently across both training and inference pipelines. This eliminates training-serving skew, a common cause of model degradation in production, by guaranteeing that the same transformations are applied to data regardless of when or where it is computed.

Exam trap

CompTIA often tests the distinction between infrastructure-level benefits (scaling, monitoring, versioning) and the core data-consistency problem that a feature store solves, leading candidates to confuse feature stores with model registries or serving platforms.

How to eliminate wrong answers

Option A is wrong because automated scaling of inference endpoints is a function of model serving infrastructure (e.g., Kubernetes Horizontal Pod Autoscaler or serverless inference platforms), not a primary benefit of a feature store. Option B is wrong because real-time monitoring of model performance is handled by observability tools (e.g., MLflow, Prometheus, or custom drift detection systems), not by the feature store itself. Option D is wrong because automatic model versioning and rollback is a capability of model registries and CI/CD pipelines (e.g., MLflow Model Registry or DVC), whereas a feature store focuses on feature definitions and values, not model artifacts.

925
MCQhard

A model trained on customer reviews achieves 98% accuracy on the test set. However, when deployed, it performs poorly on real-world data. The data scientist suspects distribution shift. Which action is MOST important to address this?

A.Reduce the learning rate during training
B.Implement a monitoring system to detect data drift and retrain with fresh data
C.Add more features to the model
D.Increase the number of cross-validation folds
AnswerB

Detecting drift and retraining with representative data directly addresses distribution shift.

Why this answer

Option B is correct because distribution shift (data drift) causes the model's training distribution to differ from the real-world distribution, degrading performance despite high test accuracy. Implementing a monitoring system to detect drift and retraining with fresh data directly addresses this by ensuring the model adapts to the current data distribution, which is the most critical action for maintaining performance in production.

Exam trap

Cisco often tests the misconception that high test accuracy guarantees real-world performance, leading candidates to focus on training improvements (like tuning hyperparameters or adding features) rather than addressing the root cause of distribution shift through monitoring and retraining.

How to eliminate wrong answers

Option A is wrong because reducing the learning rate affects the optimization step size during training, which does not address distribution shift after deployment; it only changes how the model converges on the training data. Option C is wrong because adding more features may improve model capacity but does not fix the mismatch between training and real-world distributions; it could even exacerbate overfitting to the original distribution. Option D is wrong because increasing cross-validation folds improves the reliability of performance estimates on the training/validation data but does not detect or correct for distribution shift in the deployed environment.

926
Multi-Selecthard

A deployed NLP sentiment analysis model experiences a sharp decline in accuracy on customer reviews. The team has verified the input data format and pipeline are correct. Which THREE actions should be taken to diagnose and remediate? (Choose 3.)

Select 3 answers
A.Analyze recent user input for distribution shifts compared to training data.
B.Immediately retrain the model with all available data.
C.Increase the size of the training dataset by adding synthetic data.
D.Revert to a previous model version that performed well.
E.Conduct a root cause analysis focusing on concept drift.
AnswersA, D, E

Identifies data drift which is a common cause of degradation.

Why this answer

Option A is correct because a sharp decline in accuracy often stems from data drift, where the distribution of incoming customer reviews differs from the training data. Analyzing recent user input for distribution shifts (e.g., using statistical tests like Kolmogorov-Smirnov or population stability index) directly identifies whether the model is encountering unseen patterns. This is a standard first step in diagnosing model degradation in production NLP systems.

Exam trap

Cisco often tests the distinction between reactive fixes (immediate retraining) and systematic diagnosis (drift analysis and rollback), trapping candidates who assume more data always solves model degradation without verifying the drift type.

927
MCQhard

An AI team is deploying a fine-tuned LLM for a code generation assistant. They need to ensure the model outputs only syntactically valid JSON for integration with downstream systems. Which prompt engineering technique is MOST effective for enforcing structured output?

A.Enable JSON mode in the API call, specifying the desired JSON schema
B.Provide a few-shot example of a valid JSON response in the prompt
C.Include a system prompt that says 'You are a helpful coding assistant.'
D.Use chain-of-thought prompting to have the model reason step-by-step before answering
AnswerA

JSON mode forces the model to output valid JSON, often with schema constraints, ensuring downstream parsability.

Why this answer

JSON mode (or structured output) instructs the model to output valid JSON, often with schema enforcement. Few-shot examples may help but aren't as reliable as a dedicated mode. System prompts set the role but don't enforce syntax.

Chain-of-thought improves reasoning but not format.

928
MCQhard

A security team is threat modeling an AI system that recommends financial products. They want to analyze threats unique to the ML pipeline using STRIDE. Which threat is LEAST applicable to the data collection and preprocessing stage?

A.Tampering with training data
B.Spoofing of data sources
C.Information disclosure via data leakage
D.Denial of Service (DoS)
AnswerD

Correct. DoS typically targets the serving infrastructure, not data collection.

Why this answer

Denial of Service (DoS) is least applicable to the data collection and preprocessing stage because DoS threats typically target the availability of the model serving infrastructure (e.g., API endpoints, inference servers) rather than the static data ingestion pipeline. In the ML pipeline, DoS is more relevant during model deployment and inference, where an attacker could overwhelm the system with requests, not during the collection or preprocessing of training data.

Exam trap

Cisco often tests the candidate's ability to map STRIDE threats to the correct ML pipeline stage, and the trap here is that candidates mistakenly apply DoS to data collection because they think of 'overloading the data pipeline' rather than recognizing that DoS primarily targets the availability of the deployed model service.

How to eliminate wrong answers

Option A is wrong because tampering with training data is a primary threat during data collection and preprocessing, where an attacker could inject malicious samples to poison the model's learning. Option B is wrong because spoofing of data sources is a direct threat at this stage, as an attacker could impersonate a legitimate data feed (e.g., a financial market API) to introduce corrupted or biased data. Option C is wrong because information disclosure via data leakage is a critical concern during preprocessing, where sensitive customer financial data could be inadvertently exposed through improper handling or storage.

929
MCQhard

An AI engineer is designing a system to detect unusual patterns in network traffic that may indicate a security breach. The system should learn from normal traffic patterns and flag deviations. Which machine learning approach is MOST appropriate?

A.Reinforcement learning with reward shaping
B.Supervised classification using logistic regression
C.Semi-supervised learning with a small labeled set
D.Unsupervised anomaly detection
AnswerD

Anomaly detection learns normal patterns from unlabeled data and flags deviations, ideal for unknown attacks.

Why this answer

Unsupervised anomaly detection is the most appropriate approach because the system must learn 'normal' traffic patterns from unlabeled data and then flag deviations without requiring pre-labeled examples of attacks. This aligns with the core requirement of detecting unknown or novel security breaches, which supervised methods cannot handle due to the lack of labeled attack data.

Exam trap

Cisco often tests the misconception that semi-supervised learning (Option C) is a middle ground for anomaly detection, but the trap is that it still requires labeled attack data, which is unavailable for unknown security breaches, making unsupervised methods the only viable choice.

How to eliminate wrong answers

Option A is wrong because reinforcement learning with reward shaping is designed for sequential decision-making problems (e.g., autonomous agents) and is not suited for static pattern detection in network traffic; it would require a reward function for 'normal' behavior, which is impractical for anomaly detection. Option B is wrong because supervised classification using logistic regression requires a fully labeled dataset of both normal and attack traffic, which is unavailable when the goal is to detect unknown or novel breaches. Option C is wrong because semi-supervised learning with a small labeled set still relies on labeled attack examples, which are scarce or nonexistent for novel security threats, and it does not purely model normal behavior like unsupervised methods do.

