CCNA Gcl Responsible Ai Governance Questions

75 of 125 questions · Page 1/2 · Gcl Responsible Ai Governance topic · Answers revealed

1
MCQhard

A large enterprise is deploying a generative AI system for automated contract review. The system must provide confidence indicators for its legal analysis. How should confidence indicators be implemented to maximize transparency?

A.Show the top-k most likely outcomes without probabilities
B.Provide a numerical confidence score between 0 and 1 for each conclusion
C.Display a binary pass/fail indicator for each analysis
D.Hide confidence indicators to avoid confusing users
AnswerB

Numerical scores allow users to calibrate trust and make informed decisions.

Why this answer

Option B is correct because providing a numerical confidence score between 0 and 1 for each conclusion directly quantifies the model's certainty, enabling users to assess the reliability of each legal analysis. This approach maximizes transparency by allowing legal professionals to calibrate their trust in the AI's output, which is critical for high-stakes contract review where false positives or negatives carry significant risk.

Exam trap

Cisco often tests the misconception that binary outputs (pass/fail) are sufficient for transparency, but the trap here is that binary indicators hide the model's uncertainty, which is exactly what confidence scores are designed to reveal in responsible AI deployments.

How to eliminate wrong answers

Option A is wrong because showing the top-k most likely outcomes without probabilities omits the crucial uncertainty information; users cannot gauge how much more likely one outcome is over another, which undermines transparency in legal decision-making. Option C is wrong because a binary pass/fail indicator oversimplifies the model's output, hiding the nuanced confidence levels that are essential for evaluating ambiguous contract clauses or borderline legal interpretations. Option D is wrong because hiding confidence indicators entirely defeats the purpose of transparency, leaving users with no insight into the model's reliability and potentially leading to blind trust or unwarranted skepticism.

2
Multi-Selectmedium

A company uses a generative AI model to produce financial reports. They want to ensure content safety and prevent the generation of harmful or misleading information. Which TWO Google Cloud features should they configure? (Choose 2)

Select 2 answers
A.Fine-tune the model on a dataset of approved financial reports
B.Log all prompts and responses in Cloud Logging
C.Enable Google's safety filters for hate speech, violence, and sexual content
D.Use SynthID to watermark all outputs
E.Configure custom content controls in Vertex AI to block financial misinformation
AnswersC, E

Safety filters automatically block prohibited content categories.

Why this answer

Option C is correct because Google's safety filters in Vertex AI provide built-in, configurable protections against hate speech, violence, and sexual content, directly addressing content safety requirements for generative AI outputs. These filters are part of Google's Responsible AI toolkit and can be enabled at the model deployment level to automatically block harmful content without requiring custom development.

Exam trap

The trap here is that candidates often confuse post-hoc logging (Option B) or watermarking (Option D) with proactive content safety controls, failing to recognize that only runtime filtering mechanisms like safety filters and custom content controls can prevent generation of harmful outputs.

3
MCQmedium

A financial institution wants to ensure compliance with GDPR when using a generative AI service that processes EU user data. Which measure is most directly required?

A.Disable logging of all interactions to minimize data retention
B.Implement a mechanism to obtain user consent before processing data
C.Store all prompts and responses in a US-based data center
D.Use a model trained only on non-EU data
AnswerB

GDPR mandates lawful basis for processing, with consent being a common basis.

Why this answer

GDPR requires explicit consent for processing personal data, making consent mechanisms a core requirement.

4
MCQmedium

A media company uses a generative AI model to create marketing images. They want to ensure that AI-generated images can be identified as synthetic. Which Google Cloud capability should they use?

A.SynthID
B.Cloud Vision API
C.Data Loss Prevention (DLP) API
D.Vertex AI Model Registry
AnswerA

SynthID applies invisible watermarks to AI-generated content for identification.

Why this answer

SynthID is Google DeepMind's technology for embedding invisible watermarks into AI-generated images, audio, text, and video, enabling identification of synthetic content.

5
Multi-Selecthard

A government agency is procuring a generative AI solution for public service information. They require that the system can provide explanations for its answers, protect citizen privacy, and comply with data residency laws. Which three capabilities should they mandate? (Choose three.)

Select 3 answers
A.Integration with social media APIs
B.Ability to generate images from text descriptions
C.Support for grounding with citations to source documents
D.Differential privacy during model training or fine-tuning
E.Configurable data residency controls to keep data within specific regions
AnswersC, D, E

Why this answer

Grounding (A) provides explainability through citations, data residency controls (C) ensure compliance with data location laws, and differential privacy (E) protects individual privacy during model training.

6
MCQeasy

A startup is using Vertex AI to build a generative AI application. They need to ensure that the AI-generated content does not contain hate speech or violence. Which service should they use?

A.Google's safety filters in Vertex AI
B.Datasheets for Datasets
C.SynthID
D.Model Cards
AnswerA

These filters can block harmful content categories at inference time.

Why this answer

Google's safety filters in Vertex AI are specifically designed to block harmful content such as hate speech and violence by evaluating model inputs and outputs against predefined safety categories. These filters operate at the API level, allowing developers to configure thresholds for blocking sensitive content, making them the direct solution for the startup's requirement to prevent AI-generated hate speech or violence.

Exam trap

Cisco often tests the distinction between documentation tools (Datasheets for Datasets, Model Cards) and active runtime safety mechanisms (safety filters), leading candidates to confuse transparency artifacts with operational guardrails.

How to eliminate wrong answers

Option B (Datasheets for Datasets) is wrong because it is a documentation framework for dataset transparency, not a runtime content moderation tool; it describes dataset characteristics but does not filter generated outputs. Option C (SynthID) is wrong because it is a watermarking technique for AI-generated images, not a safety filter for text content; it identifies synthetic media but does not block hate speech or violence. Option D (Model Cards) is wrong because they are standardized model documentation sheets that report model performance and limitations, not active filtering mechanisms; they inform users about model behavior but do not enforce content safety at inference time.

7
Multi-Selectmedium

A company is developing a generative AI application that must comply with GDPR. Which TWO actions are required? (Select two.)

Select 2 answers
A.Anonymize all training data to prevent any re-identification
B.Provide a mechanism for users to request deletion of their personal data
C.Obtain explicit consent from users before using their data to personalize responses
D.Use a model that has been pre-trained only on non-EU data
E.Store all user data in a centralized location for easier management
AnswersB, C

The right to erasure is a core GDPR requirement.

Why this answer

GDPR requires a lawful basis for processing personal data, such as user consent, and the right to erasure (right to be forgotten). Data subjects must be able to request deletion of their data.

8
MCQmedium

A company is fine-tuning a generative AI model on proprietary customer data. They are concerned about copyright and IP issues when using the model commercially. What is the BEST practice to mitigate these risks?

A.Apply SynthID to all generated content to prove origin
B.Only use data that is explicitly licensed for commercial use and document its provenance
C.Include a disclaimer on all outputs that the company is not liable for IP infringement
D.Use a model trained on publicly available data only
AnswerB

Properly licensed data with clear provenance protects against IP infringement claims.

Why this answer

Maintaining clear documentation of training data provenance and licensing is crucial for IP compliance, as recommended by Google's AI governance.

9
MCQeasy

Which of the following is a key Google AI Principle that directly addresses the need to avoid creating or reinforcing unfair bias?

A.Avoid creating or reinforcing unfair bias
B.Be accountable to people
C.Be built and tested for safety
D.Incorporate privacy design principles
AnswerA

This is one of the seven Google AI Principles, directly addressing bias.

Why this answer

Option A is correct because it is the exact wording of one of Google's seven AI Principles, which explicitly states the commitment to 'avoid creating or reinforcing unfair bias.' This principle directly addresses the need to mitigate bias in AI systems, such as ensuring training datasets are representative and algorithms do not perpetuate historical inequities. It is a foundational directive for responsible AI development, distinct from broader accountability, safety, or privacy concerns.

Exam trap

Cisco often tests the ability to distinguish between the specific wording of Google's AI Principles, where candidates may confuse 'avoid creating or reinforcing unfair bias' with the broader principle of 'be accountable to people' because both involve ethical considerations, but only the former directly names bias as the core issue.

How to eliminate wrong answers

Option B is wrong because 'Be accountable to people' is a separate Google AI Principle that focuses on ensuring AI systems provide opportunities for feedback, explanations, and human oversight, not specifically on avoiding or mitigating unfair bias. Option C is wrong because 'Be built and tested for safety' is another distinct principle that emphasizes rigorous safety testing and operational safeguards against harmful outcomes, but it does not directly address the creation or reinforcement of unfair bias. Option D is wrong because 'Incorporate privacy design principles' is a principle centered on data minimization, transparency, and user consent, which does not directly target the avoidance of unfair bias in AI models or datasets.

