CCNA Ai Security Ethics Governance Questions

75 of 93 questions · Page 1/2 · Ai Security Ethics Governance topic · Answers revealed

1
MCQeasy

A healthcare organization uses an AI model to recommend treatment plans. The model was trained on data from a single hospital, and now treats patients from multiple demographics. Which ethical concern is most critical?

A.Accountability for treatment outcomes
B.Lack of transparency in model decisions
C.Privacy violations in training data
D.Fairness and bias in predictions
AnswerD

The model trained on a single hospital's data may not generalize, leading to unfair treatment recommendations for other demographics.

Why this answer

Training on homogeneous data leads to biased predictions for underrepresented groups, raising fairness concerns. While transparency and explainability are important, fairness is the primary issue due to demographic shift. Privacy and accountability are secondary in this context.

2
MCQeasy

An organization deploys an AI system that processes personal data of EU citizens. Which regulatory framework imposes strict requirements on automated decision-making and profiling?

A.Payment Card Industry Data Security Standard (PCI DSS)
B.General Data Protection Regulation (GDPR)
C.Health Insurance Portability and Accountability Act (HIPAA)
D.Sarbanes-Oxley Act (SOX)
AnswerB

GDPR specifically addresses automated individual decision-making and profiling.

Why this answer

Option A is correct: the GDPR provides rules on automated decision-making and profiling. Option B is wrong because HIPAA is for healthcare data in the US. Option C is wrong because PCI DSS is for payment card data.

Option D is wrong because SOX is for financial reporting.

3
MCQhard

A financial institution uses an AI model to approve loans. The model uses features including credit score and ZIP code. During an audit, it is discovered that the model has a high false positive rate for loan default predictions in certain ZIP codes. What should the institution do to address this?

A.Remove the ZIP code feature from the model
B.Increase the decision threshold for those ZIP codes
C.Discontinue use of the model for those ZIP codes
D.Retrain the model with fairness constraints
AnswerD

Fairness constraints can reduce bias while maintaining overall performance, a more comprehensive solution.

Why this answer

The false positive disparity in certain ZIP codes likely indicates bias related to demographics. The best course is to retrain the model with fairness constraints to mitigate disparate impact while maintaining performance.

4
MCQeasy

A company is developing an AI chatbot for customer service. They want to ensure the bot does not generate offensive or harmful responses. Which governance practice should be implemented first?

A.Set up a human-in-the-loop review process
B.Implement a content filter to screen responses before delivery
C.Create a usage policy for acceptable bot behavior
D.Sanitize training data to remove toxic examples
AnswerB

Content filtering immediately prevents harmful outputs from reaching users.

Why this answer

Option B is correct because a content filter acts as a real-time safety gate that screens every response generated by the AI model before it reaches the customer. This is the first line of defense against offensive or harmful outputs, as it can catch toxic language, PII leaks, or policy violations immediately, even if the underlying model has not been fully sanitized. Without such a filter, harmful responses could be delivered before any other governance measure (like human review or policy creation) can intervene.

Exam trap

CompTIA often tests the principle of 'defense in depth' and the order of implementation, where candidates mistakenly choose data sanitization (D) as the first step, overlooking that runtime controls are more immediate and practical for preventing harm in a deployed system.

How to eliminate wrong answers

Option A is wrong because a human-in-the-loop review process introduces latency and cannot scale to handle high-volume chatbot traffic; it is a secondary safeguard, not the first implementation. Option C is wrong because creating a usage policy defines acceptable behavior but does not technically prevent the model from generating offensive responses—it is a documentation step, not an enforcement mechanism. Option D is wrong because sanitizing training data is a proactive but time-consuming and imperfect process; even with clean data, large language models can still generate toxic outputs due to emergent behaviors or adversarial prompts, so a runtime filter is needed first.

5
MCQmedium

A healthcare organization is deploying an AI system to analyze patient records and recommend treatment plans. To comply with data privacy regulations, what is the most important security measure to implement?

A.Enable detailed audit logging
B.Anonymize patient data before processing
C.Encrypt all data at rest and in transit
D.Implement role-based access control
AnswerB

Anonymization removes identifying information, reducing privacy risks while allowing analysis.

Why this answer

Anonymizing patient data before processing is the most important security measure because it directly addresses data privacy regulations like HIPAA and GDPR by removing personally identifiable information (PII) from the dataset. This ensures that even if a breach occurs, the data cannot be linked back to an individual, thereby minimizing compliance risk. While other measures like encryption and access control are essential, anonymization is the foundational step for lawful AI processing of sensitive health data.

Exam trap

CompTIA often tests the distinction between security controls that protect data in transit/at rest versus those that protect the data's content itself; the trap here is that candidates confuse encryption with anonymization, thinking encryption alone satisfies privacy regulations, when in fact it only protects confidentiality, not identifiability.

How to eliminate wrong answers

Option A is wrong because detailed audit logging is a detective control that records who accessed what and when, but it does not prevent exposure of PII or ensure compliance with privacy regulations like HIPAA or GDPR. Option C is wrong because encrypting data at rest (e.g., AES-256) and in transit (e.g., TLS 1.3) protects against unauthorized interception but does not remove PII from the data; if an authorized user or AI model processes encrypted data, the plaintext still contains identifiable information. Option D is wrong because role-based access control limits who can view or process data but does not alter the data itself; a user with the appropriate role can still access raw PII, violating privacy regulations if the data is used for AI training without anonymization.

6
MCQmedium

An image classification model misclassifies a stop sign as a speed limit sign after a few pixels are altered. What is the most effective defense against such attacks?

A.Use a larger validation dataset
B.Reduce the input image resolution
C.Increase the model's complexity
D.Adversarial training
AnswerD

Adversarial training explicitly trains on perturbed examples to improve robustness.

Why this answer

Adversarial training incorporates adversarial examples during training, making the model more robust.

7
MCQeasy

A social media company's AI recommendation system pushes extreme content to users, causing harm. Which ethical principle is most violated?

A.Autonomy
B.Justice
C.Beneficence
D.Non-maleficence
AnswerD

Non-maleficence requires avoiding harm.

Why this answer

Option C (Non-maleficence) is correct because it means 'do no harm'. Option A (Beneficence) is about doing good, but here harm is done. Option B (Autonomy) is about user choice.

Option D (Justice) is about fairness.

8
MCQmedium

A security analyst reviews the log file from an AI model server. What is the most likely cause of the crash?

A.The server ran out of memory due to high traffic
B.The model weights were corrupted during loading
C.The model encountered an unknown data type
D.A malicious input triggered a buffer overflow
AnswerD

Special characters and memory allocation error suggest an injection attack.

Why this answer

A malicious input triggering a buffer overflow is the most likely cause of the crash because AI model servers often process user-supplied data in native code (e.g., C/C++ extensions or TensorFlow ops) that lack bounds checking. An attacker can craft an input that overflows a fixed-size buffer, corrupting memory and causing a segmentation fault or denial of service. This is a well-known AI security vulnerability, distinct from generic resource exhaustion or data-type errors.

Exam trap

CompTIA often tests the misconception that AI crashes are always due to resource exhaustion or data format errors, but the trap here is that a buffer overflow from malicious input is a distinct security-specific crash vector that candidates overlook in favor of more generic operational issues.

How to eliminate wrong answers

Option A is wrong because running out of memory due to high traffic would typically cause gradual performance degradation or an out-of-memory (OOM) kill, not a sudden crash from a single request, and the log would show memory allocation failures rather than a buffer overflow. Option B is wrong because corrupted model weights during loading would usually result in a checksum mismatch or loading error at startup, not a crash during inference from a specific input. Option C is wrong because an unknown data type would typically raise a type error or exception in the model's preprocessing layer, not cause a memory corruption crash like a buffer overflow.