930
MCQeasy

In the AI project lifecycle, after a model is trained and evaluated, it is deployed to a production environment. What is the NEXT critical step to ensure the model continues to perform well over time?

A.Collect more training data
B.Archive the model and start a new project
C.Monitoring the model's performance and data drift
D.Re-train the model from scratch
AnswerC

Continuous monitoring detects performance degradation, data drift, or concept drift, enabling proactive maintenance.

Why this answer

Monitoring tracks model performance, data drift, and concept drift in production, triggering retraining or alerts when degradation is detected.

931
Multi-Selectmedium

An organization is evaluating a third-party large language model to integrate into their customer-facing application. As part of supply chain security, which THREE steps should they take to vet the model before deployment?

Select 3 answers
A.Conduct security testing, including red teaming, to identify vulnerabilities in the model
B.Use federated learning to retrain the model on internal data
C.Review the model card and documentation for intended use, limitations, and known biases
D.Run a model inversion attack on the model to verify training data privacy
E.Obtain a software bill of materials (SBOM) for AI components to identify dependencies and known vulnerabilities
AnswersA, C, E

Security testing is crucial to uncover vulnerabilities such as prompt injection or data leakage before the model is integrated into production.

Why this answer

Reviewing the model card and documentation, obtaining a software bill of materials (SBOM) for AI components, and performing security testing (red teaming) are key steps for supply chain security. Model inversion is an attack, not a vetting step. Federated learning is a training technique, not a vetting process.

932
Multi-Selecteasy

A security team is auditing an AI system and identifies risks related to the OWASP LLM Top 10. Which TWO risks are directly associated with data handling and privacy? (Select two.)

Select 2 answers
A.Supply chain vulnerabilities
B.Model denial of service
C.Overreliance
D.Training data poisoning
E.Sensitive information disclosure
AnswersD, E

Poisoning corrupts training data, affecting model integrity and potentially injecting backdoors.

Why this answer

Training data poisoning (D) is directly associated with data handling because it involves an attacker corrupting the training dataset to manipulate the model's behavior, which compromises data integrity and privacy. Sensitive information disclosure (E) is directly associated with privacy because it occurs when the model inadvertently reveals confidential data from its training set or user inputs, violating data confidentiality. Both risks are explicitly tied to how data is collected, stored, and processed in the AI lifecycle.

Exam trap

Cisco often tests the distinction between risks that affect data integrity/privacy (like poisoning and disclosure) versus those affecting availability, trust, or supply chain, so candidates mistakenly select overreliance or supply chain vulnerabilities because they seem related to data but are actually about user behavior or third-party dependencies.

933
MCQhard

An AI team is developing a model that approves loan applications. The dataset contains historical loan decisions where a protected group was disproportionately denied loans. The team wants to ensure the model does not perpetuate this bias. Which fairness metric should be used during validation to directly measure whether the model's positive prediction rate is equal across groups?

A.Demographic parity
B.Calibration
C.Individual fairness
D.Equalised odds
AnswerA

Demographic parity ensures equal approval rates across groups, directly addressing the historical bias in approval decisions.

Why this answer

Demographic parity requires the probability of a positive prediction (loan approval) to be equal across groups. This directly addresses the concern of perpetuating historical denial rates. Equalised odds measures error rates, not positive prediction rates.

934
MCQhard

An AI developer is building an agent that can book flights and hotels by calling external APIs. The agent needs to decide which API to call and in what order based on user requests. Which pattern is BEST suited for this multi-step reasoning and tool use?

A.Implement a simple Retrieval-Augmented Generation (RAG) pipeline
B.Fine-tune a model to output API call sequences directly
C.Use function calling with a fixed sequence of API calls
D.Apply the ReAct pattern (Reasoning and Acting)
AnswerD

ReAct interleaves reasoning steps (thinking about what to do next) with actions (calling APIs), enabling dynamic multi-step workflows.

Why this answer

The ReAct pattern (Reasoning + Acting) combines chain-of-thought reasoning with tool use, allowing the agent to plan, call APIs, and incorporate results. Function calling alone doesn't provide multi-step reasoning. Simple RAG is for retrieval, not action.

Fine-tuning doesn't give dynamic tool selection.

935
MCQmedium

An organization wants to use a pre-trained language model from a third party. Which practice is MOST critical to ensure supply chain security for the AI component?

A.Vetting the pre-trained model for backdoors, data lineage, and provenance
B.Reviewing the model's software bill of materials (SBOM)
C.Implementing rate limiting on API calls to the model
D.Performing model inversion defense
AnswerA

Comprehensive vetting addresses risks like backdoors and poisoned training data.

Why this answer

Option A is correct because vetting the pre-trained model for backdoors, data lineage, and provenance directly addresses supply chain risks by verifying the model's integrity, origin, and training data. This practice ensures the model has not been tampered with or poisoned during development or distribution, which is critical for AI supply chain security.

Exam trap

Cisco often tests the distinction between general software supply chain practices (like SBOM) and AI-specific supply chain risks (like model backdoors and data poisoning), leading candidates to mistakenly choose SBOM review as the most critical practice.

How to eliminate wrong answers

Option B is wrong because reviewing the software bill of materials (SBOM) is important for traditional software supply chain security but does not specifically address AI model risks like backdoors or poisoned training data. Option C is wrong because implementing rate limiting on API calls is a runtime operational control to prevent abuse or denial of service, not a supply chain security practice. Option D is wrong because performing model inversion defense is a privacy protection technique to prevent extraction of training data, not a supply chain security measure for vetting third-party models.

936
MCQmedium

A company wants to build a customer service chatbot that answers questions about their internal policy documents. The documents are updated monthly, and the team cannot afford to retrain a model each time. Which approach is MOST appropriate?

A.Fine-tune a base LLM on the policy documents monthly
B.Train a custom model from scratch on the policy documents each month
C.Use a larger foundation model with a longer context window and paste all documents into each prompt
D.Use Retrieval-Augmented Generation (RAG) with the policy documents indexed in a vector store
AnswerD

RAG retrieves relevant document chunks at query time, ensuring the chatbot always answers from the latest uploaded documents without any model retraining.

Why this answer

RAG (Retrieval-Augmented Generation) allows the LLM to retrieve relevant document sections at inference time, so knowledge stays current without retraining. The other options either require expensive retraining for each update or lack document grounding.

937
MCQmedium

A company deployed a chatbot using a pre-trained language model. Users report that the chatbot provides incorrect answers to domain-specific questions. Which approach should the AI team prioritize to improve accuracy without retraining the entire model?

A.Fine-tune the model on a curated dataset of domain-specific conversations.
B.Increase the temperature parameter to reduce randomness.
C.Collect more general training data and retrain the model from scratch.
D.Roll back to a previous version of the model that was more accurate.
AnswerA

Fine-tuning adapts the model to the domain with less data and compute.

Why this answer

Fine-tuning on a curated domain-specific dataset is the most efficient way to improve accuracy for specialized queries without retraining the entire model. It adjusts the model's weights using a smaller, targeted dataset, preserving general language understanding while adapting to domain terminology and context.

Exam trap

CompTIA often tests the misconception that increasing temperature reduces randomness (when it actually increases it) or that rolling back to an older version is a valid fix for new domain-specific issues, leading candidates to choose B or D instead of recognizing fine-tuning as the targeted, efficient solution.

How to eliminate wrong answers

Option B is wrong because increasing the temperature parameter increases randomness in token selection, which would make answers less deterministic and more likely to be incorrect, not more accurate. Option C is wrong because collecting more general training data and retraining from scratch is resource-intensive, time-consuming, and contradicts the requirement to avoid retraining the entire model. Option D is wrong because rolling back to a previous version does not address the domain-specific inaccuracies; the older model likely lacks the specialized knowledge needed and may have its own deficiencies.