10
MCQmedium

A data scientist is evaluating a generative AI model for gender bias in its text outputs. They have a test set of 1,000 gender-neutral prompts. Which approach is MOST appropriate for measuring output bias?

A.Check the gender distribution of the training data
B.Use a toxicity classifier to flag any biased outputs
C.Analyze the gender of characters, roles, and pronouns in the model's completions
D.Ask the model to self-report its confidence in avoiding bias
AnswerC

This directly measures bias in outputs by comparing the distribution of gender associations in responses against expected balanced or fair distributions.

Why this answer

To measure bias, the test set should include prompts that are neutral in gender but may elicit biased responses. The correct approach is to analyze the gender of pronouns, roles, or descriptors in the model's completions.

11
MCQmedium

A company is using Vertex AI to fine-tune a large language model on proprietary customer support transcripts. The transcripts contain personally identifiable information (PII) such as names and email addresses. What is the BEST practice to comply with Google's AI Principles on privacy?

A.De-identify the transcripts by removing or masking PII before fine-tuning
B.Use a model that has already been trained on similar data to avoid fine-tuning
C.Obtain consent from all customers whose data appears in the transcripts
D.Fine-tune the model directly on the transcripts, as the model will not memorize exact data
AnswerA

De-identification minimizes privacy risk and aligns with privacy design principles.

Why this answer

Google's AI Principles include incorporating privacy design principles. The best practice is to de-identify the training data by removing or masking PII before fine-tuning, reducing privacy risk.

12
MCQeasy

What is the primary purpose of Google DeepMind's SynthID technology?

A.To remove harmful content from AI outputs
B.To encrypt AI-generated content for secure transmission
C.To improve the accuracy of generative AI models
D.To detect AI-generated content and identify the model that created it
AnswerD

SynthID embeds a digital watermark that can be detected later to verify content origin.

Why this answer

SynthID is an invisible watermarking tool for AI-generated content, enabling identification of synthetic images, audio, text, or video without altering the user experience.

13
MCQmedium

A generative AI model used for generating product descriptions occasionally outputs hateful content. The company wants a scalable solution to block such content without modifying the model. Which Google Cloud feature should they use?

A.Retraining the model with a more diverse dataset
B.Model Cards to document known biases
C.Custom content controls in Vertex AI
D.Datasheets for Datasets to improve training data quality
AnswerC

Vertex AI provides configurable safety filters that block harmful content like hate speech at inference time.

Why this answer

Google's safety filters are designed to block harmful content categories, including hate speech, and can be applied at inference time without retraining the model.

14
MCQmedium

A company is using a fine-tuned generative model to create marketing copy. They want to ensure that when the model references statistics, it provides citations to original sources. Which technique should they use?

A.Model tuning with citation data
B.Grounding by referencing source documents in the output
C.Chain-of-thought prompting
D.Confidence indicators
AnswerB

Grounding forces the model to cite sources, increasing trustworthiness.

Why this answer

Option B is correct because grounding by referencing source documents in the output directly ties the generated statistics to verifiable original sources, ensuring citation accuracy. This technique retrieves and cites specific passages from trusted documents, which is essential for responsible AI in marketing copy where factual claims must be traceable.

Exam trap

Cisco often tests the misconception that fine-tuning alone can enforce citation behavior, when in fact grounding via retrieval-augmented generation is the standard technique for source-attributed outputs.

How to eliminate wrong answers

Option A is wrong because model tuning with citation data would require a large, curated dataset of citation pairs and does not guarantee that the model will consistently output citations for every statistic; it may still hallucinate or omit citations. Option C is wrong because chain-of-thought prompting improves reasoning steps but does not inherently enforce citation of external sources; it can still generate unverified statistics. Option D is wrong because confidence indicators only show the model's self-assessed certainty, not actual source verification, and do not provide citations to original documents.

15
MCQhard

A hospital deploys a generative AI model to assist in diagnosing rare diseases. The model sometimes suggests treatments that are not widely accepted. To align with Google's AI Principle of being accountable to people, what should the hospital implement?

A.Provide confidence scores for each suggestion to help clinicians assess reliability
B.Implement a human override mechanism that allows clinicians to reject AI suggestions
C.Limit the model to only suggest treatments that appear in a predefined list
D.Conduct a retrospective audit of all AI suggestions monthly
AnswerB

An override mechanism ensures accountability by keeping humans in control of final decisions.

Why this answer

Option B is correct because Google's AI Principle of being accountable to people requires that AI systems remain under human control, especially in high-stakes domains like healthcare. A human override mechanism ensures that clinicians can reject AI suggestions that are not widely accepted, directly addressing the principle's emphasis on human oversight and responsibility for outcomes.

Exam trap

The trap here is that candidates often confuse transparency (confidence scores) with accountability, failing to recognize that accountability specifically demands human control and the ability to reject AI outputs, not just visibility into the model's reasoning.

How to eliminate wrong answers

Option A is wrong because providing confidence scores, while useful for transparency, does not fulfill the accountability principle's requirement for human control; it only informs the clinician without enabling them to override the AI. Option C is wrong because limiting the model to a predefined list of treatments defeats the purpose of generative AI, which is to explore novel or rare disease treatments, and may lead to missed diagnoses or suboptimal care. Option D is wrong because retrospective audits, though valuable for monitoring, do not provide real-time human oversight; accountability requires the ability to intervene at the point of decision, not just after the fact.

16
MCQhard

A government agency is deploying a generative AI system to assist in processing visa applications. The system must be transparent about its limitations and provide clear indications of its confidence in each recommendation. Which approach BEST addresses explainability and accountability?

A.Only allow the system to output binary decisions (approve/reject) to reduce confusion
B.Train the model to always output high confidence to reassure decision-makers
C.Use a random subset of applications to be reviewed by humans only, without any AI input
D.Provide confidence scores alongside each recommendation and include disclaimers about the system's limitations
AnswerD

Confidence scores allow humans to gauge reliability, and disclaimers set appropriate expectations, supporting accountable use.

Why this answer

Option D is correct because it directly addresses explainability by providing confidence scores, which quantify the model's certainty, and accountability by including disclaimers about system limitations. This aligns with responsible AI principles that require transparency in automated decision-making, especially in high-stakes domains like visa processing where users must understand the system's reliability and potential biases.

Exam trap

Cisco often tests the misconception that explainability is solely about output format (e.g., binary vs. continuous) rather than about uncertainty communication and limitation disclosure, leading candidates to pick Option A or B as 'simpler' solutions.

How to eliminate wrong answers

Option A is wrong because binary decisions (approve/reject) without confidence or uncertainty quantification obscure the model's limitations, reducing transparency and potentially leading to false trust or misinterpretation of borderline cases. Option B is wrong because training the model to always output high confidence is a form of overconfidence calibration that misrepresents the model's true predictive uncertainty, violating the principle of honest communication and undermining accountability when errors occur. Option C is wrong because using a random subset for human-only review does not address explainability or accountability for the AI system itself; it merely avoids the issue by removing AI involvement, failing to provide any mechanism for understanding or auditing the AI's recommendations.

17
Multi-Selecthard

A healthcare organization wants to use generative AI for clinical decision support. They must comply with regulatory requirements for high-risk AI systems. Which THREE measures should they implement? (Choose 3)

Select 3 answers
A.Implement a human-in-the-loop review for all AI-generated recommendations
B.Provide clear documentation on the system's purpose, performance, and limitations
C.Conduct periodic risk assessments to identify potential harms
D.Use a model that has been fine-tuned on proprietary hospital data
E.Deploy the system on-premises only to ensure data privacy
AnswersA, B, C

High-risk AI systems require human oversight to ensure safety and accountability.

Why this answer

Human oversight, risk management, and transparency are key regulatory requirements for high-risk AI systems.

18
MCQhard

A research team is fine-tuning a large language model on a dataset containing personal data of EU citizens. They must comply with GDPR. Which measure is ESSENTIAL?

A.Ensure the training data is stored in a specific geographic region
B.Obtain explicit consent from individuals for using their data in fine-tuning
C.Use a Model Card to document the training data
D.Apply safety filters to the model outputs
AnswerB

Consent is a fundamental requirement under GDPR for processing personal data.

Why this answer

Under GDPR, processing personal data requires a lawful basis; explicit consent is essential when no other basis (e.g., legitimate interest) clearly applies, especially for fine-tuning where data is used to train a model that may memorize and regenerate personal information. Without consent, the processing is unlawful, exposing the team to significant fines and regulatory action. This is a foundational requirement that overrides technical measures like storage location or documentation.

Exam trap

Cisco often tests the distinction between legally required measures (like consent) versus best-practice technical controls (like Model Cards or safety filters), leading candidates to pick a technically sound but legally insufficient option.