9
Multi-Selectmedium

Which TWO are key requirements for AI governance under the EU AI Act for high-risk AI systems? (Choose two.)

Select 2 answers
A.Regular performance benchmarks
B.Human oversight
C.Open-source licensing
D.Transparency and documentation
E.Mandatory use of cloud
AnswersB, D

Required for high-risk AI systems.

Why this answer

Options A (Human oversight) and C (Transparency and documentation) are correct. The EU AI Act mandates human oversight and transparency for high-risk systems. Option B (Open-source licensing) is not required.

Option D (Mandatory use of cloud) is not specified. Option E (Regular performance benchmarks) is good practice but not a specific requirement.

10
MCQhard

An AI system used for autonomous driving is found to have a lower accuracy in detecting pedestrians with darker skin tones. The development team wants to address this ethical issue. Which action is most effective?

A.Conduct additional testing to measure the disparity
B.Augment the training dataset with more images of pedestrians with darker skin
C.Replace the object detection algorithm with a different one
D.Adjust the model's decision threshold for pedestrian detection
AnswerB

Diverse data helps the model learn robust features for all skin tones.

Why this answer

Option B is correct because augmenting the training dataset with more images of pedestrians with darker skin directly addresses the root cause of the bias: underrepresentation in the training data. By providing a more balanced and diverse dataset, the model can learn more robust features for all skin tones, reducing accuracy disparity without altering the algorithm's core logic or introducing arbitrary thresholds.

Exam trap

CompTIA often tests the misconception that bias can be fixed by simply changing the algorithm or threshold, when in reality the most effective first step is to address data imbalance through targeted augmentation.

How to eliminate wrong answers

Option A is wrong because additional testing only measures the disparity but does not fix it; it is a diagnostic step, not a corrective action. Option C is wrong because replacing the object detection algorithm does not guarantee improved fairness—bias often stems from training data distribution, not the algorithm itself, and a different algorithm may still exhibit similar biases if trained on the same skewed data. Option D is wrong because adjusting the decision threshold can trade off precision and recall but does not address the underlying data imbalance; it may reduce false negatives for one group at the expense of increased false positives for another, without resolving the root cause.

11
MCQeasy

What is the primary function of an AI ethics board within an organization?

A.Developing algorithms
B.Managing cloud infrastructure
C.Marketing AI products
D.Reviewing AI projects for ethical compliance
AnswerD

The board provides oversight and guidance on ethical matters.

Why this answer

An AI ethics board reviews AI projects to ensure they align with ethical principles and regulatory requirements.

12
MCQmedium

A healthcare AI system misdiagnosed patients due to adversarial inputs. What security measure should be prioritized?

A.Encrypt all patient data
B.Use stronger authentication
C.Regular software updates
D.Implement adversarial training
AnswerD

Directly mitigates adversarial examples.

Why this answer

Option C (Implement adversarial training) is correct because adversarial training makes the model robust to input manipulation. Option A (Encrypt all patient data) protects data privacy but not model integrity. Option B (Use stronger authentication) is for access control.

Option D (Regular software updates) is general maintenance.

13
MCQhard

You are a security engineer at a large e-commerce company that uses an AI-based recommendation system. The system is deployed on a Kubernetes cluster and uses a TensorFlow model served via REST API. Recently, the security team detected unusual API calls that caused the model to return incorrect recommendations. Analysis shows that the inputs were crafted to maximize prediction error. The team suspects an adversarial attack. You need to implement a solution that detects and mitigates such attacks in real-time without requiring model retraining. Which approach should you take?

A.Implement an input validation filter to detect and block anomalous inputs
B.Increase the number of model replicas to distribute the load
C.Retrain the model with adversarial examples
D.Roll back the model to a previous version that was not attacked
AnswerA

Input validation can identify adversarial examples based on statistical anomalies.

Why this answer

Option A is correct because an input validation filter can detect and block adversarial inputs in real-time by analyzing statistical properties (e.g., outlier detection, perturbation magnitude) without modifying the model. This approach is lightweight, operates at the API gateway level, and does not require retraining, making it suitable for immediate deployment against crafted inputs that maximize prediction error.

Exam trap

CompTIA often tests the misconception that retraining or scaling can solve security issues, but the key constraint here is 'real-time detection without retraining,' which eliminates options that require model modification or do not address the attack vector.

How to eliminate wrong answers

Option B is wrong because increasing model replicas only distributes load and improves throughput, but does not detect or block malicious inputs; adversarial attacks exploit model vulnerabilities, not resource exhaustion. Option C is wrong because retraining with adversarial examples requires model retraining, which violates the constraint of 'without requiring model retraining' and is a longer-term solution, not real-time mitigation. Option D is wrong because rolling back to a previous version does not address the root cause; the same adversarial inputs would still be effective against the older model, and the attack vector remains unmitigated.

14
MCQhard

A financial institution uses a deep learning model for loan approvals. Under the EU AI Act, this is considered a high-risk AI system. Which mandatory requirement must the institution fulfill before deployment?

A.Obtain certification from an ISO 27001 auditor
B.Publish the model's source code publicly
C.Register the AI system with the national data protection authority
D.Conduct a risk assessment and bias testing
AnswerD

The EU AI Act mandates a risk management system and bias audits for high-risk systems.

Why this answer

High-risk AI systems under the EU AI Act require a conformity assessment, including a risk assessment and bias testing.

15
Multi-Selecthard

Which THREE are effective methods for ensuring data privacy in AI training? (Choose three.)

Select 3 answers
A.Data encryption at rest
B.Data anonymization
C.Differential privacy
D.Data replication
E.Federated learning
AnswersB, C, E

Removes personally identifiable information.

Why this answer

Options A (Differential privacy), C (Data anonymization), and D (Federated learning) are correct. Differential privacy adds noise to protect individual records, anonymization removes PII, and federated learning trains without centralizing data. Option B (Data encryption at rest) protects storage but not against model inference.

Option E (Data replication) increases risk.

16
MCQeasy

A bank uses an AI model to approve loans. During an audit, it is found that the model denies loans at a higher rate for a certain ethnic group. Which governance principle is primarily violated?

A.Accountability
B.Fairness
C.Transparency
D.Privacy
AnswerB

Fairness requires non-discrimination, which is violated here.

Why this answer

Option D (Fairness) is correct because fairness requires that AI systems do not discriminate against protected groups. Option A (Privacy) is about data protection, not bias. Option B (Transparency) is about explaining decisions, not the discrimination itself.

Option C (Accountability) is about responsibility, but the core issue is bias.

17
MCQmedium

A hospital deploys an AI diagnostic assistant that analyzes medical images. The system has been in use for six months, and radiologists have reported that the AI is increasingly confident in its predictions, but sometimes misses rare conditions. The AI ethics board is concerned about overreliance and potential harm from false negatives. They want to implement a governance framework that ensures appropriate human oversight. The hospital has a limited IT budget. What is the best approach?

A.Implement a human-in-the-loop process where the AI flags low-confidence or rare condition predictions for mandatory radiologist review
B.Add a warning to the AI interface that says 'This tool may miss rare conditions'
C.Require all AI predictions to be reviewed by a radiologist before final diagnosis
D.Increase the AI's false positive threshold to reduce missed cases
AnswerA

This balances efficiency with safety, ensuring oversight where it matters.