938
Multi-Selecteasy

Which TWO of the following are essential components of a responsible AI governance framework?

Select 2 answers
A.Assignment of a responsible owner for each AI system's outcomes
B.Using ensemble methods to reduce overfitting
C.Clear documentation of model development and decision-making processes
D.Automated hyperparameter tuning to improve accuracy
E.Deploying models on dedicated hardware to reduce latency
AnswersA, C

Accountability is a fundamental governance requirement.

Why this answer

Option A is correct because assigning a responsible owner for each AI system's outcomes ensures accountability, which is a core principle of AI governance. This owner is typically a designated individual or team that oversees the system's lifecycle, including monitoring for bias, compliance with regulations, and handling incidents. Without clear ownership, there is no single point of contact for ethical or legal issues, making governance ineffective.

Exam trap

Cisco often tests the distinction between technical implementation details (like ensemble methods or hyperparameter tuning) and governance framework components, so candidates mistakenly select options that improve model performance rather than those ensuring accountability and transparency.

939
MCQeasy

A startup wants to identify unusual patterns in network traffic to detect potential security breaches. They have a large dataset of normal traffic but very few labeled attacks. Which machine learning approach is MOST suitable?

A.Supervised classification with logistic regression
B.Unsupervised anomaly detection
C.Reinforcement learning
D.Semi-supervised learning
AnswerB

Unsupervised anomaly detection can find deviations from normal traffic without needing labeled attack data.

Why this answer

Unsupervised anomaly detection is the most suitable approach because the startup has a large dataset of normal traffic but very few labeled attacks. This technique learns the baseline of normal behavior from unlabeled data and flags deviations as potential anomalies, which is ideal for detecting unknown or rare attack patterns without requiring labeled attack samples.

Exam trap

Cisco often tests the misconception that semi-supervised learning is the best choice when labeled data is scarce, but the key distinction is that semi-supervised learning still requires a meaningful amount of labeled data for the target class, whereas unsupervised anomaly detection works with zero labeled attacks.

How to eliminate wrong answers

Option A is wrong because supervised classification with logistic regression requires a large, balanced set of labeled attack and normal traffic data to train effectively, which the startup lacks. Option C is wrong because reinforcement learning is designed for sequential decision-making problems (e.g., autonomous agents) and is not suited for static pattern detection in network traffic. Option D is wrong because semi-supervised learning still requires at least some labeled attack data to guide the model, and the startup has very few labeled attacks, making it less effective than pure unsupervised anomaly detection.

940
MCQeasy

An AI system that can perform any intellectual task that a human being can is referred to as:

A.Machine learning
B.Artificial General Intelligence (AGI)
C.Narrow AI
D.Deep learning
AnswerB

AGI is the hypothetical ability of an AI to perform any intellectual task a human can.

Why this answer

Artificial General Intelligence (AGI) is the concept of a machine that understands or learns any intellectual task that a human being can.

941
MCQmedium

An AI system is being deployed to detect deepfakes in video content. To comply with transparency obligations, what should the company implement?

A.A system to automatically block all deepfake content
B.A visible or invisible watermark on AI-generated videos
C.A process to report deepfake content to law enforcement
D.Encryption of the video files to prevent tampering
AnswerB

Watermarking is a common transparency measure to indicate that content is AI-generated.

Why this answer

Transparency obligations under AI governance frameworks (e.g., EU AI Act) require clear disclosure when content is AI-generated. A visible or invisible watermark directly informs viewers that the video is synthetic, fulfilling this requirement without over-blocking legitimate content. Option B is correct because it provides a verifiable, non-disruptive method of labeling AI-generated media.

Exam trap

Cisco often tests the distinction between transparency (disclosure) and security (blocking, encryption, reporting), leading candidates to confuse a governance obligation with a technical control like blocking or encryption.

How to eliminate wrong answers

Option A is wrong because automatically blocking all deepfake content would violate freedom of expression and could suppress legitimate AI-generated art, satire, or educational material; transparency does not mandate censorship. Option C is wrong because reporting to law enforcement is a reactive, post-hoc measure that does not satisfy the proactive transparency obligation to label content at the point of consumption. Option D is wrong because encryption protects integrity and confidentiality but does not disclose the synthetic origin of the content to viewers, thus failing the transparency requirement.

942
Multi-Selecthard

Which THREE of the following are best practices for preventing overfitting in deep learning models?

Select 3 answers
A.L2 regularization
B.Increasing the number of layers
C.Dropout
D.Using a larger batch size
E.Data augmentation
AnswersA, C, E

L2 adds penalty on weights, keeping them small and reducing overfitting.

Why this answer

L2 regularization (also known as weight decay) adds a penalty term proportional to the square of the weight magnitudes to the loss function. This discourages the model from learning overly complex patterns by forcing weights to remain small, which reduces variance and helps prevent overfitting. It is a standard technique in deep learning frameworks like TensorFlow and PyTorch, where it is implemented via the `kernel_regularizer` or `weight_decay` parameter.

Exam trap

Cisco often tests the misconception that increasing model complexity (e.g., more layers) or adjusting batch size are regularization techniques, when in fact they either worsen overfitting or serve different purposes like optimization speed.

943
MCQeasy

Which AI accelerator is specifically designed by Google to accelerate the training and inference of large neural networks, especially in their cloud environment?

A.GPU
B.NPU
C.TPU
D.FPGA
AnswerC

TPUs are Google's custom chips for ML workloads.

Why this answer

The Tensor Processing Unit (TPU) is Google's custom-designed ASIC specifically built to accelerate the training and inference of large neural networks. Unlike general-purpose hardware, TPUs are optimized for TensorFlow workloads and are a core component of Google Cloud's AI infrastructure, offering high throughput for matrix operations common in deep learning.

Exam trap

Cisco often tests the distinction between custom-designed accelerators (like TPU) and general-purpose or reconfigurable hardware (like GPU, NPU, FPGA), expecting candidates to know that TPU is Google's proprietary solution for neural network acceleration in their cloud.

How to eliminate wrong answers

Option A is wrong because GPUs (Graphics Processing Units) are general-purpose parallel processors designed for graphics and compute, not specifically by Google for neural network acceleration in their cloud; they are widely used but not Google's custom accelerator. Option B is wrong because NPU (Neural Processing Unit) is a generic term for processors designed to accelerate neural networks, but it is not a specific Google-designed chip; Google's custom accelerator is the TPU. Option D is wrong because FPGAs (Field-Programmable Gate Arrays) are reconfigurable hardware that can be programmed for various tasks, but they are not specifically designed by Google for neural network training and inference in their cloud environment; Google uses TPUs for that purpose.

944
MCQmedium

A healthcare organization uses an AI model to predict patient readmission risk. To comply with patient privacy regulations, they apply differential privacy during training. What is the primary trade-off of using differential privacy?

A.Increased training time for reduced bias
B.Lower interpretability for higher fairness
C.Faster inference for lower memory usage
D.Reduced model accuracy for increased privacy
AnswerD

Noise injection lowers accuracy but bounds privacy loss.

Why this answer

Differential privacy works by adding calibrated noise to the training process or model outputs, which directly reduces the model's accuracy in exchange for a quantifiable privacy guarantee (e.g., ε-differential privacy). This trade-off is fundamental: stronger privacy (lower ε) requires more noise, which degrades predictive performance. The healthcare organization must balance the need to protect patient data against the clinical utility of accurate readmission predictions.