How to eliminate wrong answers

Option A is wrong because GDPR does not mandate a specific geographic region for storage; it allows data transfers to third countries under adequacy decisions or appropriate safeguards (e.g., Standard Contractual Clauses), so storage location alone is not essential. Option C is wrong because a Model Card is a best practice for transparency and documentation but is not a legal requirement under GDPR; it does not provide a lawful basis for processing personal data. Option D is wrong because safety filters address output harms (e.g., toxicity, bias) but do not address the legality of using personal data for training; they are a post-hoc mitigation, not a prerequisite for lawful processing.

19
MCQmedium

A startup is developing an AI tool that generates legal contract summaries. Lawyers will use these summaries for advice. What human oversight mechanism is MOST critical for responsible deployment?

A.Require lawyers to review and approve each AI-generated summary before use
B.Provide a confidence score for each summary but allow lawyers to bypass it
C.Use a second LLM to verify the first LLM's summaries automatically
D.Automatically flag summaries that contain low-confidence indicators for review
AnswerA

In legal contexts, AI outputs must be reviewed by qualified professionals to prevent erroneous advice.

Why this answer

Option A is correct because in high-stakes domains like legal contract summarization, the AI output must be validated by a qualified human expert before use. This ensures accountability and mitigates risks of hallucinated clauses or misinterpretations that could lead to legal liability. A confidence score or automated flagging alone is insufficient because even high-confidence outputs can contain subtle errors that only a trained lawyer can catch.

Exam trap

Cisco often tests the misconception that automated verification (e.g., a second LLM or confidence scoring) is sufficient for high-stakes AI outputs, when in fact only human expert review provides the necessary accountability and domain-specific validation.

How to eliminate wrong answers

Option B is wrong because allowing lawyers to bypass the confidence score undermines the oversight mechanism; if a lawyer can ignore the score and use the summary without review, the safeguard is effectively disabled. Option C is wrong because using a second LLM for verification introduces correlated failure modes—both LLMs may share similar training data biases or hallucination patterns, providing no independent check. Option D is wrong because automatically flagging low-confidence summaries for review still permits high-confidence but erroneous summaries to go unchecked, and the flagging threshold may miss subtle legal inaccuracies that do not trigger low-confidence indicators.

20
MCQmedium

A financial services company uses a generative AI model to produce customer-facing investment advice. They need to ensure the model's outputs can be traced back to specific sources. Which explainability technique is BEST suited for this requirement?

A.Confidence indicators
B.Model Cards
C.Chain-of-thought reasoning
D.Grounding (citing sources)
AnswerD

Grounding ensures every output can be traced to a specific source document or data point, meeting traceability needs.

Why this answer

Grounding (citing sources) is the best technique because it directly links each generated output to specific, verifiable source documents or data points. This ensures traceability, which is critical for regulated financial advice where every claim must be attributable to a known reference, such as a regulatory filing or market data feed.

Exam trap

Cisco often tests the misconception that chain-of-thought reasoning provides traceability, but it only explains the model's reasoning path, not the external source of the information.

How to eliminate wrong answers

Option A is wrong because confidence indicators only provide a probabilistic score (e.g., 0.95) for the model's certainty, not a traceable source citation. Option B is wrong because Model Cards are documentation artifacts that describe a model's intended use, performance, and limitations, but they do not provide per-output source attribution. Option C is wrong because chain-of-thought reasoning reveals the model's internal step-by-step logic but does not cite external sources; it can even generate plausible but false reasoning paths (hallucinations) without grounding.

21
MCQmedium

A research team uses a generative AI model to analyze historical texts. They want to provide users with insight into the model's reasoning process. Which explainability technique should they implement?

A.Chain-of-thought reasoning
B.Grounding
C.Confidence indicators
D.Safety filters
AnswerA

Chain-of-thought reveals the intermediate steps of reasoning, making the model's process transparent.

Why this answer

Chain-of-thought reasoning provides step-by-step explanations of how the model arrived at its conclusion, enhancing transparency.

22
MCQmedium

A media company wants to use a generative AI model to create marketing copy that includes citations to original sources. Which feature should they enable to ensure the model provides accurate attributions?

A.Confidence indicators
B.Grounding
C.Chain-of-thought reasoning
D.Safety filters
AnswerB

Grounding enables the model to reference and cite specific sources, ensuring attribution and factual accuracy.

Why this answer

Grounding allows the model to cite sources, improving explainability and trustworthiness by connecting outputs to verifiable information.

23
MCQmedium

A company plans to commercially use images generated by a text-to-image model. What should they check to avoid copyright issues?

A.The training data provenance and the model's license terms
B.The model's accuracy on standard benchmarks
C.The model's latency and throughput
D.The model's bias evaluation results
AnswerA

Provenance and license terms indicate whether the generated content may infringe copyright.

Why this answer

Option A is correct because copyright issues arise from the training data and the model's license. The training data provenance determines if the model was trained on copyrighted works without permission, and the license terms specify whether commercial use is allowed. Without checking both, the company risks infringing on original creators' rights.

Exam trap

Cisco often tests the misconception that technical performance metrics (accuracy, latency, bias) are relevant to legal compliance, when in fact copyright issues hinge on data provenance and licensing.

How to eliminate wrong answers

Option B is wrong because model accuracy on standard benchmarks (e.g., FID score, CLIP score) measures image quality and alignment, not copyright compliance. Option C is wrong because latency and throughput are performance metrics for deployment, unrelated to legal or copyright considerations. Option D is wrong because bias evaluation results address fairness and ethical concerns, not copyright ownership or licensing.

24
MCQmedium

A social media company uses a generative AI to moderate user comments. They need to filter hate speech, violence, and sexual content. What is the most efficient way to implement content safety in Vertex AI?

A.Hire human moderators to manually review all comments
B.Use a third-party API for content moderation
C.Train a custom content classifier from scratch using Vertex AI AutoML
D.Use Google's pre-built safety filters provided with Vertex AI
AnswerD

Safety filters are designed to detect hate speech, violence, and sexual content out of the box.

Why this answer

Option D is correct because Google's pre-built safety filters in Vertex AI are specifically designed for content moderation tasks like hate speech, violence, and sexual content detection. They are immediately available, require no custom training, and integrate directly with Vertex AI's generative AI workflows, making them the most efficient choice for a social media company needing rapid deployment.

Exam trap

Cisco often tests the misconception that custom training (AutoML) is always better for domain-specific tasks, but here the pre-built filters are already optimized for the exact content categories needed, making custom training unnecessary and inefficient.

How to eliminate wrong answers

Option A is wrong because hiring human moderators is not efficient at scale; it introduces latency, high cost, and inconsistency, and does not leverage AI automation. Option B is wrong because using a third-party API introduces additional latency, cost, and potential data privacy concerns, and it does not integrate natively with Vertex AI's generative AI pipeline. Option C is wrong because training a custom content classifier from scratch using Vertex AI AutoML requires significant labeled data, time, and compute resources, which is inefficient compared to using pre-built, optimized safety filters.

25
MCQmedium

A healthcare startup is using a large language model (LLM) to generate discharge summaries. To comply with regulations, they need to ensure that a human reviews all AI-generated summaries before they are sent to patients. Which Google Cloud feature should they use to enforce this workflow?

A.Cloud Audit Logs
B.Vertex AI Human-in-the-Loop (HITL)
C.Vertex AI Model Registry
D.Vertex AI Evaluation Service
AnswerB

HITL enables configurable human review steps, ensuring every generated summary is checked by a qualified reviewer before release.

Why this answer

Human oversight is a key requirement for high-stakes AI systems. Vertex AI Human-in-the-Loop (HITL) provides a managed workflow to route predictions for human review, approval, or override before final output.

26
Multi-Selectmedium

A product manager wants to transparently communicate the capabilities and limitations of their new generative AI feature to stakeholders. Which THREE resources from the Responsible AI Toolkit should they use?

Select 3 answers
A.SynthID
B.PAIR Explorables
C.Model Cards
D.Datasheets for Datasets
E.People + AI Guidebook
AnswersC, D, E

Model Cards provide structured information about model capabilities and limitations.

Why this answer

Model Cards document model details, Datasheets for Datasets document data, and the People + AI Guidebook provides best practices for communication. PAIR Explorables are for education, not documentation.

27
MCQeasy

An organization wants to use AI-generated images commercially. According to Google's AI principles and copyright guidelines, what should they do FIRST?

A.Assume all AI-generated content is copyright-free
B.Only use images generated by models trained on public domain data
C.Add a copyright symbol to all AI-generated images
D.Verify the training data provenance and licensing of the foundation model
AnswerD

Understanding the data used to train the model helps assess copyright risks.

Why this answer

The primary risk is copyright infringement from training data. Verifying that the model's training data was properly licensed is essential before using outputs commercially.

28
MCQmedium

A company develops a generative AI model for resume screening. They discover that the model is rejecting candidates from certain demographic groups disproportionately. Which step should they take first to address unfair bias?