Why this answer

Option C is correct because establishing a human-in-the-loop process for high-risk cases ensures oversight without full automation removal. Option A is wrong because requiring all cases to be reviewed eliminates efficiency gains. Option B is wrong because increasing false positive threshold could increase false negatives.

Option D is wrong because confidence scores alone are not sufficient; mandatory human review for low-confidence cases is needed.

18
MCQhard

A financial institution uses an AI model to approve loan applications. The model was trained on historical data that included biased lending practices. The bank's ethics committee wants to mitigate bias without removing protected attributes. Which approach best balances fairness and model performance?

A.Retrain the model using a balanced dataset
B.Remove all protected attributes from the training data
C.Post-process model outputs to adjust for demographic parity
D.Apply adversarial debiasing during training
AnswerD

Adversarial debiasing reduces bias by learning non-discriminatory representations.

Why this answer

Adversarial debiasing is the best approach because it directly optimizes the model to reduce bias during training while preserving predictive accuracy. It uses an adversarial network that tries to predict the protected attribute from the model's predictions, forcing the main model to learn representations that are less correlated with that attribute. This allows the bank to keep protected attributes in the data (as required by the ethics committee) while actively mitigating bias.

Exam trap

CompTIA often tests the misconception that simply removing protected attributes (Option B) is sufficient to eliminate bias, when in reality proxy features and correlated variables can perpetuate discrimination.

How to eliminate wrong answers

Option A is wrong because retraining on a balanced dataset only addresses representation bias (e.g., equal numbers of approved/rejected loans across groups) but does not remove the underlying biased correlations learned from historical lending practices; it may also reduce model performance by discarding real-world data distributions. Option B is wrong because removing all protected attributes does not eliminate bias—correlated features (e.g., zip code, income) can act as proxies for race or gender, leading to indirect discrimination, and the ethics committee explicitly wants to keep protected attributes. Option C is wrong because post-processing adjusts outputs after the model is trained, which can improve demographic parity but often at the cost of significant accuracy loss and does not address bias embedded in the model's internal representations.

19
MCQhard

Refer to the exhibit. Which model is NOT in full compliance with the policy?

A.ChurnPredict v1
B.FraudDetect v4
C.CreditScorer v2
D.LoanApproval v3
AnswerC

CreditScorer v2 is explicitly granted an exception, meaning it does not need to comply.

Why this answer

CreditScorer v2 is listed in the exceptions, meaning it is not required to meet the policy requirements.

20
Multi-Selectmedium

Which THREE are key principles of trustworthy AI according to the OECD?

Select 3 answers
A.Profitability
B.Robustness
C.Transparency
D.Scalability
E.Accountability
AnswersB, C, E

Robustness ensures AI systems perform reliably under varied conditions.

Why this answer

Transparency, accountability, and robustness are three of the five OECD principles (along with inclusive growth and human-centred values). Profitability and scalability are not principles.

21
Multi-Selecthard

Which THREE of the following are key components of an AI governance framework?

Select 3 answers
A.Cloud infrastructure configuration
B.Model accuracy benchmarks
C.Risk assessment and mitigation plans
D.Transparency and explainability policies
E.Data management and privacy controls
AnswersC, D, E

Essential for identifying and managing AI risks.

Why this answer

Options A, B, and D are correct because risk assessment, data management, and transparency are core pillars. Option C is wrong because model accuracy is a performance metric, not a governance component. Option E is wrong because cloud infrastructure is deployment, not governance.

22
MCQmedium

A manufacturing company uses a predictive maintenance AI system to schedule equipment repairs. The system was trained on sensor data from machinery. Recently, the system has been missing failures, leading to unexpected downtime. An investigation reveals that the sensor data from one plant has been corrupted due to a sensor malfunction. The corrupted data was used in retraining. The company needs to restore system accuracy quickly. The data science team can access the training logs. What is the best course of action?

A.Roll back to the previous model version before the corrupt data was ingested, then clean the sensor data and retrain
B.Switch to a simpler linear regression model that is less sensitive to data quality issues
C.Retrain the model using all available data, including the corrupted sensor data
D.Apply a weight to sensor data from that plant to reduce its influence
AnswerA

Reverting removes the damage, cleaning ensures future data is correct, and retraining updates the model.

Why this answer

Option D is correct because reverting to the last good model and then cleaning the data ensures the corruption is removed. Option A is wrong because retraining with both corrupted and good data may not remove the influence. Option B is wrong because reweighting may not fully correct.

Option C is wrong because using a simpler model may not capture complex patterns.

23
Multi-Selectmedium

Which TWO of the following are common methods for mitigating bias in AI models?

Select 2 answers
A.Using adversarial training
B.Reweighting training samples based on sensitive attributes
C.Applying L1 regularization
D.Adding fairness constraints during training
E.Performing k-fold cross-validation
AnswersB, D

Reweighting can adjust for underrepresented groups to reduce bias.

Why this answer

Reweighting training samples based on sensitive attributes is a common pre-processing bias mitigation technique. It assigns higher weights to underrepresented groups or lower weights to overrepresented groups to balance the dataset, thereby reducing the model's reliance on biased correlations. This method directly addresses data-level bias before model training begins.

Exam trap

CompTIA often tests the distinction between bias mitigation techniques (pre-processing, in-processing, post-processing) and general ML best practices like regularization or cross-validation, leading candidates to confuse L1 regularization or k-fold cross-validation with fairness methods.

24
Multi-Selectmedium

Which THREE of the following are key components of an AI governance framework?

Select 3 answers
A.Regular auditing and monitoring for compliance.
B.Cloud-based deployment for scalability.
C.Ethical guidelines for AI development and deployment.
D.Explainability mechanisms for model decisions.
E.Model accuracy thresholds for production deployment.
AnswersA, C, D

Auditing ensures ongoing adherence to policies and regulations.

Why this answer

Regular auditing and monitoring for compliance (A) is a key component of an AI governance framework because it ensures that AI systems operate within legal, ethical, and organizational policies over time. Continuous monitoring detects drift, bias, or security violations, while audits provide evidence of adherence to standards such as ISO/IEC 42001 or internal governance rules. Without this, governance becomes a static policy with no enforcement or verification.

Exam trap

CompTIA often tests the distinction between governance components (policies, ethics, oversight) and operational or technical metrics (deployment, accuracy thresholds), leading candidates to confuse performance requirements with governance pillars.

25
MCQmedium

A financial institution uses an AI model to approve small business loans. The model has a high approval rate for women-owned businesses but low for minority-owned businesses. The compliance officer is concerned about disparate impact. Which governance process should be implemented first?

A.Remove gender and ethnicity features from the model
B.Conduct a bias audit and fairness assessment using relevant metrics
C.Publish the model's decision-making criteria to the public
D.Immediately adjust the approval threshold to equalize rates
AnswerB

An audit identifies the extent and sources of bias to inform remediation.

Why this answer

Option D is correct: a bias audit and fairness assessment should be conducted to quantify impact. Option A is wrong because without analysis, altering thresholds is arbitrary. Option B is wrong because equalizing rates may lead to reverse discrimination or mask root causes.

Option C is wrong because full disclosure may expose the company to liability without remediation.

26
MCQmedium

A team is deploying an AI model that predicts patient readmission risk. The model was trained on data from three hospitals but will be used in a fourth hospital with different patient demographics. What is the most important security risk to assess?

A.Data poisoning during training
B.Adversarial attacks that cause misclassification
C.Model inversion to extract patient data
D.Data breach of the inference API
AnswerB

The shift in demographics can make the model more vulnerable to adversarial examples that cause incorrect readmission predictions.