Exam trap

Cisco often tests the misconception that differential privacy primarily reduces bias or improves fairness, when in fact its core trade-off is accuracy for privacy, and fairness can be negatively impacted by the added noise.

How to eliminate wrong answers

Option A is wrong because differential privacy does not primarily target bias reduction; it addresses privacy, and increased training time is a secondary implementation cost, not the primary trade-off. Option B is wrong because differential privacy does not inherently lower interpretability or increase fairness; it may even reduce fairness if noise disproportionately affects minority subgroups, and interpretability is a separate concern. Option C is wrong because differential privacy does not improve inference speed or reduce memory usage; it typically adds computational overhead during training and does not affect inference latency or memory footprint.

945
MCQhard

A research team is training a deep neural network for image classification. The training loss decreases rapidly for the first few epochs but then plateaus, while validation loss starts to increase after epoch 10. Which action would best address this issue?

A.Reduce the batch size to introduce more noise during training.
B.Increase the learning rate to help the model escape the plateau.
C.Implement early stopping based on validation loss to prevent further overfitting.
D.Add more convolutional layers to increase model capacity.
AnswerC

Early stopping stops training before overfitting worsens.

Why this answer

The training loss decreasing rapidly then plateauing while validation loss increases after epoch 10 is a classic sign of overfitting. Early stopping monitors validation loss and halts training when it begins to rise, preventing the model from memorizing noise in the training data. This directly addresses the overfitting issue without requiring architectural or hyperparameter changes that could destabilize training.

Exam trap

CompTIA often tests the misconception that plateauing training loss always requires adjusting learning rate or batch size, when in fact the simultaneous rise in validation loss is the definitive indicator of overfitting that early stopping is designed to solve.

How to eliminate wrong answers

Option A is wrong because reducing batch size increases gradient noise, which can actually worsen overfitting by preventing the model from converging to a stable minimum and may amplify validation loss increases. Option B is wrong because increasing the learning rate when validation loss is already rising risks overshooting the optimal weights, causing divergence or even higher validation loss. Option D is wrong because adding more convolutional layers increases model capacity, which exacerbates overfitting by giving the model more parameters to memorize training data rather than generalizing.

946
Multi-Selectmedium

A company is developing an AI-driven recruitment tool. To comply with the EU AI Act's high-risk requirements, which TWO of the following are mandatory obligations?

Select 2 answers
A.Publish the model's source code publicly
B.Conduct a data protection impact assessment (DPIA)
C.Disclose to users that they are interacting with an AI system
D.Maintain technical documentation and risk management
E.Ensure human oversight of the AI system
AnswersD, E

Technical documentation and risk management are mandatory for high-risk systems.

Why this answer

High-risk AI systems under the EU AI Act must implement human oversight mechanisms and maintain a technical documentation and risk management system. Transparency disclosure is required, but not necessarily to users in all cases (it depends on context). The other options are not mandatory for all high-risk systems.

947
Multi-Selectmedium

An AI team is evaluating whether to use AI for a customer segmentation task. They have a dataset of customer demographics and purchase history. Which TWO conditions would make AI a better choice than a traditional rule-based approach? (Select two.)

Select 2 answers
A.The segmentation criteria are well-understood and can be expressed in simple if-then rules
B.The data contains complex, non-linear patterns that are not easily captured by rules
C.The business requires the model to adapt automatically as new customer data arrives
D.The segmentation must be fully explainable to regulators
E.The team has no access to labeled data
AnswersB, C

Why this answer

Option B is correct because AI techniques like neural networks or gradient-boosted trees excel at capturing complex, non-linear interactions in high-dimensional data (e.g., purchase sequences combined with demographics) that rule-based systems cannot express without an explosion of brittle, hand-crafted conditions. This makes AI the better choice when the underlying patterns are not linearly separable or easily codified as if-then logic.

Exam trap

Cisco often tests the misconception that AI is always superior to rule-based systems, but the trap here is that candidates overlook the specific constraints of explainability (Option D) and data requirements (Option E) that make rule-based approaches more appropriate in those contexts.

948
MCQhard

A financial institution uses a machine learning model to approve loan applications. The model was trained on historical data that inadvertently encoded a bias against applicants from certain zip codes, leading to discriminatory lending practices. A recent audit reveals that the model's decisions are unfair, and regulators require the bank to remediate the bias without significantly reducing overall approval accuracy. The data science team has access to the training data, the model, and a set of fairness metrics. They also have a small, unbiased validation set. Which course of action should the team take to satisfy regulatory requirements?

A.Remove the zip code feature from the model and retrain
B.Implement adversarial debiasing using the unbiased validation set to enforce fairness constraints
C.Increase the weight of samples from disadvantaged zip codes in the training data
D.Retrain the model using only the unbiased validation set
AnswerB

Adversarial debiasing directly optimizes for fairness and accuracy.

Why this answer

Adversarial debiasing directly addresses the bias encoded in the model by training a predictor and an adversary simultaneously. The adversary tries to predict the protected attribute (e.g., zip code) from the model's predictions, while the predictor is penalized for allowing such inference, enforcing fairness constraints. Using the unbiased validation set ensures the debiasing process is guided by ground truth labels that are free from historical bias, allowing the model to retain high accuracy while reducing discrimination.

Exam trap

CompTIA often tests the misconception that removing a sensitive feature (like zip code) is sufficient to eliminate bias, but the trap is that models can learn proxy features, so a more sophisticated debiasing technique like adversarial debiasing is required.

How to eliminate wrong answers

Option A is wrong because simply removing the zip code feature does not eliminate bias; the model can still learn proxy features (e.g., income, loan amount) that correlate with zip code, leading to continued discriminatory outcomes. Option C is wrong because increasing sample weights for disadvantaged zip codes may overcorrect and reduce overall accuracy, and it does not directly enforce a fairness constraint; it can also introduce new biases if the weighting is not carefully tuned. Option D is wrong because retraining on only the small unbiased validation set would likely lead to severe overfitting and poor generalization, as the dataset is too small to capture the full distribution of loan applications, significantly reducing approval accuracy.

949
Multi-Selecthard

A machine learning engineer is deploying a production model that requires strict monitoring. Which TWO monitoring strategies should be implemented to detect data drift and model degradation? (Choose TWO.)

Select 2 answers
A.Logging all input data for manual review
B.Monitoring prediction confidence scores over time
C.Monitoring the distribution of model predictions
D.Monitoring input feature distribution (e.g., via PSI)
E.Retraining the model weekly as a routine
AnswersC, D

Shifts in prediction distribution can signal model decay or data drift.

Why this answer

Tracking prediction distribution shifts and monitoring feature distribution over time help detect drift and degradation.

950
MCQhard

An AI system used for resume screening is found to consistently reject female candidates for technical roles. The data science team retrains the model after removing the 'gender' feature, but the bias persists. What is the most likely cause?

A.The model architecture is too complex
B.The model uses proxy variables that correlate with gender
C.The training data still contains historical hiring bias
D.The evaluation metric does not measure fairness
AnswerB

Features like 'years of experience gaps' or 'extracurricular activities' may correlate with gender and perpetuate bias.

Why this answer

Even after removing the explicit 'gender' feature, the model can still learn biased patterns from proxy variables that correlate strongly with gender, such as years of experience (which may be lower for women due to career breaks), educational institutions attended, or even hobbies listed on resumes. These proxies act as surrogates for the protected attribute, allowing the model to effectively discriminate despite the feature being removed. This is a well-known phenomenon in algorithmic fairness called 'redundant encoding' or 'proxy discrimination.'