A.Audit the training data for demographic representativeness
B.Reduce the model's complexity to avoid overfitting to biased patterns
C.Apply adversarial debiasing to the model
D.Collect more data from all demographic groups equally
AnswerA

Auditing the data is the first step to identify if bias stems from under- or over-representation of groups.

Why this answer

Before attempting to fix bias, it is essential to evaluate the training data for representativeness. Bias often originates from imbalanced or unrepresentative training data.

29
MCQeasy

Which Google Cloud offering allows you to create a machine-readable document that describes a model's intended use, performance, and limitations?

A.People + AI Guidebook
B.Vertex AI Model Registry
C.Datasheets for Datasets
D.Model Cards
AnswerD

Model Cards are the standard for documenting model details.

Why this answer

Model Cards are designed to provide transparent documentation of model behavior, including intended use, performance, and limitations.

30
MCQmedium

A company wants to use AI-generated images commercially. They are concerned about copyright and IP issues. Which action should they take FIRST to mitigate legal risk?

A.Conduct a freedom-to-operate search each time an image is generated
B.Add a watermark to all generated images using SynthID
C.Ensure the AI model's training data does not contain copyrighted material without permission
D.Purchase a commercial license for the AI platform
AnswerC

Training data provenance is key; if the model was trained on copyrighted works, outputs may be derivative and require licenses.

Why this answer

Option C is correct because the foundational legal risk in AI-generated imagery stems from the training data. If the model was trained on copyrighted works without permission, any output—even a novel image—can be considered a derivative work, exposing the company to infringement claims. Addressing the training data's compliance is the first and most critical step, as downstream mitigations (like watermarks or licenses) cannot retroactively fix an unlawfully trained model.

Exam trap

Cisco often tests the misconception that purchasing a commercial license or adding a watermark is sufficient to avoid copyright liability, when in fact the primary legal risk originates from the training data's compliance with copyright law.

How to eliminate wrong answers

Option A is wrong because conducting a freedom-to-operate search after each generation is impractical at scale and legally insufficient; copyright law does not require a search for infringement, and the output's similarity to training data is often non-obvious, so a search cannot reliably detect latent infringement. Option B is wrong because adding a watermark (e.g., SynthID) only identifies the image as AI-generated but does not address the underlying copyright status of the training data or the output; it is a transparency tool, not a legal risk mitigator. Option D is wrong because purchasing a commercial license for the AI platform typically covers the platform's own IP rights (e.g., the model weights) but does not indemnify the user against third-party copyright claims arising from the training data; many licenses explicitly disclaim such liability.

31
MCQhard

A multinational corporation deploys a generative AI chatbot for customer support in the EU. They must ensure compliance with GDPR regarding user data used for fine-tuning. Which data governance practice is REQUIRED?

A.Store user data only in the EU region to comply with data residency requirements
B.Obtain explicit consent from users for their data to be used in fine-tuning
C.Implement a mechanism to delete specific user data from the fine-tuning dataset upon user request
D.Anonymize all user data before using it for fine-tuning
AnswerC

GDPR's right to erasure requires the ability to delete personal data; this includes data used in training sets.

Why this answer

Under GDPR, users have the right to erasure (Article 17), which requires that their data be deleted upon request. For a generative AI chatbot fine-tuned on user data, this means the organization must have a mechanism to remove specific user data from the training dataset, as the model may have memorized that data. Option C directly addresses this right-to-deletion requirement, making it the mandatory practice.

Exam trap

Cisco often tests the distinction between recommended best practices (like anonymization) and mandatory legal requirements (like the right to deletion), leading candidates to pick a privacy-enhancing but non-mandatory option such as anonymization.

How to eliminate wrong answers

Option A is wrong because GDPR does not mandate data storage solely within the EU; it allows transfers to third countries with adequate safeguards (e.g., Standard Contractual Clauses), so regional storage is not a strict requirement. Option B is wrong because explicit consent is one lawful basis for processing, but GDPR also permits legitimate interest or contractual necessity for fine-tuning, so consent is not always required. Option D is wrong because anonymization is a recommended privacy technique but not a mandated practice; GDPR requires data minimization and purpose limitation, but does not force anonymization before fine-tuning.

32
MCQeasy

A healthcare AI application provides diagnostic suggestions based on patient data. To comply with Google's AI Principles, which practice should be implemented?

A.Use a simpler model that is less accurate but easier to explain
B.Limit the model's output to only the most common diagnoses to reduce risk
C.Include a human-in-the-loop review for all diagnostic suggestions before finalizing
D.Deploy the model directly to production without human review to maximize speed
AnswerC

Human oversight is required for high-stakes AI decisions to ensure safety and accountability.

Why this answer

Google's AI Principles require accountability and safety, especially in high-stakes domains like healthcare. Human oversight ensures that AI suggestions are reviewed by qualified professionals before action is taken.

33
MCQhard

A healthcare organization deploys a generative AI model to assist in diagnosing rare diseases from medical images. To comply with the EU AI Act's requirements for high-risk AI systems, what is the MOST critical control they must implement?

A.Implement a human-in-the-loop review process with the ability to override AI recommendations
B.Use a model with a high F1 score to minimize the need for human review
C.Ensure the model is trained on synthetic data only to avoid privacy concerns
D.Deploy the model in a sandbox environment without real patient data
AnswerA

Human oversight and override mechanisms are required for high-risk AI systems under the EU AI Act.

Why this answer

The EU AI Act requires human oversight for high-risk AI systems, including the ability for humans to override or stop the system's decisions.

34
MCQmedium

A multinational corporation wants to deploy a generative AI chatbot for its global customer service. They must ensure that data residency requirements are met for EU customers, meaning all prompts and responses from EU users must be processed and stored within the European Union. Which Google Cloud capability should they use?

A.Implement Cloud Armor to block non-EU traffic
B.Use Cloud Data Loss Prevention (DLP) to mask EU data
C.Enable VPC Service Controls to restrict data flow
D.Configure data residency controls in Vertex AI to process and store data in a specific region
AnswerD

Vertex AI allows customers to select a region for data processing and storage, meeting data residency requirements.

Why this answer

Vertex AI allows you to configure data residency controls that ensure prompts and responses are processed and stored within a specific geographic region, such as the European Union. This directly meets the requirement for EU customer data to remain within EU boundaries, as it leverages Google Cloud's regionalization capabilities for AI workloads.

Exam trap

The trap here is that candidates often confuse network-level controls (like Cloud Armor or VPC Service Controls) with data residency controls, mistakenly thinking blocking traffic or creating perimeters ensures data stays in a region, when only explicit regional configuration in the AI service itself guarantees processing and storage location.

How to eliminate wrong answers

Option A is wrong because Cloud Armor is a web application firewall that blocks traffic based on IP addresses or security rules, but it cannot enforce data residency for processing and storage within a specific region; it only controls network access, not where data is stored or processed. Option B is wrong because Cloud Data Loss Prevention (DLP) is used to inspect, classify, and mask sensitive data, but it does not control the geographic location of data processing or storage; it operates on data already in a given location. Option C is wrong because VPC Service Controls create a security perimeter around Google Cloud resources to prevent data exfiltration, but they do not enforce data residency for Vertex AI model inference or storage; they control access boundaries, not regional processing constraints.

35
MCQhard

An AI research lab wants to publish a model card for their new generative AI model. According to Google's Responsible AI practices, which information is ESSENTIAL to include in the model card?

A.The exact architecture and hyperparameters used
B.The intended use, performance metrics, and known limitations
C.A list of all training hardware and software versions
D.The names and salaries of the development team
AnswerB

Model Cards standard practice includes intended use, evaluation results, and limitations to inform users and mitigate misuse.

Why this answer

Model Cards should disclose intended use, performance metrics, and known limitations to promote transparency and accountability.

36
MCQmedium

A company uses Vertex AI to deploy a generative model for customer support. They need to ensure that the model does not produce harmful content when responding to user queries. Which of the following is the MOST effective approach?

A.Instruct customers to report harmful responses for future model updates
B.Prompt the model to 'be safe' and rely on its training to avoid harmful content
C.Use Vertex AI's safety filters and adjust safety settings per category
D.Review all responses manually before sending to customers
AnswerC

Safety filters are designed to block harmful content across categories; they are the recommended mechanism.

Why this answer

Vertex AI's safety filters and adjustable safety settings are the built-in, most effective way to block harmful content. The other options are either insufficient or place undue burden on users.

37
MCQmedium

A financial institution is deploying a generative AI model to recommend investment strategies. They must ensure the model's outputs are explainable to clients and regulators. Which approach BEST meets this requirement?

A.Apply differential privacy to the training data
B.Aggregate model outputs across multiple runs to reduce variance
C.Use a larger model with more parameters to improve accuracy
D.Implement chain-of-thought prompting and cite sources for each recommendation
AnswerD

Chain-of-thought reveals the reasoning path, and citations ground outputs in verifiable data, satisfying explainability requirements.