Why this answer

Using a model on data from a different distribution (population shift) can degrade performance, but from a security perspective, the main risk is adversarial attacks that exploit the model's unfamiliarity with new data. Model inversion and poisoning are training-time attacks; data breach is an operational risk but not specific to this scenario.

27
MCQhard

A company's AI governance board requires each model to have a model card documenting intended use, performance metrics, and limitations. What is the primary purpose of a model card?

A.To provide transparent documentation of model capabilities and limitations
B.To specify the exact training algorithm and hyperparameters
C.To outline a complete risk assessment framework
D.To serve as a legal contract between developers and users
AnswerA

They promote accountability and informed deployment.

Why this answer

Option B is correct because model cards communicate key information to stakeholders for informed use and transparency. Option A is wrong because model cards are not legal contracts. Option C is wrong because model cards are documentation, not training methodology.

Option D is wrong because they describe limitations but not a full risk assessment framework.

28
MCQhard

A self-driving car company is testing an AI model for pedestrian detection. During simulation, the model fails to detect pedestrians in low-light conditions. The safety team wants to improve robustness without retraining the entire model from scratch. Which approach is most appropriate?

A.Replace the convolutional layers with transformer layers to improve attention.
B.Apply data augmentation techniques to simulate low-light conditions in the training dataset.
C.Use adversarial training to add imperceptible perturbations to training images.
D.Increase the model's depth by adding more convolutional layers.
AnswerB

Data augmentation can expand the training data to include low-light scenarios, improving robustness without full retraining.

Why this answer

Option B is correct because data augmentation techniques, such as adjusting brightness, contrast, and adding noise, can synthetically create low-light training examples from existing data. This improves the model's robustness to low-light conditions without requiring a full retraining from scratch, as it directly addresses the distribution shift in the input data.

Exam trap

CompTIA often tests the distinction between improving robustness to natural distribution shifts (e.g., low-light) via augmentation versus defending against adversarial perturbations, causing candidates to mistakenly choose adversarial training for non-adversarial scenarios.

How to eliminate wrong answers

Option A is wrong because replacing convolutional layers with transformer layers would require significant architectural changes and likely full retraining, not a lightweight fix, and transformers are not inherently more robust to low-light conditions without specific training. Option C is wrong because adversarial training focuses on imperceptible perturbations that cause misclassification, which is a different problem (adversarial attacks) than natural low-light degradation; it does not simulate the global brightness reduction or noise patterns of low-light environments. Option D is wrong because increasing model depth by adding more convolutional layers does not address the specific data distribution shift (low-light) and may lead to overfitting or vanishing gradients without corresponding training data changes.

29
MCQhard

A large e-commerce company uses a recommendation engine trained on millions of user interactions. Recently, the marketing team noticed a sharp increase in click-through rates for a particular product category. Upon investigation, an engineer found that a competitor had injected fake user profiles that consistently clicked on their products, skewing the training data. The company needs to remediate the attack and prevent future occurrences. The team has limited time and budget. Which course of action should the company take first?

A.Identify and remove the fake user profiles from the training dataset, then retrain the model
B.Implement adversarial training to make the model robust to future poisoning attempts
C.Decrease the frequency of model retraining to limit exposure to new data
D.Add differential privacy noise to the training data to mask the injected profiles
AnswerA

This directly eliminates the poisoned data and restores model accuracy.

Why this answer

Option A is correct because removing the injected data and retraining directly removes the poison and restores model integrity. Option B is wrong because adversarial training focuses on evasion attacks, not poisoning. Option C is wrong because adding noise does not remove existing poisoned data.

Option D is wrong because reducing retraining frequency does not address the attack and could allow more damage.

30
MCQeasy

Refer to the exhibit. A security auditor identifies a critical vulnerability that could allow an attacker to manipulate model inputs to cause misclassification. Which configuration setting is most directly responsible for this vulnerability?

A.enable_input_sanitization = true
B.audit_level = basic
C.enable_adversarial_defense = false
D.pii_detection = enabled
AnswerC

Disabling adversarial defense leaves the model vulnerable.

Why this answer

Option C (enable_adversarial_defense = false) is correct because adversarial defense specifically prevents input manipulation. Option A (enable_input_sanitization = true) helps but is not specific. Option B (audit_level = basic) is for logging.

Option D (pii_detection = enabled) is for privacy.

31
MCQeasy

An AI development team is building a system to detect fraudulent transactions. They want to ensure the model complies with regulations requiring that individuals can question automated decisions. Which governance element is most relevant?

A.Right to explanation
B.Model versioning
C.Differential privacy
D.Data minimization
AnswerA

Right to explanation allows individuals to question and understand automated decisions.

Why this answer

The right to explanation is a key element of AI governance, requiring that individuals be given a reason for automated decisions. This directly relates to the scenario.

32
MCQeasy

A financial institution is implementing an AI-based fraud detection system. The compliance officer is concerned about potential bias in the model that could lead to unfair treatment of certain customer groups. Which governance practice should be prioritized to address this concern?

A.Increase the diversity of the training data by collecting more samples from underrepresented groups.
B.Schedule regular bias audits using fairness metrics.
C.Retrain the model every month with the latest transaction data.
D.Use SHAP values to provide explanations for each prediction.
AnswerB

Bias audits with metrics like demographic parity can detect unfair treatment and guide mitigation.

Why this answer

Regular bias audits using fairness metrics (Option B) are the correct governance practice because they provide a systematic, quantitative method to detect and measure disparate impact across protected groups. Unlike simply collecting more data, audits directly evaluate model outputs for statistical parity, equal opportunity, or other fairness definitions, enabling the institution to identify and remediate bias proactively. This aligns with regulatory expectations for ongoing monitoring and accountability in AI governance.

Exam trap

CompTIA often tests the distinction between interpretability (explaining a single prediction) and fairness (systematic bias across groups), leading candidates to mistakenly choose SHAP values (Option D) as a bias mitigation technique when it is only an explanation tool.

How to eliminate wrong answers

Option A is wrong because merely increasing training data diversity does not guarantee fairness; the model can still learn biased correlations from the data or amplify existing societal biases, and without fairness metrics, there is no way to measure whether the outcome is equitable. Option C is wrong because retraining monthly with the latest transaction data addresses model drift and concept drift, not bias; bias can persist or even worsen with new data if the underlying data generation process remains biased. Option D is wrong because SHAP values provide local interpretability for individual predictions but do not measure or mitigate systemic bias across groups; they explain why a specific decision was made, not whether the model treats groups fairly overall.

33
MCQmedium

After deploying a model for fraud detection, the data scientist observes a steady decline in precision over two months. Which issue is most likely occurring?

A.Data drift
B.Concept drift
C.Model overfitting
D.Adversarial attack
AnswerB

Precision decline indicates that the model's decision boundary is no longer optimal, a sign of concept drift.

Why this answer

Concept drift occurs when the statistical properties of the target variable change over time, reducing prediction accuracy.

34
MCQhard

A security researcher demonstrates that by adding small perturbations to an image of a stop sign, an autonomous vehicle's AI misclassifies it as a speed limit sign. This is an example of which type of attack?

A.Data poisoning attack
B.Model extraction attack
C.Adversarial example attack
D.Membership inference attack
AnswerC

Adversarial examples are crafted inputs with perturbations that fool the model.

Why this answer

Adding small perturbations to input to cause misclassification is a classic adversarial example attack, which falls under evasion attacks (adversarial machine learning). Poisoning alters training data, extraction steals model parameters, and inference determines membership.

35
MCQeasy

Which principle ensures that AI decisions can be traced back and understood by humans?

A.Transparency
B.Privacy
C.Robustness
D.Accountability
AnswerA

Transparency ensures that AI processes are open and understandable.

