CCNA AI Security, Ethics and Governance Questions

18 of 93 questions · Page 2/2 · AI Security, Ethics and Governance · Answers revealed

76
MCQeasy

A startup develops an AI recruiting tool that screens resumes. After deployment, they receive a complaint from a candidate who claims the system rejected them due to age discrimination. The startup has no formal AI governance process. They want to quickly assess and remediate the issue. The dataset includes age as a feature. What should they do first?

A.Conduct a bias analysis to measure the model's impact on different age groups
B.Apologize to the candidate and offer a manual review of their resume
C.Immediately remove age from the feature set and retrain the model
D.Ignore the complaint because age is a legitimate business requirement
AnswerA

Analysis identifies whether and where bias exists before taking action.

Why this answer

Option B is correct because the complaint suggests age bias; the first step is to analyze the model's predictions across age groups to verify if there is bias. Option A is wrong because removing age may not eliminate proxies. Option C is wrong because disregarding the complaint is unethical.

Option D is wrong without first understanding the bias source.

77
MCQhard

During a penetration test, a security engineer discovers that an AI-powered chatbot can be tricked into revealing sensitive customer data by using specially crafted prompts. What type of attack is this, and what is the best mitigation?

A.Prompt injection attack; implement input validation and context sanitization
B.Model inversion attack; apply differential privacy during training
C.Data poisoning attack; implement strict access controls
D.Membership inference attack; add noise to model outputs
AnswerA

Prompt injection exploits the model via crafted inputs; validation prevents it.

Why this answer

Option D is correct: the attack is a prompt injection, and input validation (sanitization) is a primary defense. Option A is wrong because model inversion is different. Option B is wrong because this is not a membership inference attack.

Option C is wrong because differential privacy is for training, not for prompt-level attacks.

78
MCQmedium

A data scientist trains a sentiment analysis model on user reviews. To ensure transparency, they want to explain why the model classified a particular review as negative. Which explainability technique should they use?

A.Decision tree surrogate model
B.Principal component analysis
C.SHAP (SHapley Additive exPlanations)
D.t-SNE dimensionality reduction
AnswerC

SHAP computes feature contributions for each prediction.

Why this answer

Option D is correct because SHAP values provide per-feature attribution for individual predictions. Option A is wrong because LIME is also for local explanations, but SHAP is more theoretically grounded and common for feature attribution. Option B is wrong because t-SNE is for visualization of high-dimensional data, not explanation.

Option C is wrong because decision trees are a model type, not an explanation method for any model.

79
MCQmedium

Refer to the exhibit. Which assessment is most critical for ethical deployment?

A.Feature engineering should be improved
B.Data collection needs expansion
C.Bias mitigation is needed
D.Model retraining is required due to low recall
AnswerC

A demographic parity difference over 0.1 is often considered evidence of bias requiring correction.

Why this answer

The demographic parity difference of 0.15 indicates potential bias against a demographic group, so bias mitigation is the most critical ethical concern.

80
Multi-Selectmedium

Which TWO practices are most effective for ensuring the security of an AI model against adversarial attacks?

Select 2 answers
A.Encrypting the model weights
B.Continuous model monitoring
C.Input sanitization and validation
D.Adversarial training
E.Rate limiting API access
AnswersC, D

Sanitization removes or normalizes inputs that may contain adversarial perturbations.

Why this answer

Input sanitization and validation (C) is correct because it prevents adversarial inputs—such as specially crafted perturbations or injection strings—from reaching the model's inference pipeline. By filtering, encoding, or rejecting malicious data at the application layer, the model's decision boundary is protected from manipulation. This is a fundamental defense-in-depth measure against evasion and poisoning attacks.

Exam trap

CompTIA often tests the distinction between reactive monitoring (B) and proactive defenses (C and D), and candidates mistakenly choose rate limiting (E) thinking it blocks all attacks, but it only throttles frequency, not content.

81
MCQeasy

A company is developing an AI chatbot for customer service. The legal team is concerned that the chatbot might generate responses that violate privacy regulations. Which governance mechanism should be implemented to mitigate this risk?

A.Use explainable AI techniques to understand why the chatbot generates certain responses.
B.Encrypt all chatbot conversations at rest and in transit.
C.Implement a human-in-the-loop review process for high-risk responses.
D.Anonymize the training data used to train the chatbot.
AnswerC

Human review can catch and block responses that violate privacy regulations before they are sent to customers.

Why this answer

Option C is correct because a human-in-the-loop (HITL) review process directly addresses the risk of privacy violations by ensuring that high-risk responses are reviewed by a human before being sent to the customer. This governance mechanism provides a safety net for unpredictable outputs from the generative AI model, which may inadvertently leak personally identifiable information (PII) or violate data protection regulations like GDPR or CCPA. Unlike technical controls that only reduce the attack surface, HITL offers real-time compliance oversight for the chatbot's natural language generation (NLG) outputs.