Why this answer

Explainability in GenAI can be achieved by grounding outputs in verifiable sources and showing the reasoning process. Chain-of-thought reasoning provides step-by-step logic, making recommendations auditable.

38
MCQhard

A company is building a generative AI application that will generate marketing copy. They want to ensure that the content does not contain hate speech, violence, sexual content, or dangerous instructions. Which Google Cloud feature should they enable?

A.Configure safety filters and custom content controls in Vertex AI
B.Use the People + AI Guidebook to design prompts
C.Enable Model Card generation in Vertex AI
D.Implement a human review loop for all outputs
AnswerA

Vertex AI provides safety filters and custom controls to block harmful categories.

Why this answer

Google's safety filters are designed to block harmful content categories. Vertex AI provides custom content controls to adjust thresholds. The other options are for different purposes.

39
Multi-Selecthard

A company wants to deploy a generative AI application that must comply with both Google's AI Principles and the EU AI Act. Which THREE practices should they adopt?

Select 3 answers
A.Use the largest possible model for best accuracy
B.Use data minimization and purpose limitation to respect privacy
C.Implement human oversight for high-risk decisions
D.Deploy safety filters to block harmful content
E.Disable logging to minimize data retention
AnswersB, C, D

Aligns with Google's privacy design principles and GDPR/EU AI Act.

Why this answer

Option B is correct because data minimization and purpose limitation are core requirements under both the EU AI Act (Article 10 on data governance) and Google's AI Principles (Privacy and Security). In generative AI, this means training and inference should use only the minimum necessary data, with clear constraints on how data is processed, to reduce privacy risks and comply with regulatory mandates.

Exam trap

Cisco often tests the misconception that 'bigger models are always better' and that 'disabling logging reduces compliance risk,' when in fact both practices conflict with regulatory requirements for transparency, accountability, and risk management.

40
MCQeasy

Which Google Cloud tool allows you to document the intended use, training data, and evaluation results of a machine learning model to promote transparency?

A.PAIR Explorables
B.Model Cards
C.Datasheets for Datasets
D.People + AI Guidebook
AnswerB

Model Cards specifically document model details including intended use, training data, and evaluation results.

Why this answer

Model Cards are designed to provide transparent documentation of ML models, including intended use, training data, and evaluation results.

41
MCQmedium

A data scientist observes that their text generation model frequently uses gender stereotypes when generating job descriptions. Which responsible AI practice should be applied FIRST to address this issue?

A.Fine-tune the model on a dataset with more male-dominated job descriptions
B.Apply SynthID watermarking to the generated content
C.Increase the number of safety filters to block all gender-related content
D.Evaluate the model's outputs for bias using a diverse test set that includes gender-neutral prompts
AnswerD

Evaluating bias with diverse test sets helps quantify the problem and guide mitigation efforts.

Why this answer

Option D is correct because the first step in addressing model bias is to evaluate and measure the bias using a diverse, representative test set. This diagnostic step identifies the specific types and severity of gender stereotypes before any mitigation technique is applied, ensuring that subsequent interventions are targeted and effective. Without this evaluation, any corrective action risks being misapplied or introducing new biases.

Exam trap

Cisco often tests the principle that evaluation must precede mitigation, tempting candidates to jump to a corrective action (like fine-tuning or filtering) without first diagnosing the problem.

How to eliminate wrong answers

Option A is wrong because fine-tuning on more male-dominated job descriptions would reinforce, not reduce, gender stereotypes by amplifying the existing skew in the training data. Option B is wrong because SynthID watermarking is a technique for tracking AI-generated content provenance, not for detecting or mitigating bias in model outputs. Option C is wrong because blocking all gender-related content is an overly aggressive filter that would remove legitimate, neutral gender references and degrade the model's utility, while failing to address the underlying bias in the model's learned representations.

42
MCQeasy

According to Google's AI Principles, AI systems should be 'accountable to people.' What does this principle primarily require?

A.AI systems should always have a human monitor present during operation
B.The AI system should be able to explain all its decisions to end users
C.Organizations should provide avenues for feedback and recourse when AI systems cause harm
D.AI systems should be designed to maximize shareholder value
AnswerC

This directly aligns with the accountability principle.

Why this answer

Accountability means providing mechanisms for feedback and recourse when AI systems cause harm or make mistakes.

43
MCQeasy

A company wants to deploy a chatbot for customer support. To comply with the AI Principle of being 'accountable to people', which practice should they implement?

A.Provide human review for high-stakes decisions made by the chatbot
B.Allow the chatbot to escalate all conversations to human agents
C.Ensure the chatbot can override human agents' decisions
D.Disable logging of chatbot interactions to protect user privacy
AnswerA

Human review upholds accountability by allowing people to oversee and intervene when necessary.

Why this answer

Providing human oversight for high-stakes decisions ensures accountability, aligning with Google's AI Principle that AI systems should be accountable to people.

44
MCQhard

A company is using Vertex AI to fine-tune a language model on customer data. To comply with Google's privacy design principles, what should they do regarding the data used for fine-tuning?

A.Use data augmentation to create synthetic data and discard original data
B.Obtain explicit consent from users whose data is used for fine-tuning
C.Anonymize the data and publish it for public research
D.Retain all fine-tuning data indefinitely for model improvement
AnswerB

Consent ensures transparency and user control, aligning with privacy principles.

Why this answer

Option B is correct because Google's privacy design principles require that user data used for fine-tuning must be obtained with explicit consent, ensuring transparency and user control. This aligns with the 'User Control and Transparency' principle, which mandates that users should be informed and give consent before their data is used to train or fine-tune models like those on Vertex AI.

Exam trap

The trap here is that candidates often confuse 'anonymization' (Option C) with sufficient privacy protection, but Google's principles require explicit consent even for anonymized data when used for fine-tuning, as the model can still memorize patterns or be subject to re-identification attacks.

How to eliminate wrong answers

Option A is wrong because data augmentation creates synthetic data that may still retain patterns or correlations from the original data, and discarding original data does not absolve the need for consent; Google's principles require consent regardless of data transformation. Option C is wrong because anonymizing data and publishing it for public research violates the 'Data Minimization' and 'Purpose Limitation' principles, as the data is used beyond its original purpose without user consent. Option D is wrong because retaining fine-tuning data indefinitely violates the 'Data Minimization' principle, which requires data to be retained only as long as necessary for the stated purpose, and also conflicts with user consent terms.

45
MCQeasy

A company wants to ensure that AI-generated images can be traced back to their origin to prevent misuse. Which Google technology provides invisible watermarking for AI-generated content?

A.Datasheets for Datasets
B.SynthID
C.Model Cards
D.People + AI Guidebook
AnswerB

SynthID is specifically designed to watermark AI-generated content imperceptibly for traceability.

Why this answer

SynthID is Google DeepMind's technology for embedding invisible watermarks into AI-generated images, audio, text, and video.

46
Multi-Selectmedium

A fintech company is deploying a generative AI system that offers investment advice. To comply with regulations and Google's AI Principles, they need to ensure appropriate human oversight and transparency. Which two actions should they take? (Choose two.)

Select 2 answers
A.Use only synthetic data for training to avoid privacy issues
B.Allow the AI to execute trades automatically without human intervention
C.Require a human advisor to review and approve all AI-generated recommendations
D.Develop and publish a Model Card that describes the model's limitations and intended use
E.Disable logging of all interactions to maximize user privacy
AnswersC, D

Why this answer

Human review for high-stakes decisions (C) ensures accountability, and providing model cards (E) ensures transparency about capabilities and limitations.

47
MCQhard

A global company deploys a generative AI chatbot in the European Union. They must ensure compliance with GDPR regarding user data used for fine-tuning the model. What is the MOST important requirement they must fulfill?

A.Use only synthetic data for fine-tuning to avoid GDPR issues
B.Store all fine-tuned models only on US-based servers
C.Anonymize all data before fine-tuning, regardless of consent
D.Obtain explicit consent from data subjects for using their data in fine-tuning
AnswerD

Explicit consent is a lawful basis under GDPR for processing personal data, especially for secondary uses like fine-tuning.

Why this answer

Under GDPR, using personal data for fine-tuning a generative AI model constitutes a new processing purpose that requires a lawful basis. Explicit consent (Article 7 and Article 9) is the most robust basis when relying on consent, as it must be freely given, specific, informed, and unambiguous. Without explicit consent, the company risks violating data minimization and purpose limitation principles, even if other anonymization or storage measures are applied.

Exam trap

Cisco often tests the misconception that technical measures like anonymization or data localization can substitute for a proper lawful basis under GDPR, when in fact the lawful basis (such as explicit consent) is the foundational requirement that must be established before any processing begins.