Exam trap

Cisco often tests the concept that simply removing a protected attribute is insufficient to eliminate bias, because proxy variables can act as surrogates, and candidates mistakenly think retraining on the same data without the feature will solve the problem.

How to eliminate wrong answers

Option A is wrong because model complexity does not inherently cause bias; a complex model may overfit but that does not explain persistent gender bias after removing the gender feature. Option C is wrong because while historical hiring bias in training data can contribute to bias, the question states the bias persists after retraining, implying the root cause is not simply the data but the model's use of proxy features that encode the same bias. Option D is wrong because the evaluation metric not measuring fairness is a detection issue, not the root cause of the bias persisting; the bias would still exist even if a fairness metric were used.

951
MCQmedium

A company is developing a chatbot that helps users write code. They are concerned about the chatbot being used to generate malicious code. Which defense should they implement to reduce this risk?

A.Output filtering and guardrails to detect malicious code patterns
B.Input validation to block special characters
C.Data poisoning prevention during training
D.Red teaming the model before deployment
AnswerA

Output filtering can prevent the chatbot from returning harmful code.

Why this answer

Output filtering and guardrails can detect and block malicious code generation. Input validation helps but the risk is in the output. Red teaming is testing, and data poisoning is a different attack vector.

952
MCQmedium

A team is implementing a RAG system for legal document retrieval. The documents are long and cover multiple topics. Which chunking strategy is MOST appropriate to ensure each chunk contains coherent information?

A.Hierarchical chunking with overlapping windows
B.Semantic chunking based on topic boundaries
C.Fixed-size chunking with 512 tokens
D.Character-level chunking with no overlap
AnswerB

Semantic chunking preserves coherent blocks of text (e.g., paragraphs or sections), improving retrieval and downstream generation accuracy.

Why this answer

Semantic chunking based on topic boundaries is the most appropriate strategy because legal documents are long and cover multiple topics. By splitting at natural topic shifts (e.g., clauses, sections, or argument transitions), each chunk preserves coherent meaning, which is critical for accurate retrieval and generation in a RAG system. This approach avoids mixing unrelated content within a single chunk, which would degrade the quality of retrieved context.

Exam trap

Cisco often tests the misconception that fixed-size token chunking is always optimal for simplicity, but in domain-specific RAG systems with long, multi-topic documents, semantic boundaries are essential to maintain chunk coherence and retrieval accuracy.

How to eliminate wrong answers

Option A is wrong because hierarchical chunking with overlapping windows adds complexity and redundancy without guaranteeing topic coherence; overlapping windows can introduce duplicate or fragmented information across chunks, which is inefficient for retrieval. Option C is wrong because fixed-size chunking with 512 tokens ignores semantic boundaries, often splitting a single legal argument or clause across two chunks, leading to incomplete or misleading context for the LLM. Option D is wrong because character-level chunking with no overlap destroys all semantic structure, producing arbitrary fragments that are useless for coherent retrieval and generation.

953
Multi-Selecthard

An organisation is deploying a fine-tuned LLM for internal use. They need to ensure the API endpoint is secure and cost-effective. Which TWO measures should they implement? (Choose 2)

Select 2 answers
A.Implement API key authentication
B.Enable content filtering
C.Disable logging to reduce storage costs
D.Apply rate limiting per user
E.Use gRPC instead of REST
AnswersA, D

API keys restrict access to authorised clients.

Why this answer

API key authentication (Option A) is a fundamental security measure that ensures only authorized clients can access the LLM endpoint. It provides a simple, lightweight mechanism to validate requests without the overhead of full OAuth, making it both secure and cost-effective for internal deployments.

Exam trap

Cisco often tests the distinction between security measures (authentication, rate limiting) and non-security features (content filtering, protocol choice), leading candidates to mistakenly select content filtering or gRPC as security controls.

954
MCQmedium

A retail company wants to implement a recommendation system using collaborative filtering. The dataset contains user-item interactions (ratings) for 10,000 users and 5,000 products. The matrix is very sparse (99% missing values). The team plans to use matrix factorization to predict missing ratings. However, the training time is excessively long, and the model is not converging. The data engineer suggests using a smaller learning rate and more iterations. Which additional technique should the team apply to speed up training and improve convergence?

A.Add L2 regularization to the loss function
B.Increase the minibatch size
C.Reduce the number of latent factors
D.Switch to the Adam optimizer
AnswerA

Regularization prevents overfitting and improves convergence by penalizing large weights.

Why this answer

The correct answer is A because adding L2 regularization to the loss function helps prevent overfitting and improves convergence in matrix factorization, especially with extremely sparse data (99% missing). Regularization penalizes large latent factor weights, which stabilizes the optimization process and allows the model to generalize better, reducing the risk of divergence during training.

Exam trap

CompTIA often tests the misconception that adaptive optimizers like Adam are a universal fix for convergence issues, but in sparse matrix factorization, L2 regularization is a more direct solution to the overfitting and instability that cause non-convergence.

How to eliminate wrong answers

Option B is wrong because increasing minibatch size typically speeds up training per iteration but can lead to slower convergence and may not address the core issue of non-convergence due to overfitting or ill-conditioned gradients. Option C is wrong because reducing the number of latent factors reduces model capacity and can cause underfitting, but it does not directly fix convergence problems; in fact, it may worsen the model's ability to capture patterns in sparse data. Option D is wrong because switching to the Adam optimizer can help with convergence in many cases, but the question asks for an additional technique beyond the suggested smaller learning rate and more iterations; Adam adapts learning rates per parameter but does not inherently address the overfitting and stability issues caused by extreme sparsity, whereas L2 regularization directly mitigates those.

955
Multi-Selectmedium

A data scientist is using LIME to explain a black-box model. Which TWO characteristics of LIME are true?

Select 2 answers
A.It provides a measure of model confidence in its prediction
B.It requires access to the model's internal parameters
C.It provides a global ranking of feature importance across the entire dataset
D.It creates an interpretable surrogate model locally around a prediction
E.It can be used with any machine learning model
AnswersD, E

LIME generates a simple model that approximates the black-box model near the instance being explained.

Why this answer

LIME (Local Interpretable Model-agnostic Explanations) creates local surrogate models to explain individual predictions. It does not provide global feature importance or an inherent measure of model confidence.

956
MCQhard

A national security agency uses AI to analyze surveillance data for threat detection. The system is deployed in a high-stakes environment where false negatives could lead to missed threats, and false positives waste analyst time. Recently, a known hacker group attempted to evade detection by subtly modifying their communication patterns over time, a form of adversarial evasion. The agency wants to harden the system while maintaining performance. The system uses a deep neural network. Which mitigation strategy is most appropriate?

A.Switch to an unsupervised learning approach to detect anomalies
B.Simplify the model to a logistic regression to reduce the attack surface
C.Perform adversarial training using the hacker group's known evasion patterns
D.Add random noise to all input data to confuse evasion attempts
AnswerC

Adversarial training directly hardens the model against those patterns.

Why this answer

Adversarial training is the most appropriate mitigation because it directly incorporates known evasion patterns into the training process, making the deep neural network robust to the hacker group's subtle modifications. By retraining the model on adversarial examples, the decision boundary is hardened against these specific attacks without sacrificing overall detection performance. This approach is a standard defense in high-stakes security AI, balancing false positive and false negative rates while countering adversarial evasion.

Exam trap

Cisco often tests the misconception that simplifying a model (e.g., to logistic regression) reduces attack surface, but in adversarial evasion, simpler models are actually more vulnerable because they lack the capacity to learn robust decision boundaries against crafted perturbations.