Why this answer

Transparency refers to the ability to explain and understand how an AI system reached a decision.

36
MCQmedium

A healthcare organization deploys an AI system to analyze medical images and detect anomalies. During a routine audit, the security team discovers that the AI model occasionally returns results that include data from patients who have opted out of data sharing. Which security control should be implemented to prevent this violation?

A.Apply data anonymization techniques to the training dataset.
B.Implement role-based access control (RBAC) on the AI model's inference API.
C.Use differential privacy during model training.
D.Encrypt the training data at rest and in transit.
AnswerA

Anonymization removes personally identifiable information, ensuring that the model cannot output data linked to specific patients.

Why this answer

Option B is correct because data anonymization ensures that patient identities are removed from training data, preventing re-identification of opt-out patients. Option A is incorrect because access control does not address data already in the model. Option C is incorrect because encryption protects data in transit/rest but does not prevent data leakage from model outputs.

Option D is incorrect because differential privacy adds noise to queries but does not directly remove specific patient data from model results.

37
Multi-Selectmedium

Which TWO of the following are effective techniques for detecting bias in an AI model?

Select 2 answers
A.Fairness metrics such as equal opportunity difference
B.Feature importance scores
C.Confusion matrix on the entire dataset
D.Cross-validation accuracy
E.Disparate impact analysis
AnswersA, E

Quantifies specific fairness criteria.

Why this answer

Options A and B are correct because disparate impact analysis measures outcome differences across groups, and fairness metrics quantify bias. Option C is wrong because cross-validation assesses generalization, not fairness. Option D is wrong because confusion matrices for all groups can reveal bias but are less direct than metrics designed for fairness.

Option E is wrong because feature importance may not directly reveal bias.

38
MCQeasy

A bank deploys an AI system to approve loan applications. During testing, the model denies a disproportionate number of applicants from a particular demographic group, even after controlling for credit history. Which ethical principle is being violated?

A.Transparency
B.Privacy
C.Accountability
D.Fairness
AnswerD

Fairness requires equal treatment across demographic groups; the observed disparity indicates bias.

Why this answer

Option B is correct because fairness requires that AI systems do not discriminate against protected groups. Option A is wrong because transparency is about explainability, not bias. Option C is wrong because accountability refers to responsibility for outcomes, not the specific bias issue.

Option D is wrong because privacy concerns data protection, not discrimination.

39
MCQmedium

A credit union uses an AI model to approve personal loans. The model was trained on historical data from the past five years. A recent internal review shows that the model approves loans predominantly for white applicants compared to other ethnicities, even when income and credit scores are similar. The credit union wants to comply with fair lending laws without significantly reducing overall approval rates. The data science team has access to the training data. What is the most appropriate remediation step?

A.Apply a fairness constraint that penalizes the model for disparate impact
B.Discontinue the AI model and use manual approval for all loans
C.Resample the training data to ensure balanced representation of ethnicities
D.Adjust the approval threshold so that approval rates are equal across ethnic groups
AnswerC

Resampling addresses the root cause by balancing training data.

Why this answer

Option B is correct because resampling (oversampling minority groups or undersampling majority) can balance the representation and reduce bias. Option A is wrong because equalizing rates without addressing data bias may not be sustainable. Option C is wrong because skipping the model is not practical.

Option D is wrong because simple reweighting may not correct complex biased patterns.

40
MCQhard

Refer to the exhibit. A security engineer is reviewing an AI access control policy. Which of the following is the most significant security weakness in this policy?

A.The policy allows access from a wide private IP range
B.The policy does not require multi-factor authentication
C.The policy grants 'audit_log' access to data scientists
D.The policy does not limit the number of inference requests
AnswerD

Unlimited inference invites model extraction or denial-of-wallet attacks.

Why this answer

Option D is correct because no restrictions are placed on the number of inference requests, allowing potential model extraction attacks. Option A is wrong because auditors need audit_log access for compliance. Option B is wrong because the policy correctly restricts to corporate IP ranges.

Option C is wrong because MFA is required, which is a strong control.

41
MCQmedium

Refer to the exhibit. An auditor reports that the model's fairness check was bypassed in a recent deployment. Based on the policy, what is the most likely cause?

A.The auditor role lacks 'evaluate' permission
B.Data scientist role has deploy permission, allowing deployment without fairness validation
C.Fairness check threshold is set to 0.8, which is too low
D.External_user role can perform inference, which triggers unfair predictions
AnswerB

The deploy permission may bypass the fairness check if not enforced.

Why this answer

Option B (Data scientist role has deploy permission, allowing deployment without fairness validation) is correct. The policy shows fairness_check required, but if the deployment process does not enforce it, the data scientist could bypass it. Option A (Auditor lacks evaluate) is unrelated to deployment.

Option C (Fairness threshold low) does not cause bypass. Option D (External user inference) is unrelated.

42
MCQmedium

A security analyst notices that an AI model used for facial recognition is returning unusually high confidence scores for certain individuals while consistently misidentifying others. Which type of attack is most likely occurring?

A.Data poisoning
B.Evasion attack
C.Model inversion attack
D.Model extraction attack
AnswerC

Inversion exploits confidence scores to infer private training data, often showing high confidence on seen data.

Why this answer

Option C is correct because a model inversion attack aims to reconstruct training data by exploiting confidence scores, leading to overconfidence on familiar data. Option A is wrong because poisoning corrupts training data, not inference behavior. Option B is wrong because evasion attacks craft adversarial inputs to cause misclassification, not systematic overconfidence.

Option D is wrong because extraction attacks steal model parameters through queries, not cause confidence anomalies.

43
MCQmedium

An organization implements the above access control policy for its AI model registry. During an audit, the auditor discovers that a data scientist deployed a model to production without authorization. Which of the following is the most likely cause?

A.The ML engineer role has approval required, but the manager approved the deployment
B.The time window condition blocked the deployment, but it was overridden by an administrator
C.The policy allows data scientists to deploy to staging, but they exploited a gap in enforcement to promote to production without the required approval
D.The auditor lacks 'deploy_to_production' permission, so they missed the deployment
AnswerC

The policy lacks technical enforcement of the role-based separation.

Why this answer

Option B is correct because the policy gives data scientists the 'deploy_to_staging' permission but not 'deploy_to_production', and the conditions include MFA but no separation of duties. However, the policy does not prevent a data scientist from manually copying the model to production if there is no technical control. The most likely cause is that the policy is not enforced by a technical mechanism, allowing the data scientist to bypass the intended restrictions.

44
MCQhard

A multinational corporation deploys an AI recruitment tool that must comply with GDPR's right to explanation. Which practice best ensures the tool meets this requirement?

A.Obtain explicit consent from candidates
B.Implement a system to output the key factors influencing each decision
C.Anonymize all candidate data before processing
D.Always have a human review the AI's recommendations
AnswerB

GDPR requires automated decisions to be explainable.

Why this answer

Option C is correct because providing meaningful information about the decision logic aligns with GDPR Article 22. Option A is wrong because anonymization is for privacy, not explanation. Option B is wrong because consent is for data processing, not explanation.

Option D is wrong because a human-in-the-loop is a safeguard but not a direct explanation.

45
Multi-Selecteasy

Which TWO of the following are common techniques to improve the transparency and interpretability of an AI model?

Select 2 answers
A.Generate SHAP (SHapley Additive exPlanations) values
B.Use differential privacy to add noise to training data
C.Implement a random forest algorithm
D.Use deep neural networks to increase model complexity
E.Apply LIME (Local Interpretable Model-agnostic Explanations)
AnswersA, E

SHAP values explain the contribution of each feature to predictions.