How to eliminate wrong answers

Option A is wrong because synthetic data can still be derived from real personal data and may retain patterns that re-identify individuals; GDPR does not exempt synthetic data from compliance if it is generated from personal data. Option B is wrong because storing models on US-based servers does not address GDPR requirements—data transfer must comply with adequacy decisions or Standard Contractual Clauses (SCCs), and server location alone does not provide a lawful basis for processing. Option C is wrong because anonymization is a valid approach only if it is irreversible and meets the GDPR's anonymization standard (Recital 26); however, it does not replace the need for a lawful basis if the data was originally collected for a different purpose, and consent may still be required for the fine-tuning activity.

48
MCQmedium

A machine learning engineer notices that a generative AI model consistently produces outputs that reinforce gender stereotypes when describing occupations. What is the MOST likely cause?

A.The training data is not representative of diverse populations
B.The inference temperature is set too high
C.The model architecture is too small for the task
D.The prompt does not include enough context
AnswerA

Unrepresentative training data often leads to biased outputs, including gender stereotypes.

Why this answer

The most likely cause is that the training data is not representative of diverse populations. Generative AI models learn patterns, correlations, and biases directly from their training data; if the data over-represents certain demographics or occupations in stereotypical roles, the model will reproduce those associations. This is a well-documented failure mode in NLP models, where biased training data leads to biased outputs even when prompts are neutral.

Exam trap

Cisco often tests the distinction between inference-time parameters (like temperature) and training-data-driven biases, trapping candidates who confuse output randomness with systematic bias.

How to eliminate wrong answers

Option B is wrong because inference temperature controls the randomness of token sampling, not the content or bias of the outputs; a high temperature increases creativity but does not introduce or remove gender stereotypes. Option C is wrong because model architecture size affects capacity and performance, not the presence of bias; a larger model trained on the same biased data will still produce stereotypical outputs. Option D is wrong because while prompt context can steer outputs, the core issue of systematic gender stereotyping originates from the training data distribution, not from insufficient context in a single prompt.

49
MCQeasy

What is the primary purpose of SynthID, developed by Google DeepMind?

A.To improve the factual accuracy of AI-generated text
B.To automatically filter harmful content in AI outputs
C.To embed an invisible watermark in AI-generated content for identification
D.To reduce bias in training datasets
AnswerC

SynthID watermarks help trace the origin of AI-generated images, audio, or text.

Why this answer

SynthID is designed to embed invisible watermarks into AI-generated content to help identify its origin.

50
Multi-Selecthard

A multinational corporation is deploying a generative AI chatbot for customer support across Europe, Asia, and North America. The legal team requires compliance with GDPR for EU users, data residency controls, and the ability to audit prompts and responses for safety. Which THREE actions should the company take?

Select 3 answers
A.Store all user data in a central US data center for consistency.
B.Use Vertex AI with data residency controls to keep EU data within the EU.
C.Disable all logging for EU users to avoid GDPR complications.
D.Apply content safety filters via Vertex AI to block harmful content.
E.Enable prompt and response logging with user consent for all regions.
AnswersB, D, E

Vertex AI offers data residency controls to meet regulatory requirements like GDPR.

Why this answer

Option B is correct because Vertex AI offers data residency controls that allow organizations to specify where data is stored and processed, ensuring EU user data remains within the EU to comply with GDPR's data localization requirements. This is achieved through configuration settings that restrict data processing to specific regions, such as europe-west4, preventing cross-border data transfers without adequate safeguards.

Exam trap

Cisco often tests the misconception that GDPR compliance can be achieved by simply disabling logging or centralizing data, when in fact the regulation requires a combination of data residency, consent-based logging, and content safety controls to meet accountability and data protection obligations.

51
Multi-Selecthard

A company is developing a generative AI application that will be used by customers in the EU. To comply with the GDPR and the upcoming EU AI Act, which THREE measures should they implement? (Select 3)

Select 3 answers
A.Store and process all user data within the EU or in regions with adequacy decisions
B.Use only open-source models to ensure transparency
C.Automatically delete all user logs after 30 days
D.Provide users with the ability to obtain an explanation of the AI's decisions
E.Clearly inform users that they are interacting with an AI system
AnswersA, D, E

Data residency is a GDPR requirement for EU user data.

Why this answer

GDPR requires data residency/local processing (measures 1), explanation of AI decisions (right to explanation) (measure 3), and transparency about AI interaction (measure 5). The other options are not mandated by these regulations.

52
MCQmedium

A company wants to use a generative AI model to create marketing content that will be used commercially. They are concerned about copyright infringement from the model's training data. Which step should they take to mitigate this risk?

A.Use SynthID to watermark the content
B.Add a disclaimer that content is AI-generated
C.Review the model's training data provenance and ensure the model is trained on properly licensed or public domain data
D.Use only open-source models
AnswerC

Understanding data provenance helps assess copyright risk.

Why this answer

Reviewing the training data provenance and using models with appropriate licenses is critical. The other options either do not address the root cause or are insufficient.

53
Multi-Selectmedium

A data scientist is using Vertex AI to build a question-answering system. They want to use the Responsible AI toolkit to document and communicate the model's characteristics. Which TWO tools from the toolkit are MOST relevant? (Select two.)

Select 2 answers
A.Cloud DLP
B.TensorBoard
C.Model Cards
D.Datasheets for Datasets
E.Vertex AI Workbench
AnswersC, D

Model Cards provide standardized documentation of model behavior.

Why this answer

Model Cards document model performance, intended use, and limitations. Datasheets for Datasets document dataset creation and composition. Both are part of the Responsible AI toolkit for transparency.

54
Multi-Selectmedium

A machine learning engineer is using a generative AI model that occasionally outputs biased content. Which TWO actions should they take to address this issue?

Select 2 answers
A.Use a single test set for simplicity
B.Remove all safety filters to allow more freedom in outputs
C.Adjust the training data to be more representative of the target population
D.Increase the model's size to improve generalization
E.Evaluate the model outputs on diverse test sets to detect bias
AnswersC, E

More representative data reduces bias.

Why this answer

Evaluating bias with diverse test sets helps identify issues, and adjusting training data representativeness helps mitigate bias at the source.

55
MCQeasy

A data scientist is building a text generation model and wants to evaluate bias using diverse test sets. Which Google AI Principle is directly relevant to this practice?

A.Avoid creating or reinforcing unfair bias
B.Be built and tested for safety
C.Incorporate privacy design principles
D.Be socially beneficial
AnswerA

This principle mandates testing for bias with representative data.

Why this answer

The principle of avoiding creating or reinforcing unfair bias directly calls for evaluating and mitigating bias, including using diverse test sets.

56
MCQmedium

A researcher wants to detect whether text was generated by an AI model to identify potential misinformation. Which Google technology is specifically designed for this purpose?

A.Model Cards
B.PAIR Explorables
C.SynthID
D.Datasheets for Datasets
AnswerC

SynthID is designed to watermark and detect AI-generated content.

Why this answer

SynthID is a Google DeepMind technology specifically designed to watermark and detect AI-generated text, images, audio, and video. It embeds an imperceptible digital watermark directly into the output of generative models, allowing for reliable detection even after modifications like cropping or compression. This makes it the correct tool for identifying potential misinformation from AI-generated text.

Exam trap

The trap here is that candidates confuse documentation tools (Model Cards, Datasheets) or educational resources (PAIR Explorables) with active detection technologies, overlooking SynthID as the only option purpose-built for watermarking and identifying AI-generated content.

How to eliminate wrong answers

Option A is wrong because Model Cards are standardized documentation templates that disclose a model's intended use, performance, and limitations; they do not provide any detection or watermarking capability for AI-generated content. Option B is wrong because PAIR Explorables are interactive visualizations and tutorials created by Google's People + AI Research (PAIR) team to explain AI concepts, not a detection tool for AI-generated text. Option D is wrong because Datasheets for Datasets are structured documentation for datasets (e.g., provenance, bias, collection methods) and have no functionality to detect whether text was generated by an AI model.

57
MCQeasy

A product manager wants to communicate the limitations of a new generative AI feature to stakeholders. According to Google's People + AI Guidebook, what is the BEST approach?

A.Highlight only the successful use cases to build excitement
B.Provide clear examples of the AI's capabilities and failure modes
C.Promise that future versions will overcome all limitations
D.Share a technical paper detailing the model architecture
AnswerB

Transparency about both strengths and weaknesses builds trust and helps users apply the AI appropriately.

Why this answer

The People + AI Guidebook emphasizes setting appropriate expectations by clearly communicating what the AI can and cannot do.

58
Multi-Selecteasy

According to Google's AI Principles, which TWO of the following are core commitments? (Select 2)

Select 2 answers
A.Maximize shareholder value
B.Always use the largest model available
C.Achieve state-of-the-art performance on all benchmarks
D.Be built and tested for safety
E.Be socially beneficial
AnswersD, E

A core principle.