How to eliminate wrong answers

Option A is wrong because switching to unsupervised anomaly detection does not inherently defend against adversarial evasion; it may still be fooled by subtly modified patterns and often increases false positives due to lack of labeled threat data. Option B is wrong because simplifying to logistic regression reduces model capacity, making it less able to learn complex threat patterns and more susceptible to evasion, not less. Option D is wrong because adding random noise to input data degrades signal quality, increasing both false positives and false negatives, and does not target the specific evasion patterns used by the hacker group.

957
MCQhard

During a red-team exercise on an AI model, testers successfully extracted training data. Which vulnerability is this?

A.Membership inference
B.Model inversion
C.Adversarial example
D.Data poisoning
AnswerB

Model inversion reconstructs training data.

Why this answer

Model inversion attacks allow an adversary to reconstruct training data by exploiting the model's learned representations. In this scenario, the testers successfully extracted training data, which is the hallmark of a model inversion attack, not just inferring membership.

Exam trap

Cisco often tests the distinction between 'extracting data' (model inversion) and 'inferring presence' (membership inference), so candidates mistakenly choose membership inference when the question explicitly states data was extracted.

How to eliminate wrong answers

Option A is wrong because membership inference only determines whether a specific data point was part of the training set, not extract the actual data. Option C is wrong because adversarial examples involve crafting inputs to cause misclassification, not extracting training data. Option D is wrong because data poisoning involves corrupting the training data to manipulate model behavior, not extracting existing training data.

958
MCQmedium

A data scientist needs to train a deep learning model on a large image dataset. Which hardware is most suitable for parallel matrix operations and faster training compared to a CPU?

A.GPU with thousands of CUDA cores
B.TPU designed for TensorFlow
C.CPU with high clock speed
D.FPGA for reconfigurable logic
AnswerA

GPUs excel at parallel matrix multiplications, drastically reducing training time for deep learning models.

Why this answer

A GPU with thousands of CUDA cores is the most suitable hardware for parallel matrix operations because deep learning training involves massive matrix multiplications and tensor operations that can be decomposed into thousands of independent threads. CUDA cores execute these threads in a massively parallel SIMT (Single Instruction, Multiple Thread) fashion, achieving significantly higher throughput than a CPU for such workloads, which leads to faster training times.

Exam trap

Cisco often tests the misconception that a TPU is always the best choice for deep learning, but the trap here is that the question specifies 'parallel matrix operations' and 'faster training compared to a CPU' without limiting the framework to TensorFlow, making the GPU the most universally suitable and correct answer.

How to eliminate wrong answers

Option B is wrong because a TPU is a custom ASIC designed specifically for TensorFlow workloads, but the question asks for the most suitable hardware for parallel matrix operations in general, and GPUs are more widely supported across deep learning frameworks (PyTorch, TensorFlow, etc.) and offer greater flexibility for various model architectures. Option C is wrong because a CPU with high clock speed excels at sequential, latency-sensitive tasks but has a limited number of cores (typically 8–64) compared to a GPU's thousands of cores, making it inefficient for the massive parallelism required in deep learning training. Option D is wrong because an FPGA offers reconfigurable logic for custom hardware acceleration but requires significant development effort and has lower floating-point throughput per watt compared to a GPU for standard deep learning operations, making it less practical for general-purpose training.

959
MCQhard

An AI system misclassifies rare but critical events. The team considers using synthetic data. Which consideration is MOST important for ensuring the synthetic data improves performance on real rare events?

A.The synthetic data should include a wide variety of events, even if not realistic.
B.The synthetic data should be generated using an unsupervised generative model.
C.The synthetic data should accurately represent the distribution and features of real rare events.
D.The synthetic data should be as large as possible to cover all possibilities.
AnswerC

Fidelity to real event characteristics is crucial for generalization.

Why this answer

Option C is correct because synthetic data must faithfully replicate the distribution and feature space of real rare events to enable the model to learn meaningful decision boundaries. If the synthetic data does not capture the true underlying patterns—such as specific sensor readings or transaction anomalies—the model will fail to generalize to actual rare events, defeating the purpose of augmentation.

Exam trap

CompTIA often tests the misconception that 'more data is always better' or that 'any synthetic data helps,' when in reality the fidelity of the synthetic data to the real rare event distribution is the paramount factor for improving model performance on those events.

How to eliminate wrong answers

Option A is wrong because including a wide variety of unrealistic events introduces noise and spurious correlations, which can degrade the model's precision and recall on real rare events. Option B is wrong because the choice of generative model (unsupervised vs. supervised) is secondary; the critical factor is that the synthetic data accurately reflects the real rare event distribution, not the training paradigm. Option D is wrong because simply maximizing dataset size without ensuring fidelity to real rare events can lead to overfitting on synthetic artifacts and poor generalization to authentic edge cases.

960
MCQhard

A generative AI model is asked to 'Write a poem about AI' and returns a very short, generic response. The user wants longer, more creative outputs. Which parameter adjustment is MOST likely to help?

A.Decrease the top-p value
B.Increase the frequency penalty
C.Decrease the max tokens limit
D.Increase the temperature parameter
AnswerD

Higher temperature (e.g., 0.8-1.0) makes the model take more risks, leading to more creative and varied outputs.

Why this answer

Increasing the temperature parameter raises the randomness of token selection, encouraging the model to explore less probable word sequences and produce more varied, creative, and longer outputs. A low temperature (e.g., 0.1) makes the model deterministic and repetitive, often yielding short, generic responses. By increasing temperature (e.g., to 0.8 or 1.0), the model is more likely to generate diverse and expansive text, directly addressing the user's request for longer, more creative poems.

Exam trap

Cisco often tests the misconception that increasing max tokens (or decreasing it) is the primary way to control output length, when in fact temperature and top-p are the key parameters for influencing creativity and diversity, while max tokens simply sets a hard cutoff.

How to eliminate wrong answers

Option A is wrong because decreasing top-p (nucleus sampling) narrows the cumulative probability mass considered for token selection, making the output more focused and less diverse, which would further shorten and genericize the response. Option B is wrong because increasing the frequency penalty reduces the likelihood of repeating tokens or phrases, which can help with variety but does not directly encourage longer outputs; it may even shorten the response by penalizing common words. Option C is wrong because decreasing the max tokens limit explicitly caps the output length, which would make the response even shorter, opposite to the user's goal of longer outputs.

961
Multi-Selecteasy

A data scientist is tuning hyperparameters for a support vector machine (SVM) with an RBF kernel. Which two hyperparameters most significantly affect model performance? (Select TWO.)

Select 2 answers
A.gamma (kernel coefficient)
B.learning rate
C.epsilon (for epsilon-SVR)
D.degree (for polynomial kernel)
E.C (regularization parameter)
AnswersA, E

gamma determines the radius of influence of support vectors.

Why this answer

Gamma defines the influence of a single training example, with low values meaning a far reach and high values meaning a close reach. C controls the trade-off between achieving a low error on the training data and minimizing the margin, directly impacting overfitting. Together, they are the two most critical hyperparameters for an SVM with an RBF kernel.

Exam trap

Cisco often tests the distinction between kernel-specific hyperparameters (e.g., degree for polynomial, gamma for RBF) and general SVM parameters (C), so candidates mistakenly select degree or epsilon without recognizing they do not apply to the RBF kernel.

962
MCQeasy

Refer to the exhibit. A system administrator sees these logs from an AI inference pipeline. What is the most likely sequence of events?

A.Data poisoning corrupted the model, causing NaN outputs
B.The security filter failed to detect an attack and the model returned an error
C.A non-adversarial input caused a NaN error due to missing data
D.An adversarial input was blocked by the security filter
AnswerD

The security filter flagged the input as adversarial and blocked it.