Why this answer

Options B and D are correct. SHAP values and LIME are model-agnostic interpretability methods. Option A is wrong because deep learning models are often black boxes.

Option C is wrong as random forest is a specific model, not a technique. Option E is wrong because differential privacy is for privacy, not interpretability.

46
MCQmedium

A security team discovers that an AI-based anomaly detection system frequently misclassifies benign network traffic as malicious when the source IP is from a specific geographic region. Which type of AI vulnerability is most likely being exploited?

A.Data poisoning
B.Model inversion
C.Adversarial evasion
D.Membership inference
AnswerC

Adversarial evasion manipulates input features to cause misclassification. The regional bias suggests crafted inputs bypassing detection.

Why this answer

The system's biased behavior due to geographic region indicates an adversarial attack that exploits the model's sensitivity to certain features. Data poisoning would require alteration of training data, model inversion extracts training data, and membership inference determines if a record was in training set. The scenario describes an evasion attack using adversarial examples to cause misclassification.

47
MCQmedium

A healthcare startup deploys an AI model to predict patient readmission rates. An internal audit reveals that the model consistently underestimates readmission risk for non-native English speakers. According to AI ethics principles, what is the most appropriate course of action?

A.Add a confidence score disclaimer to model outputs
B.Reduce the sample size of non-native English speakers to balance the dataset
C.Continue using the model as is, since overall accuracy is acceptable
D.Retrain the model with a more representative dataset that includes diverse language backgrounds
AnswerD

Retraining with balanced data addresses the root cause of bias.

Why this answer

Option C is correct because the issue stems from biased training data; retraining with balanced data and including diverse patient data can reduce bias. Option A is wrong as ignoring the issue is unethical and may violate regulations. Option B is wrong because post-hoc explanations do not fix the underlying bias.

Option D is wrong because reducing sample size may worsen bias.

48
MCQeasy

A security analyst is reviewing logs from an AI-powered recommendation system and notices an unusually high number of requests for products from a specific vendor. The analyst suspects data poisoning. Which mitigation strategy should be implemented first?

A.Encrypt all training data at rest
B.Deploy an anomaly detection system on model outputs
C.Retrain the model with a smaller, curated dataset
D.Implement input validation and sanitization for training data
AnswerD

Input validation prevents poisoned data from entering the training pipeline.

Why this answer

Option B is correct because input validation and sanitization help prevent malicious data from entering the training pipeline. Option A is wrong because encryption does not detect or prevent data poisoning. Option C is wrong because anomaly detection is reactive, not proactive.

Option D is wrong while retraining is part of the solution, the immediate step is to validate the input.

49
Multi-Selecteasy

Which TWO are common types of adversarial attacks on AI models?

Select 2 answers
A.Hyperparameter tuning
B.Transfer learning
C.Evasion attack
D.Backdoor attack
E.Data poisoning
AnswersC, E

Evasion attacks craft input perturbations to cause misclassification at test time.

Why this answer

Evasion attacks and data poisoning are well-known adversarial attack vectors.

50
MCQhard

Refer to the exhibit. An AI governance review finds that a model was deployed without required ethics approval. Based on the audit log, who is most responsible for the compliance failure?

A.Bob
B.Alice
C.Carol
D.System
AnswerA

Bob deployed the model without ethics approval.

Why this answer

Option B (Bob) is correct because he deployed the model without ethics approval. The log shows no approval step before deployment. Option A (Alice) trained the model but did not deploy.

Option C (Carol) performed the rollback after the issue. Option D (System) detected the anomaly but is not responsible.

51
MCQhard

A large hospital system deploys an AI triage system for emergency rooms. The system uses patient vitals and symptoms to recommend treatment priority. Six months after deployment, complaints arise that the system frequently underestimates the severity of symptoms for patients from certain ethnic backgrounds. A data scientist runs a bias audit and finds that the model's false negative rate is 20% higher for the minority group. The hospital's AI governance board requires immediate corrective action. The data science team has limited resources and cannot retrain the entire model from scratch. They have access to the training data, which is imbalanced. The model is a gradient boosted tree. Which course of action best addresses the bias while minimizing operational impact?

A.Rebalance the training data using SMOTE and retrain the model
B.Use adversarial debiasing during training to remove protected attribute correlations
C.Post-process the model's predictions by adjusting thresholds for the minority group
D.Replace the model with a simpler logistic regression model to improve interpretability
AnswerC

Threshold adjustment is fast, cheap, and directly minimizes false negative disparity.

Why this answer

Post-processing threshold adjustment is quick, does not require retraining, and directly reduces false negative disparities across groups.

52
MCQmedium

An AI model's performance drops significantly in production compared to testing. The data shows distribution shift. What is the best first step?

A.Add more features
B.Retrain model with new data
C.Use a different algorithm
D.Reduce model complexity
AnswerB

Retraining with current data addresses drift.

Why this answer

Option B (Retrain model with new data) is correct because retraining with more representative data adapts to distribution shift. Option A (Add more features) may not address the shift. Option C (Change algorithm) is a larger change without addressing data.

Option D (Reduce model complexity) might worsen performance.

53
MCQmedium

An e-commerce company uses an AI system to set dynamic prices for products. A customer complains that the price they see is higher than the price shown to a friend for the same product at the same time. The company wants to ensure pricing fairness. Which ethical principle should guide the redesign of the pricing algorithm?

A.Transparency and explainability
B.Privacy by design
C.Accountability
D.Beneficence
AnswerA

Transparency requires the company to disclose how prices are determined, helping to ensure fairness and build trust.

Why this answer

Transparency and explainability is the correct principle because the core issue is that the customer cannot understand why the AI system set a different price for them compared to their friend. Redesigning the algorithm to provide clear, understandable reasons for price variations—such as demand, purchase history, or time of day—directly addresses this lack of visibility. This principle ensures that the system's decision-making process is open to scrutiny, which is essential for building trust and resolving fairness complaints in dynamic pricing models.

Exam trap

CompTIA often tests the distinction between 'accountability' (who is responsible) and 'transparency' (how the decision is made), leading candidates to pick accountability when the question explicitly asks for the principle that guides the redesign to ensure fairness through understanding.

How to eliminate wrong answers

Option B (Privacy by design) is wrong because the complaint is about price disparity and lack of understanding, not about how customer data is collected, stored, or protected. Option C (Accountability) is wrong because while accountability is important for assigning responsibility, it does not directly solve the customer's need to understand why the price differs; it focuses on who is responsible rather than making the algorithm's logic visible. Option D (Beneficence) is wrong because beneficence refers to doing good or maximizing benefits, but the immediate ethical failure here is the lack of clarity and justification for the pricing decision, not the absence of overall positive outcomes.

54
MCQhard

A research lab trains a language model using DP-SGD. What primary privacy risk does this technique mitigate?

A.Data poisoning attacks
B.Membership inference attacks
C.Adversarial patch attacks
D.Model inversion attacks
AnswerB

DP-SGD explicitly bounds the contribution of each datapoint, making membership inference harder.

Why this answer

DP-SGD limits the memorization of individual training records, preventing reconstruction attacks.

55
MCQmedium

You are an AI governance officer at a bank that uses a machine learning model to predict credit risk. The model was developed by an external vendor and uses a proprietary algorithm. The bank's compliance team has determined that the model must be explainable to meet regulatory requirements. However, the vendor claims the model is a 'black box' and cannot provide explanations. You need to ensure compliance while maintaining the model's performance. What is the best course of action?