Why this answer

Option D is correct because Google's AI Principles explicitly commit to building and testing AI systems for safety, including conducting rigorous safety testing and implementing appropriate safeguards to mitigate risks such as bias, misuse, and unintended harm. This commitment ensures that AI systems are designed to avoid creating or reinforcing unfair outcomes and to operate reliably under foreseeable conditions.

Exam trap

Cisco often tests the misconception that AI principles prioritize technical excellence or business value over ethical commitments, leading candidates to select options like maximizing performance or using the largest model, which are not part of Google's core AI Principles.

59
Multi-Selectmedium

A data scientist is documenting a new dataset for a generative AI project. According to the Responsible AI toolkit, which TWO elements should they include in a Datasheet for Datasets?

Select 2 answers
A.The model architecture used to collect the data
B.The demographic composition of the data subjects
C.The hyperparameters of the model that will process the data
D.The intended use cases and limitations
E.The cost of acquiring the dataset
AnswersB, D

Demographic information helps identify potential biases.

Why this answer

Option B is correct because the Responsible AI toolkit's Datasheet for Datasets framework requires documenting the demographic composition of data subjects to identify potential biases and ensure fairness. This transparency allows downstream users to assess whether the dataset may lead to discriminatory outcomes in generative AI models, aligning with responsible AI principles.

Exam trap

Cisco often tests the distinction between dataset documentation (Datasheet for Datasets) and model documentation (Model Cards), so candidates mistakenly include model-specific details like architecture or hyperparameters instead of dataset-focused elements.

60
MCQmedium

A company wants to build a customer service chatbot that answers questions about their internal policy documents. The documents are updated monthly, and the team cannot afford to retrain a model each time. Which approach is MOST appropriate?

A.Fine-tune a base LLM on the policy documents monthly
B.Use Retrieval-Augmented Generation (RAG) with the policy documents indexed in a vector store
C.Train a custom model from scratch on the policy documents each month
D.Use a larger foundation model with a longer context window and paste all documents into each prompt
AnswerB

RAG retrieves relevant document chunks at query time, ensuring the chatbot always answers from the latest uploaded documents without any model retraining.

Why this answer

Retrieval-Augmented Generation (RAG) is the most appropriate approach because it allows the chatbot to answer questions based on the latest policy documents without retraining the underlying LLM. By indexing the documents in a vector store and retrieving relevant chunks at inference time, the system can incorporate monthly updates simply by re-indexing the new documents, making it cost-effective and scalable for frequently changing knowledge bases.

Exam trap

Cisco often tests the misconception that fine-tuning or retraining is necessary for domain-specific knowledge updates, when in fact RAG provides a more efficient and scalable solution for dynamic knowledge bases.

How to eliminate wrong answers

Option A is wrong because fine-tuning a base LLM monthly on the policy documents would be computationally expensive, time-consuming, and risks catastrophic forgetting of previous knowledge, making it impractical for frequent updates. Option C is wrong because training a custom model from scratch each month is prohibitively expensive and resource-intensive, requiring vast amounts of data, compute, and expertise, which is unnecessary when RAG can achieve the same goal with far less overhead. Option D is wrong because pasting all documents into each prompt would exceed the context window limits of even the largest models, leading to truncated inputs, high token costs, and degraded performance due to the model's inability to attend to such a large context effectively.

61
MCQhard

A multinational corporation uses Vertex AI to fine-tune a language model on proprietary customer data. They want to ensure that the fine-tuned model does not inadvertently memorize and regurgitate sensitive customer information. Which approach is most effective?

A.Regularly audit the model by prompting it with known sensitive phrases
B.Apply differential privacy techniques during fine-tuning
C.Use a smaller model to reduce memorization capacity
D.Train the model with a higher learning rate to reduce overfitting
AnswerB

Differential privacy provides a formal guarantee against memorization.

Why this answer

Differential privacy during training limits memorization by adding noise, making it much harder for the model to leak sensitive data from the training set.

62
MCQhard

A financial institution deploys a generative AI chatbot for customer inquiries. They must comply with the EU AI Act, which classifies their use as high-risk. What is a mandatory requirement under the Act?

A.Register the AI system with the European Data Protection Board (EDPB)
B.Obtain a CE marking for the training dataset
C.Retain logs of system behavior and human oversight for traceability
D.Conduct an annual bias audit using an external auditor
AnswerC

The EU AI Act mandates that high-risk AI systems keep logs to ensure traceability and allow for post-market monitoring.

Why this answer

The EU AI Act requires that high-risk AI systems maintain detailed technical documentation and logs for traceability and conformity assessment.

63
MCQmedium

A developer is using Vertex AI to deploy a generative AI model. They need to ensure that prompts and responses are logged for compliance but also want to minimize data retention. Which configuration is BEST?

A.Enable logging of both prompts and responses with a short retention period (e.g., 30 days)
B.Disable logging entirely to minimize data retention
C.Log everything indefinitely for maximum compliance
D.Log only prompts but not responses
AnswerA

Logs both sides and purges after retention period, balancing compliance and minimization.

Why this answer

Option A is correct because Vertex AI allows you to enable logging of both prompts and responses for compliance auditing, while configuring a short retention period (e.g., 30 days) directly minimizes data retention. This balances regulatory requirements with data minimization principles, as Vertex AI's logging configuration supports setting retention policies via Cloud Logging or the Model Registry.

Exam trap

The trap here is that candidates often assume disabling logging entirely is the best way to minimize data retention, overlooking that compliance mandates require logging, so the correct approach is to enable logging with a short retention period rather than eliminating logs.

How to eliminate wrong answers

Option B is wrong because disabling logging entirely violates compliance requirements that mandate audit trails for generative AI interactions, as many regulations (e.g., GDPR, HIPAA) require logging of AI system inputs and outputs. Option C is wrong because logging everything indefinitely maximizes data retention, which contradicts the goal of minimizing data retention and may violate data minimization principles under privacy regulations. Option D is wrong because logging only prompts without responses creates an incomplete audit trail, failing to capture the model's output for compliance review, which is often required for accountability and bias detection.

64
MCQeasy

A social media platform wants to use generative AI to moderate harmful content. They need to detect hate speech, violence, and sexual content. Which Google Cloud service provides pre-built filters for these categories?

A.Natural Language API with content moderation
B.Dialogflow CX
C.Vertex AI Matching Engine
D.Cloud Vision API
AnswerA

Natural Language API's content moderation feature can detect harmful text categories.

Why this answer

Google Cloud's Natural Language API includes content moderation models that can detect categories like hate speech, violence, and sexual content.

65
Multi-Selectmedium

A company is deploying a generative AI system for resume screening. They want to ensure fairness and avoid bias. Which TWO actions should they take? (Choose 2)

Select 2 answers
A.Evaluate the model's decisions across gender and ethnicity groups using a diverse test set
B.Ensure training data is representative of the candidate population
C.Apply SynthID watermarking to all generated decisions
D.Remove protected attributes like gender and race from training data
E.Use a larger model to improve accuracy
AnswersA, B

Bias evaluation across demographic groups is essential to detect unfair bias.

Why this answer

Evaluating bias with diverse test sets and ensuring representative training data are key steps to mitigate bias, as per Google's AI Principles.

66
MCQmedium

A company is using a generative AI model to automatically screen job applications. They want to ensure the model does not discriminate based on gender or ethnicity. Which of the following actions should they take as part of responsible AI?

A.Use a more powerful model to improve accuracy, as bias decreases with better performance
B.Blindly apply a fairness algorithm without understanding the context
C.Remove all demographic data from the training set to prevent the model from learning biases
D.Evaluate the model's hiring decisions for disparate impact across gender and ethnicity
AnswerD

Evaluating outcomes for disparate impact helps identify and address bias.

Why this answer

Evaluating the model's decisions for disparate impact using protected attributes is a key step in detecting and mitigating unfair bias.

67
MCQmedium

A company is using a generative AI model to screen job applications. They want to ensure compliance with Google's AI Principle of avoiding unfair bias. Which practice is most effective in mitigating bias during the screening process?

A.Use a pre-trained model without modification
B.Remove all demographic information from the resumes before processing
C.Audit the training data for demographic representativeness and evaluate the model using fairness metrics
D.Only allow human reviewers to see the top 10% of candidates
AnswerC

Proactive auditing and evaluation help identify and mitigate bias.

Why this answer

Option C is correct because auditing training data for demographic representativeness and evaluating the model using fairness metrics directly addresses the root causes of bias in generative AI systems. This practice aligns with Google's AI Principle of avoiding unfair bias by proactively identifying and mitigating imbalances in the data and measuring the model's performance across demographic groups using metrics like demographic parity or equal opportunity.

Exam trap

Cisco often tests the misconception that removing demographic features is sufficient to eliminate bias, but the trap here is that proxy variables and latent correlations in the data can still cause the model to discriminate indirectly.