Exam trap

CompTIA often tests the distinction between preventive controls (like HITL) and detective or protective controls (like encryption or anonymization), and the trap here is that candidates confuse data security measures (encryption, anonymization) with governance mechanisms that directly control model output behavior.

How to eliminate wrong answers

Option A is wrong because explainable AI (XAI) techniques, such as SHAP or LIME, provide post-hoc interpretability of model decisions but do not prevent the generation of privacy-violating responses; they only help diagnose why a violation occurred after the fact. Option B is wrong because encrypting chatbot conversations at rest (e.g., using AES-256) and in transit (e.g., using TLS 1.3) protects data from external interception but does not control the content generated by the chatbot itself, which is the source of the privacy risk. Option D is wrong because anonymizing training data (e.g., via k-anonymity or differential privacy) reduces the risk of the model memorizing PII, but it does not prevent the chatbot from generating new responses that violate privacy regulations through inference or context-based leakage during inference.

82
Multi-Selectmedium

Which THREE of the following are key principles of trustworthy AI as defined by major regulatory bodies?

Select 3 answers
A.Fairness and non-discrimination
B.Transparency and explainability
C.Maximum profitability
D.Proprietary secrecy
E.Accountability
AnswersA, B, E

AI systems should avoid bias and ensure equitable treatment.

Why this answer

Options A, C, and D are correct. Accountability, fairness, and transparency are core principles. Option B is wrong because maximum profitability is not an ethical principle.

Option E is wrong because proprietary secrecy conflicts with transparency.

83
Multi-Selecthard

Which TWO of the following are effective techniques to detect data poisoning attacks in a training dataset?

Select 2 answers
A.Performing cross-validation to check for inconsistent model performance.
B.Normalizing features to zero mean and unit variance.
C.Using ensemble methods like random forest for training.
D.Applying PCA to reduce dimensionality.
E.Statistical outlier detection on feature distributions.
AnswersA, E

Poisoned data often causes model performance to vary significantly across folds.

Why this answer

Option A is correct because cross-validation can reveal data poisoning by exposing inconsistent model performance across folds. If a poisoned subset causes the model to perform well on certain folds but poorly on others, it indicates that the training data may have been tampered with, as the model's behavior becomes unstable due to maliciously injected samples.

Exam trap

CompTIA often tests the distinction between techniques that detect poisoning (like cross-validation and outlier detection) versus techniques that only mitigate or preprocess data, leading candidates to mistakenly select normalization or dimensionality reduction as detection methods.

84
MCQhard

An organization implements AI governance following the NIST AI Risk Management Framework. They need to ensure that all model decisions are logged with sufficient detail for later audit. Which logging requirement is most critical for traceability?

A.Input data and model name only
B.Source code and training dataset hash
C.Model outputs and confidence scores only
D.Timestamp, input data, output, and model version
AnswerD

These four elements enable full reconstruction and audit of each decision.

Why this answer

Option D is correct because timestamp, input/output data, and model version together provide full traceability for audit. Option A is wrong because logging only outputs and confidence is insufficient without inputs. Option B is wrong because logging only inputs and model name misses version and outputs.

Option C is wrong because code and training data logs are not typically part of inference audit trails.

85
MCQmedium

A company implements an AI-based chatbot for customer service. After deployment, customers report that the chatbot sometimes uses offensive language. The development team reviews the training data and finds no explicit offensive content. What is the most likely explanation?

A.There is a bug in the deployment pipeline
B.The model is overfitting to rare examples
C.The model learned biased language patterns from the training corpus
D.The training data was poisoned by an attacker
AnswerC

The model may have learned offensive language from context, e.g., associating certain demographics with negative terms.

Why this answer

Large language models can learn unintended associations from training data, including biased or offensive language embedded in context. Even without explicit offensive content, the model may generate such language due to learned patterns.

86
Multi-Selecteasy

Which TWO of the following are essential components of a responsible AI governance framework?

Select 2 answers
A.Assignment of a responsible owner for each AI system's outcomes
B.Using ensemble methods to reduce overfitting
C.Clear documentation of model development and decision-making processes
D.Automated hyperparameter tuning to improve accuracy
E.Deploying models on dedicated hardware to reduce latency
AnswersA, C

Accountability is a fundamental governance requirement.

Why this answer

Options A and D are correct because transparency in model decisions and accountability for AI outcomes are foundational to responsible AI governance. Options B, C, and E are important but are more operational or technical rather than core governance components.

87
MCQmedium

A healthcare organization uses an AI model to predict patient readmission risk. To comply with patient privacy regulations, they apply differential privacy during training. What is the primary trade-off of using differential privacy?

A.Increased training time for reduced bias
B.Lower interpretability for higher fairness
C.Faster inference for lower memory usage
D.Reduced model accuracy for increased privacy
AnswerD

Noise injection lowers accuracy but bounds privacy loss.