A.Ignore the requirement as the model is proprietary
B.Ask the vendor to develop a custom explanation module
C.Replace the model with a simpler, interpretable model
D.Use a model-agnostic explanation technique like SHAP
AnswerD

SHAP provides explanations for any model, satisfying regulatory needs.

Why this answer

D is correct because model-agnostic explanation techniques like SHAP (SHapley Additive exPlanations) can provide post-hoc interpretability for any black-box model without requiring access to its internal structure or proprietary algorithm. This allows the bank to meet regulatory explainability requirements while preserving the vendor's proprietary model and its predictive performance.

Exam trap

The trap here is that candidates may assume that a 'black box' model cannot be explained at all, leading them to choose replacement with a simpler model (Option C), when in fact model-agnostic techniques like SHAP or LIME can provide explanations without altering the model itself.

How to eliminate wrong answers

Option A is wrong because ignoring regulatory requirements is not a viable option for a financial institution; it would lead to non-compliance and potential penalties. Option B is wrong because asking the vendor to develop a custom explanation module would require the vendor to modify their proprietary algorithm, which they have stated is a 'black box' and cannot provide explanations, making this request impractical and likely impossible. Option C is wrong because replacing the model with a simpler, interpretable model would sacrifice the predictive performance that the current model provides, which may be critical for accurate credit risk assessment.

56
MCQmedium

Which AI governance framework is specifically designed by the U.S. National Institute of Standards and Technology (NIST) to help organizations manage AI risks?

A.ISO/IEC 27001
B.COBIT
C.NIST AI Risk Management Framework
D.GDPR
AnswerC

NIST AI RMF is the U.S. standard for AI risk management.

Why this answer

NIST AI Risk Management Framework (AI RMF) is a comprehensive framework for AI risk assessment and mitigation.

57
Multi-Selecthard

Which TWO techniques are specifically designed to protect individual privacy when training AI models?

Select 2 answers
A.Dropout
B.Model pruning
C.Differential privacy
D.Regularization
E.Anonymization
AnswersC, E

Differential privacy adds noise to training to prevent data leakage.

Why this answer

Differential privacy and anonymization are directly aimed at preserving privacy by limiting information leakage.

58
Multi-Selectmedium

Which TWO of the following are effective defenses against adversarial examples in AI systems?

Select 2 answers
A.Train the model with adversarial examples (adversarial training)
B.Use an ensemble of models and majority voting
C.Increase the model's sensitivity to input changes
D.Implement input sanitization and feature squeezing
E.Reduce model complexity through pruning
AnswersA, D

Adversarial training hardens the model against perturbations.

Why this answer

Options B and D are correct. Adversarial training and input sanitization/denoising are defenses. Option A is wrong because model compression may remove defenses.

Option C is wrong because increasing model sensitivity can make it more vulnerable. Option E is wrong because ensemble voting is not a direct defense against adversarial examples.

59
Multi-Selecthard

Which TWO of the following are effective defenses against adversarial evasion attacks on image classifiers?

Select 2 answers
A.Data augmentation
B.Gradient masking
C.Adversarial training
D.Input validation
E.Feature squeezing
AnswersB, C

Gradient masking obscures gradient information to prevent crafting adversarial examples.

Why this answer

Adversarial training and gradient masking (e.g., defensive distillation) are common defenses. Data augmentation helps generalization but not specifically against adversarial perturbations; feature squeezing reduces input complexity; input validation is generic.

60
MCQhard

A company uses a machine learning model to recommend products to customers. The marketing team notices that the model is recommending high-profit items more frequently than low-profit items, even when customers are likely to prefer the latter. This behavior is causing customer dissatisfaction. Which approach would best align the model with customer preferences while maintaining profitability?

A.Train the model with a loss function that weights profit more heavily than customer satisfaction.
B.Use a multi-objective optimization framework to balance profit and customer satisfaction.
C.Adjust the model's hyperparameters to reduce the influence of profit features.
D.Remove profit data from the training set and only use customer preference data.
AnswerB

Multi-objective optimization explicitly considers trade-offs between competing objectives, leading to more balanced recommendations.

Why this answer

Option D is correct because multi-objective optimization allows the model to balance multiple goals (e.g., profit and customer satisfaction) explicitly. Option A is incorrect because it still prioritizes profit, which may not address satisfaction. Option B is incorrect because it completely removes profit, which may harm business goals.

Option C is incorrect because it only adjusts profit weights without true multi-objective framework.

61
MCQeasy

An AI system in a self-driving car misinterprets a stop sign due to a small sticker placed on it. This is an example of which security vulnerability?

A.Supply chain attack
B.Model inversion attack
C.Adversarial example attack
D.Data poisoning attack
AnswerC

Small manipulation of input causes incorrect output.

Why this answer

Option A is correct because adversarial perturbations (stickers) cause misclassification. Option B is wrong because data poisoning corrupts training data, not inference. Option C is wrong because model stealing extracts model parameters.

Option D is wrong because supply chain attacks compromise components earlier.

62
Multi-Selecteasy

Which TWO are common attack vectors against AI systems? (Choose two.)

Select 2 answers
A.SQL injection
B.Cross-site scripting
C.Buffer overflow
D.Data poisoning
E.Adversarial examples
AnswersD, E

Corrupts training data.

Why this answer

Options B (Adversarial examples) and D (Data poisoning) are correct. Adversarial examples manipulate inputs to cause misclassification; data poisoning corrupts training data. Option A (SQL injection) is a traditional attack.

Option C (Buffer overflow) is a software vulnerability. Option E (Cross-site scripting) is a web attack.

63
MCQmedium

A company deployed an AI chatbot that started generating offensive responses after a data update. The security team needs to quickly mitigate the issue. What should they do first?

A.Delete the training data
B.Disable the chatbot and investigate
C.Roll back to previous model version
D.Add a content filter
AnswerB

Immediate containment and then investigation.

Why this answer

Option A (Disable the chatbot and investigate) is correct because immediate action to stop harm is critical, then root cause analysis. Option B (Roll back to previous model version) might work if the update caused it, but disabling first is safer. Option C (Add a content filter) may not catch all offensive responses.

Option D (Delete the training data) is irreversible and extreme.

64
MCQmedium

A healthcare AI system used for diagnosis shows a significant accuracy difference between demographic groups. Which technique should be applied to directly reduce this bias during model training?

A.Ignore the disparity as long as overall accuracy is acceptable
B.Retrain the model with more data from the underperforming group
C.Apply adversarial debiasing during training
D.Remove demographic attributes from the training data
AnswerC

Adversarial debiasing explicitly penalizes the model for encoding demographic information, reducing bias.

Why this answer

Adversarial debiasing is a training-time technique that forces the model to learn features uncorrelated with demographic attributes, directly reducing bias.

65
MCQeasy

An organization wants to ensure its AI systems comply with new regulations requiring explanations for automated decisions. Which governance practice is most directly relevant?

A.Implementing differential privacy
B.Deploying explainability tools
C.Conducting bias audits
D.Establishing an AI ethics board
AnswerB

Explainability tools generate explanations for individual decisions, meeting regulatory requirements.

Why this answer

Explainability tools (e.g., SHAP, LIME) provide post-hoc explanations for model decisions, directly addressing the requirement for explanations. The other options are important but not as directly relevant to providing explanations.

66
MCQhard

An organization uses an AI-based hiring tool. To prevent bias, they want to ensure the model's decisions are explainable. Which approach is most suitable?

A.Use reinforcement learning with fairness constraints
B.Use a simpler interpretable model like logistic regression
C.Use a black-box deep learning model with SHAP explanations
D.Use ensemble methods with feature importance
AnswerB

Simple models are inherently explainable.