How to eliminate wrong answers

Option A is wrong because using a pre-trained model without modification can propagate and amplify existing biases present in the training data, as the model may have learned skewed correlations from unrepresentative or biased datasets. Option B is wrong because simply removing demographic information from resumes does not eliminate bias; the model can still infer protected attributes from proxy features such as names, zip codes, or educational institutions, leading to indirect discrimination. Option D is wrong because only allowing human reviewers to see the top 10% of candidates does not mitigate bias in the initial AI screening; it merely shifts the decision point and can still reflect the model's biased rankings, while human reviewers may also introduce their own unconscious biases.

68
MCQeasy

Which Google DeepMind technology can be used to embed an invisible watermark into AI-generated images to help identify their origin?

A.SynthID
B.TensorFlow Privacy
C.PAIR Explorables
D.What-If Tool
AnswerA

SynthID embeds invisible watermarks into AI-generated images and audio.

Why this answer

SynthID is Google DeepMind's tool for watermarking AI-generated content. The other options are unrelated.

69
MCQeasy

Which tool from Google's Responsible AI toolkit is designed to document the intended use, performance, and limitations of a machine learning model?

A.PAIR Explorables
B.Datasheets for Datasets
C.People + AI Guidebook
D.Model Cards
AnswerD

Model Cards document model purpose, performance, and limitations.

Why this answer

Model Cards are the correct tool because they are specifically designed to document the intended use, performance metrics, and limitations of a machine learning model. This standardized documentation format, introduced by Google, provides transparency by detailing evaluation results across different conditions, intended use cases, and known biases, which is essential for responsible AI deployment.

Exam trap

Cisco often tests the distinction between tools that document datasets (Datasheets for Datasets) versus tools that document models (Model Cards), leading candidates to confuse the two when the question specifically asks about documenting a machine learning model.

How to eliminate wrong answers

Option A is wrong because PAIR Explorables are interactive articles and visualizations designed to help people understand and explore concepts in machine learning and AI, not to document a model's intended use, performance, and limitations. Option B is wrong because Datasheets for Datasets are focused on documenting the characteristics, collection process, and intended uses of datasets, not the machine learning model itself. Option C is wrong because the People + AI Guidebook is a set of design guidelines and patterns for building human-centered AI products, not a documentation tool for model specifications and limitations.

70
MCQmedium

A financial institution is deploying a generative AI chatbot to provide investment advice. According to regulatory requirements, high-stakes AI decisions must have human review. Which setup BEST satisfies this requirement?

A.Use a separate AI model to review the first model's outputs and flag issues
B.AI generates recommendations, but a human advisor must review and approve before any action, and can override the AI
C.AI provides advice directly to the customer with a disclaimer that it is not financial advice
D.Allow the AI to execute trades automatically, with an audit log for later review
AnswerB

This ensures human oversight with override capability, meeting regulatory expectations.

Why this answer

Option B is correct because it directly implements the regulatory requirement for human-in-the-loop (HITL) oversight in high-stakes AI decisions. In financial advisory contexts, regulations like the EU AI Act or SEC guidelines mandate that a qualified human advisor must review and approve AI-generated recommendations before any action is taken, ensuring accountability and the ability to override erroneous outputs.

Exam trap

Cisco often tests the distinction between 'human review' and 'human oversight' — candidates mistakenly think that an audit log or a disclaimer satisfies the requirement, but the trap is that regulators require proactive human approval before the action occurs, not after.

How to eliminate wrong answers

Option A is wrong because using a separate AI model to review outputs merely replaces one automated system with another, failing to satisfy the regulatory requirement for human review; this is a form of 'AI oversight of AI' that does not provide the necessary human accountability. Option C is wrong because a disclaimer does not constitute human review; the AI is still directly providing advice to the customer without any human intervention, which violates the requirement for high-stakes decisions. Option D is wrong because allowing the AI to execute trades automatically with only an audit log for later review is a 'human-out-of-the-loop' approach; post-hoc auditing does not prevent harm from occurring in real time, and regulators require proactive human approval before execution.

71
MCQmedium

A company is developing a generative AI application that will be used by customers in multiple countries, including those with strict data residency laws. How should they approach data governance?

A.Store all data in a single central data center to simplify management
B.Use a VPN to route data through compliant regions
C.Use data residency controls to keep data in specified regions
D.Anonymize all data before processing to avoid residency issues
AnswerC

Data residency controls ensure compliance by restricting data storage and processing to allowed locations.

Why this answer

Option C is correct because data residency controls, such as those provided by cloud providers (e.g., AWS Organizations SCPs, Azure Policy, or GCP Organization Policies), allow the company to enforce that data is stored and processed only within specified geographic regions. This directly addresses strict data residency laws by preventing data from leaving the jurisdiction, which is a fundamental requirement for compliance with regulations like GDPR or Brazil's LGPD. Unlike workarounds, this approach provides native, auditable enforcement at the infrastructure level.

Exam trap

Cisco often tests the misconception that technical workarounds like VPNs or anonymization can substitute for native data residency enforcement, when in fact only infrastructure-level controls provide the auditable, deterministic compliance required by law.

How to eliminate wrong answers

Option A is wrong because storing all data in a single central data center violates data residency laws that require data to remain within specific national or regional boundaries, and it does not provide any mechanism to segregate or control data flow based on user location. Option B is wrong because using a VPN to route data through compliant regions does not change the physical storage location of the data; it only masks the network path, and the data still resides in a non-compliant data center, which fails legal audits. Option D is wrong because anonymization is not a guaranteed solution for data residency; many regulations (e.g., GDPR) still apply to pseudonymized or anonymized data if re-identification is possible, and the data's physical location remains non-compliant unless stored in the required region.

72
MCQmedium

A startup develops a generative AI tool for legal document review. To ensure explainability, they want the model to cite specific clauses from source documents when making assertions. Which technique should they use?

A.Fine-tuning on legal documents with citation examples
B.Chain-of-thought prompting
C.Grounding using a retrieval system that provides source documents
D.Prompt engineering to ask for citations
AnswerC

Grounding forces the model to retrieve and cite actual source material, improving explainability.

Why this answer

Grounding in generative AI means the model cites verifiable sources for its outputs, which is essential for explainability in domains like law.

73
Multi-Selecthard

A company is deploying a generative AI model for medical diagnosis assistance. To comply with both Google's AI Principles and emerging regulations (e.g., EU AI Act), they must ensure appropriate human oversight. Which THREE measures should they implement?

Select 3 answers
A.Use a model with high confidence scores to bypass human review
B.Allow the AI to act autonomously for low-risk cases to reduce workload
C.Require a human clinician to review all AI-generated diagnoses before acting on them
D.Provide an override mechanism that allows the human to reject the AI's recommendation
E.Document the human-in-the-loop process and roles clearly
AnswersC, D, E

High-stakes decisions need human review.

Why this answer

Option C is correct because requiring a human clinician to review all AI-generated diagnoses before acting on them directly implements the human oversight mandate of Google's AI Principles (specifically the 'be accountable to people' principle) and the EU AI Act's requirement for high-risk AI systems to have meaningful human review. This ensures that the model's output is validated by a domain expert, mitigating risks of false positives or negatives that could harm patients.

Exam trap

The trap here is that candidates mistakenly believe high confidence scores or low-risk classifications can justify removing human oversight, but the exam tests that regulatory frameworks like the EU AI Act require human review for all high-risk AI outputs regardless of confidence or perceived risk level.

74
MCQhard

A company is required by the EU AI Act to ensure high-risk AI systems are transparent and auditable. They are using a proprietary model from a vendor. Which step is CRITICAL?

A.Implement custom safety filters on the model outputs
B.Ask the vendor to provide a Model Card and datasheets for the training data
C.Use a larger context window to capture all interactions
D.Train an internal model from scratch to replace the vendor model
AnswerB

Vendor-provided documentation is essential for transparency under the EU AI Act.

Why this answer

The vendor must provide documentation (e.g., model cards, datasheets) to enable transparency and audit. Auditing the vendor's training data is not possible without cooperation. The other options are internal measures that do not address vendor transparency.

75
Multi-Selectmedium

A company is deploying a generative AI system for medical diagnosis support. To comply with Google's AI Principles and regulatory requirements, which TWO actions are essential? (Select 2)

Select 2 answers
A.Implement a human-in-the-loop review for all diagnostic suggestions
B.Publish a Model Card for the model
C.Ensure the system complies with GDPR and other privacy regulations for patient data
D.Use SynthID to watermark all output
E.Use a larger model to improve accuracy
AnswersA, C

Essential for accountability in high-stakes decisions.

Why this answer

High-stakes medical decisions require human oversight (Principle: be accountable to people) and data privacy (Principle: incorporate privacy design principles). The other options are beneficial but not essential for compliance.

Page 1 of 2 · 125 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Gcl Responsible Ai Governance questions.