Why this answer

Option D is correct because the logs show the security filter actively blocking an input (e.g., 'Blocked by security filter: input contains adversarial pattern') and then the pipeline continuing normally. This indicates the filter detected and stopped an adversarial input before it reached the model, preventing any error or corruption. The absence of NaN or model errors confirms the filter functioned as designed.

Exam trap

Cisco often tests the distinction between a security filter successfully blocking an attack versus the filter failing or the model producing an error, leading candidates to confuse a blocked adversarial input with a model error or data poisoning.

How to eliminate wrong answers

Option A is wrong because data poisoning corrupts the model during training, not inference, and would cause persistent accuracy degradation rather than a single NaN output from a blocked input. Option B is wrong because the security filter did detect and block the attack (as shown in the logs), so it did not fail; the model returned no error because the input was never processed. Option C is wrong because a non-adversarial input with missing data would typically cause a preprocessing error or NaN at the model output, but the logs explicitly show the security filter blocking the input, not a data-missing error.

963
MCQeasy

During the data preparation phase of an AI project, a data scientist discovers that the target variable in a binary classification dataset is heavily imbalanced: 95% negative class and 5% positive class. Which technique should be applied to improve model performance on the minority class?

A.Apply oversampling of the minority class using techniques like SMOTE
B.Remove all samples from the majority class to balance the dataset
C.Normalize all numerical features to have zero mean and unit variance
D.Use a train-test split of 80-20 without any modification
AnswerA

SMOTE generates synthetic samples for the minority class, balancing the dataset and improving recall.

Why this answer

Oversampling the minority class (e.g., SMOTE) or undersampling the majority class are standard techniques to handle imbalanced datasets and improve recall on the minority class.

964
MCQmedium

Refer to the exhibit. A data engineer runs a validation report on the customers table. The "income" column has 12 null values. Which imputation strategy is most appropriate for this column?

A.Remove rows with null income
B.Replace nulls with the median income per region
C.Replace nulls with 0
D.Replace nulls with the mean income of the entire dataset
AnswerB

Median per region respects regional variation and is robust to outliers.

Why this answer

Option B is correct because imputing missing income values with the median per region preserves the central tendency of each regional subgroup, which is robust to outliers and maintains the distributional characteristics of the data. This strategy is particularly appropriate for income data, which often exhibits skewness and regional variation, ensuring that the imputed values are contextually relevant and do not distort downstream analytics or machine learning models.

Exam trap

Cisco often tests the misconception that a global mean or median is always the safest imputation, when in fact ignoring subgroup structure (like region) can introduce significant bias and violate the assumption of missing-at-random conditioned on observed features.

How to eliminate wrong answers

Option A is wrong because removing rows with null income reduces the dataset size and can introduce bias if the missingness is not completely random, potentially degrading model performance and statistical power. Option C is wrong because replacing nulls with 0 is arbitrary and unrealistic for income data, introducing a strong downward bias that can severely skew summary statistics and mislead any analysis or model training. Option D is wrong because replacing nulls with the mean income of the entire dataset ignores regional heterogeneity and is sensitive to outliers, which can inflate variance and produce imputed values that are not representative of the local income distribution.

965
MCQhard

A team is building a natural language processing (NLP) model to analyze customer feedback. They have a large corpus of unlabeled text data and want to generate word embeddings that capture semantic meaning. Which approach should they use?

A.One-hot encoding
B.TF-IDF vectorization
C.Word2Vec
D.Bag-of-words model
AnswerC

Word2Vec learns dense embeddings from unlabeled text, capturing semantic relationships.

Why this answer

Word2Vec is the correct approach because it learns dense, distributed word embeddings from large unlabeled corpora by training a shallow neural network to predict words in context (CBOW) or context from words (Skip-gram). This captures semantic relationships such as analogy and similarity, which is essential for analyzing customer feedback without labeled data.

Exam trap

CompTIA often tests the distinction between frequency-based vectorization (TF-IDF, bag-of-words) and prediction-based embedding methods (Word2Vec, GloVe), trapping candidates who think TF-IDF captures semantic meaning when it only captures term importance in a document.

How to eliminate wrong answers

Option A is wrong because one-hot encoding produces sparse, high-dimensional vectors with no semantic meaning—each word is represented as a binary vector with a single 1, and all vectors are orthogonal, so no similarity or relationship between words is captured. Option B is wrong because TF-IDF vectorization relies on term frequency and inverse document frequency to produce weighted sparse vectors, which reflect word importance in a document but do not capture semantic meaning or word relationships; it is a bag-of-words variant that ignores word order and context. Option D is wrong because the bag-of-words model creates sparse vectors based on word counts, losing all word order and context, and cannot generate embeddings that capture semantic similarity or analogy.

966
MCQmedium

A data engineer is building a pipeline to ingest streaming data from IoT sensors. Which data storage solution is best suited for real-time analytics on timestamped sensor readings?

A.Data warehouse
B.Relational database
C.Data lake
D.Time-series database
AnswerD

Time-series databases provide specialized indexing, compression, and query capabilities for timestamped data.

Why this answer

Time-series databases (TSDBs) are optimized for high-ingest rates of timestamped data and provide efficient downsampling, retention policies, and time-based aggregation functions. For IoT sensor streaming, a TSDB like InfluxDB or TimescaleDB delivers sub-second query performance on time-range scans, which is essential for real-time analytics.

Exam trap

CompTIA often tests the misconception that 'any database can handle time-series data if you add a timestamp column,' ignoring the fundamental architectural differences in storage engines, indexing, and write optimization that make TSDBs the only viable choice for real-time streaming analytics.

How to eliminate wrong answers

Option A is wrong because data warehouses (e.g., Snowflake, Redshift) are designed for batch-oriented, structured querying of historical data and cannot sustain the high write throughput or low-latency time-range scans required for streaming sensor data. Option B is wrong because relational databases (e.g., PostgreSQL, MySQL) use row-based storage and B-tree indexes that degrade under continuous time-series inserts, leading to write contention and slow time-range queries. Option C is wrong because data lakes (e.g., S3, ADLS) store raw data in object storage with no indexing or time-ordering, making real-time analytics impossible due to high read latency and lack of native time-series functions.

967
MCQhard

A deep learning model for autonomous vehicle perception uses a large convolutional neural network. During deployment, the model misclassifies a stop sign that has a small sticker on it. This is likely an example of what type of vulnerability, and which defense is most appropriate?

A.Adversarial attack; implement adversarial training
B.Model inversion; add differential privacy
C.Data poisoning; use robust aggregation
D.Transfer learning; use domain adaptation
AnswerA

Small perturbations like stickers can cause adversarial misclassification; adversarial training improves robustness.

Why this answer

The misclassification of a stop sign with a small sticker is a classic example of an adversarial attack, where imperceptible perturbations (like a sticker) cause the model to output an incorrect prediction. Adversarial training, which augments the training data with adversarial examples, is the most appropriate defense because it improves the model's robustness against such perturbations by explicitly learning to resist them.

Exam trap

Cisco often tests the distinction between training-time attacks (data poisoning) and inference-time attacks (adversarial examples), so candidates mistakenly choose data poisoning when the attack occurs during deployment.

How to eliminate wrong answers

Option B is wrong because model inversion attacks aim to reconstruct private training data from the model's outputs, not to cause misclassification via input perturbations, and differential privacy protects against membership inference, not adversarial examples. Option C is wrong because data poisoning involves corrupting the training data to influence the model's behavior, whereas the sticker on the stop sign is an input-time perturbation during deployment, not a training-time attack; robust aggregation defends against poisoning in federated learning, not adversarial inputs. Option D is wrong because transfer learning and domain adaptation address distribution shift between source and target domains, not deliberate input manipulations designed to fool the model.