Why this answer

Option A is correct because differential privacy adds noise, which reduces model accuracy but protects privacy. Option B is wrong because training time may increase slightly but not primarily; the main trade-off is accuracy. Option C is wrong because interpretability is not directly affected.

Option D is wrong because inference latency is not significantly impacted.

88
MCQhard

An AI system used for resume screening is found to consistently reject female candidates for technical roles. The data science team retrains the model after removing the 'gender' feature, but the bias persists. What is the most likely cause?

A.The model architecture is too complex
B.The model uses proxy variables that correlate with gender
C.The training data still contains historical hiring bias
D.The evaluation metric does not measure fairness
AnswerB

Features like 'years of experience gaps' or 'extracurricular activities' may correlate with gender and perpetuate bias.

Why this answer

Removing the gender feature alone is insufficient because other features (e.g., years of experience, education, hobbies) can act as proxies for gender. This is a common pitfall in fairness interventions.

89
MCQhard

A national security agency uses AI to analyze surveillance data for threat detection. The system is deployed in a high-stakes environment where false negatives could lead to missed threats, and false positives waste analyst time. Recently, a known hacker group attempted to evade detection by subtly modifying their communication patterns over time, a form of adversarial evasion. The agency wants to harden the system while maintaining performance. The system uses a deep neural network. Which mitigation strategy is most appropriate?

A.Switch to an unsupervised learning approach to detect anomalies
B.Simplify the model to a logistic regression to reduce the attack surface
C.Perform adversarial training using the hacker group's known evasion patterns
D.Add random noise to all input data to confuse evasion attempts
AnswerC

Adversarial training directly hardens the model against those patterns.

Why this answer

Option C is correct because adversarial training exposes the model to known evasion patterns during training, improving robustness without changing the model type. Option A is wrong because reducing model complexity may decrease accuracy. Option B is wrong because unsupervised learning may not capture the specific adversarial patterns.

Option D is wrong because random input perturbations do not represent realistic evasion.

90
MCQhard

During a red-team exercise on an AI model, testers successfully extracted training data. Which vulnerability is this?

A.Membership inference
B.Model inversion
C.Adversarial example
D.Data poisoning
AnswerB

Model inversion reconstructs training data.

Why this answer

Option B (Model inversion) is correct because model inversion attacks reconstruct training data. Option A (Membership inference) determines if a record was used, not extraction. Option C (Data poisoning) corrupts training data.

Option D (Adversarial example) causes misclassification.

91
MCQeasy

Refer to the exhibit. A system administrator sees these logs from an AI inference pipeline. What is the most likely sequence of events?

A.Data poisoning corrupted the model, causing NaN outputs
B.The security filter failed to detect an attack and the model returned an error
C.A non-adversarial input caused a NaN error due to missing data
D.An adversarial input was blocked by the security filter
AnswerD

The security filter flagged the input as adversarial and blocked it.

Why this answer

Option A is correct because the adversarial input triggered the security filter, which then blocked the request. Option B is wrong because the input caused NaN, not filter failure. Option C is wrong because there is no evidence of data poisoning.

Option D is wrong because the filter blocked it; it did not fail.

92
Multi-Selecteasy

Which TWO of the following are best practices for securing an AI model against adversarial attacks?

Select 2 answers
A.Model pruning to reduce the number of parameters.
B.Adversarial training with perturbed examples.
C.Input sanitization and validation.
D.Increasing model complexity to capture more patterns.
E.Hyperparameter optimization using grid search.
AnswersB, C

Adversarial training exposes the model to adversarial inputs, improving robustness.

Why this answer

Option B is correct because adversarial training explicitly augments the training dataset with perturbed examples (e.g., using FGSM or PGD attacks) to teach the model to recognize and resist malicious inputs. This method directly hardens the model against evasion attacks by improving its decision boundary robustness.

Exam trap

CompTIA often tests the misconception that increasing model complexity or pruning improves security, when in fact these techniques address performance or efficiency, not adversarial robustness.

93
MCQhard

An organization wants to implement an AI ethics board. Which composition best ensures independence and expertise?

A.All members from the legal department
B.IT department head and data scientists
C.Mix of internal stakeholders and external ethicists
D.Only senior executives from the company
AnswerC

Ensures independence and diverse expertise.

Why this answer

Option B (Mix of internal stakeholders and external ethicists) is correct because external ethicists provide unbiased perspective and expertise, while internal stakeholders understand operations. Option A (Only senior executives from the company) may have conflicts of interest. Option C (All members from the legal department) focuses only on compliance.

Option D (IT department head and data scientists) lacks ethics expertise.

← PreviousPage 2 of 2 · 93 questions total

Ready to test yourself?

Try a timed practice session using only AI Security, Ethics and Governance questions.