Why this answer

Option D (Use a simpler interpretable model like logistic regression) is correct because simple models are inherently interpretable. Option A (Use a black-box deep learning model with SHAP) still lacks full interpretability. Option B (Use ensemble methods with feature importance) is complex.

Option C (Use reinforcement learning with fairness constraints) is hard to explain.

67
Multi-Selectmedium

Which THREE of the following are key principles of AI ethics as defined by major frameworks?

Select 3 answers
A.Transparency
B.Scalability
C.Accountability
D.Latency
E.Fairness
AnswersA, C, E

Transparency is about openness in AI systems' workings and decisions.

Why this answer

Transparency, fairness, and accountability are core principles across many AI ethics frameworks. Scalability and latency are technical performance metrics, not ethics.

68
MCQeasy

Which practice best ensures AI systems comply with regulations like GDPR?

A.Using open-source models only
B.Regular vulnerability scans
C.Data minimization and anonymization
D.Hiring more data scientists
AnswerC

Directly supports GDPR requirements.

Why this answer

Option C (Data minimization and anonymization) is correct because GDPR requires collecting only necessary data and protecting privacy. Option A (Regular vulnerability scans) is for security. Option B (Using open-source models only) does not guarantee compliance.

Option D (Hiring more data scientists) does not directly address compliance.

69
MCQeasy

Which ethical concern is most directly associated with AI systems that fully automate decision-making without human oversight?

A.Loss of human autonomy
B.Data storage costs
C.Job displacement
D.Environmental impact
AnswerA

Automated decisions remove human judgment, reducing autonomy and accountability.

Why this answer

Lack of human oversight can lead to ethical issues like biased decisions or unfair outcomes without recourse.

70
MCQhard

A social media company uses an AI content moderation system to filter hate speech. The system uses a natural language processing model trained on user reports. Recently, the model's false positive rate has increased, blocking legitimate posts. An internal audit reveals that a coordinated group of users has been falsely reporting harmless posts, causing the model to learn incorrect patterns. The company needs to address the attack and restore accuracy. The engineering team can modify the training pipeline. What is the most effective first step?

A.Redesign the training pipeline to incorporate a reputation system for reporting users
B.Increase the weight of non-reported posts to counteract the reported posts' influence
C.Apply adversarial training to make the model robust to crafted inputs
D.Retrain the model on a dataset that excludes all user-reported posts
AnswerA

A reputation system filters out malicious reports, preventing poisoning at the source.

Why this answer

Option D is correct because the attack exploits the reporting system; redesigning it to detect coordinated behavior reduces poisoning. Option A is wrong because retraining on non-reported data may not capture all necessary patterns. Option B is wrong because ignoring reported data removes a valuable signal.

Option C is wrong because adversarial training is not designed for this type of poisoning.

71
Multi-Selecteasy

Which TWO of the following are common threats to AI model security?

Select 2 answers
A.SQL injection
B.Data poisoning
C.Adversarial examples
D.Distributed denial-of-service (DDoS)
E.Phishing attacks
AnswersB, C

Malicious data inserted during training to corrupt model.

Why this answer

Options C and D are correct because adversarial examples and data poisoning are classic AI attacks. Option A is wrong because SQL injection targets databases, not models. Option B is wrong because phishing targets humans.

Option E is wrong because DDoS targets network availability.

72
MCQeasy

A cybersecurity analyst monitors an AI chatbot that frequently produces offensive responses when given specific prompts. The development team suspects an adversarial attack. Which mitigation strategy is most effective against such prompt injection attacks?

A.Retrain the model on a larger, curated dataset
B.Encrypt all communication between users and the chatbot
C.Reduce the model's number of parameters
D.Implement input validation and sanitization
AnswerD

Validating inputs can neutralize injection attempts.

Why this answer

Option C is correct because input validation and filtering can detect and block malicious prompts. Option A is wrong because retraining on clean data does not prevent injection attacks. Option B is wrong because reducing model size is unrelated.

Option D is wrong because encryption protects data in transit, not input processing.

73
MCQmedium

Refer to the exhibit. A security analyst reviews the monitoring log for an AI fraud detection model. Which of the following is the most likely cause of the multiple alerts?

A.Data poisoning of the training dataset
B.A network hardware failure
C.An adversarial attack attempt
D.A scheduled model retraining process
AnswerC

Multiple concurrent alerts indicate active probing or evasion.

Why this answer

Option B is correct because the combination of drift, high query rate, and degraded performance suggests an ongoing adversarial attack aimed at probing the model. Option A is wrong because data poisoning would have been detected earlier, not cause real-time drift. Option C is wrong because model retraining could cause temporary instability but not the specific query pattern.

Option D is wrong because network issues would cause latency but not feature drift or query rate anomalies.

74
MCQhard

A financial services firm deploys an AI system to screen loan applications. The model was trained on historical data that reflected biased lending practices. After deployment, a regulatory body investigates and finds that the model denies loans at a disproportionately higher rate to a protected demographic group. The firm must address this issue while maintaining compliance with fair lending laws. The Chief AI Officer proposes four possible actions. Which action is the most appropriate first step?

A.Retrain the model using a debiased dataset and implement fairness-aware algorithms, then validate with fairness metrics
B.Document the model's predictions and submit a report to the regulator explaining the historical dataset bias
C.Immediately deploy a rule-based system to manually review all denial decisions from the AI system
D.Disclose the bias findings to all rejected applicants and offer them priority reconsideration
AnswerA

This directly addresses the biased model and demonstrates a commitment to fairness.

Why this answer

Option C is the correct first step because it directly addresses the root cause (biased training data) and aligns with regulatory expectations. Option A is insufficient as it only documents without fixing. Option B may help but is premature before understanding the bias source.

Option D could expose the firm to further liability if the bias is systematic.

75
MCQmedium

An AI system used for resume screening is found to consistently rank male candidates higher than female candidates with similar qualifications. The HR director wants to remediate this bias without significantly reducing model accuracy. Which technique should be applied?

A.Apply adversarial debiasing to the model during training.
B.Use a random selection of candidates to avoid bias.
C.Remove the gender feature from the dataset and retrain.
D.Collect more training data from underrepresented groups.
AnswerA

Adversarial debiasing reduces bias by training the model to be unable to predict protected attributes from its predictions.

Why this answer

Adversarial debiasing is the correct technique because it directly addresses bias during training by introducing an adversarial network that attempts to predict the protected attribute (e.g., gender) from the model's predictions. The main model is trained to maximize accuracy while minimizing the adversary's ability to infer the protected attribute, thereby reducing bias without a significant drop in predictive performance. This approach is more effective than simple feature removal or data collection because it actively learns to remove correlations between the protected attribute and the output.

Exam trap

CompTIA often tests the misconception that simply removing the protected attribute (e.g., gender) from the dataset is sufficient to eliminate bias, but candidates must understand that bias can persist through correlated features (proxy discrimination).

How to eliminate wrong answers

Option B is wrong because random selection of candidates would destroy the model's predictive accuracy entirely, as it ignores all qualifications and job-relevant features, which is not a valid remediation technique. Option C is wrong because simply removing the gender feature does not eliminate bias; the model can still learn gender proxies from correlated features such as years of experience, education, or job titles, leading to indirect discrimination. Option D is wrong because collecting more data from underrepresented groups may improve representation but does not guarantee removal of existing bias in the model's decision boundary; it can even introduce new imbalances if not handled carefully, and it does not actively debias the training process.

Page 1 of 2 · 93 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Ai Security Ethics Governance questions.