968
MCQhard

An AI governance team is implementing the NIST AI Risk Management Framework. They have identified a high-risk AI system and are in the 'Measure' function. Which activity is most appropriate for this function?

A.Conduct bias and fairness impact assessments on the model
B.Implement technical controls to mitigate identified risks
C.Document the system's intended purpose and data sources
D.Establish an AI ethics board to oversee risk decisions
AnswerA

Measuring risks includes testing for bias and fairness, which directly aligns with the Measure function.

Why this answer

In the NIST AI Risk Management Framework (AI RMF), the 'Measure' function focuses on assessing and analyzing risks associated with AI systems. For a high-risk AI system, conducting bias and fairness impact assessments is a core activity within this function, as it quantifies and evaluates potential harms related to fairness, accuracy, and transparency. This aligns with the framework's emphasis on quantitative and qualitative risk measurement before moving to risk treatment in the 'Manage' function.

Exam trap

Cisco often tests the distinction between the NIST AI RMF functions (Map, Measure, Manage, Govern) by presenting risk mitigation actions (like implementing controls) as plausible activities for the 'Measure' function, when they actually belong to the 'Manage' function.

How to eliminate wrong answers

Option B is wrong because implementing technical controls to mitigate risks belongs to the 'Manage' function, which involves risk response and treatment, not the 'Measure' function that focuses on assessment and analysis. Option C is wrong because documenting the system's intended purpose and data sources is part of the 'Map' function, which establishes context and identifies risks, not the 'Measure' function that evaluates those risks. Option D is wrong because establishing an AI ethics board is a governance structure typically associated with the 'Govern' function, which sets policies and oversight, not the 'Measure' function's risk assessment activities.

969
MCQmedium

A company is deciding between fine-tuning and RAG for a domain-specific legal assistant that must provide accurate answers based on a changing set of statutes and regulations. The statutes are updated quarterly. Which approach is PREFERRED and why?

A.Fine-tuning, because it allows the model to internalize the statutes for faster inference
B.Fine-tuning with LoRA, because it is parameter-efficient and can be updated frequently
C.RAG, because it can retrieve the latest documents without retraining the model
D.RAG with fine-tuning on the initial statutes, then update the index quarterly
AnswerC

RAG indexes the latest documents and retrieves relevant chunks at query time, ensuring answers are based on current statutes without any model retraining.

Why this answer

RAG is preferred when the knowledge base changes frequently, as it retrieves the latest documents at inference time without requiring model retraining.

970
MCQmedium

A security analyst is evaluating adversarial threats to a deployed image classifier. Which attack involves making tiny, often imperceptible changes to input images to cause misclassification?

A.Model inversion
B.Membership inference
C.Adversarial examples
D.Data poisoning
AnswerC

Correct. Adversarial examples use imperceptible perturbations to fool classifiers.

Why this answer

Adversarial examples are crafted by adding small perturbations to input data that are imperceptible to humans but cause the model to output incorrect predictions.

971
MCQeasy

A company uses an AI system to generate marketing images. They are concerned about copyright ownership of the generated content. According to current US copyright law, who typically owns the copyright for AI-generated work?

A.No one; the work may be in the public domain
B.The user who provided the input prompts
C.The AI system itself, as the creator
D.The company that owns the AI model
AnswerA

According to US Copyright Office guidance, AI-generated works without substantial human authorship are not copyrightable and may be considered public domain.

Why this answer

Under US copyright law, copyright protection requires human authorship. Works created entirely by AI without human creative input are generally not copyrightable. The user who provides prompts may not own the copyright if the work lacks human authorship.

The AI developer or AI system itself cannot hold copyright.

972
Multi-Selectmedium

A team monitors a production model for bias. They measure the selection rate for two demographic groups and find a significant difference. Which TWO actions should the team take to mitigate bias? (Choose two.)

Select 2 answers
A.Increase the complexity of the model to capture more patterns
B.Add more training data from both groups
C.Retrain the model with a balanced training dataset
D.Remove the protected attribute from the model input
E.Implement a post-processing fairness adjustment
AnswersC, E

Balanced data reduces bias by ensuring the model learns from fair representations.

Why this answer

Retraining with a balanced training dataset (Option C) directly addresses the root cause of bias by ensuring the model learns from equal representation of both demographic groups, which reduces skewed selection rates. This is a standard data-level mitigation technique in AI fairness, as it prevents the model from overfitting to majority patterns.

Exam trap

CompTIA often tests the misconception that removing the protected attribute (Option D) is sufficient to eliminate bias, when in reality proxy features and correlated variables can perpetuate discrimination.

973
MCQeasy

Which type of neural network is BEST suited for processing sequential data such as time series or natural language?

A.Generative Adversarial Network (GAN)
B.Multi-layer Perceptron (MLP)
C.Recurrent Neural Network (RNN)
D.Convolutional Neural Network (CNN)
AnswerC

RNNs have loops that allow information to persist, making them ideal for sequences.

Why this answer

RNNs (including LSTMs) are designed for sequential data with temporal dependencies. CNNs excel at spatial data; transformers are also used but RNNs are the classic answer.

974
MCQeasy

Which neural network architecture is specifically designed to process sequential data, such as time series or sentences, by maintaining a hidden state that captures information about previous inputs?

A.Transformer
B.Convolutional Neural Network (CNN)
C.Multi-layer Perceptron (MLP)
D.Recurrent Neural Network (RNN)
AnswerD

RNNs have a hidden state that evolves over time steps, ideal for sequences.

Why this answer

Recurrent Neural Networks (RNNs) are specifically designed for sequential data because they maintain a hidden state that is updated at each time step, allowing information about previous inputs to persist and influence current and future outputs. This feedback loop makes them ideal for tasks like time series forecasting, natural language processing, and speech recognition, where order and context matter.

Exam trap

Cisco often tests the misconception that Transformers are the default architecture for all sequence tasks, but the question specifically asks for a network that 'maintains a hidden state'—a defining feature of RNNs, not Transformers.

How to eliminate wrong answers

Option A (Transformer) is wrong because, while Transformers process sequences using self-attention mechanisms, they do not maintain a recurrent hidden state; they rely on positional encodings and parallel processing of the entire sequence. Option B (CNN) is wrong because CNNs are designed for spatial data (e.g., images) using convolutional filters and pooling layers, not for capturing temporal dependencies via a hidden state. Option C (MLP) is wrong because MLPs are feedforward networks with no memory or sequential processing capability; each input is processed independently without any hidden state carrying information across time steps.

975
MCQmedium

A team is building a recommendation system for an e-commerce platform. They want to use collaborative filtering but have a cold-start problem for new users. Which hybrid approach BEST addresses cold start while leveraging collaborative signals?

A.Apply user clustering based on demographic data and then use collaborative filtering within clusters
B.Use only content-based filtering for all users
C.Use matrix factorization with implicit feedback only
D.Implement a hybrid model that combines content-based features with collaborative filtering via a weighted ensemble
AnswerD

Hybrid leverages content features for new users and collaborative signals for warm users, balancing both.

Why this answer

Content-based filtering uses user/item features to handle cold start, then combines with collaborative filtering for accuracy. Clustering or matrix factorization alone do not solve cold start.

Page 12

Page 13 of 14

Page 14
CompTIA AI+ AI0-001 AI0-001 Questions 901–975 | Page 13/14 | Courseiva