Pass the CompTIA SecAI+ CY0-001 Questions and answers with ExamsMirror

Basic Concept: AI-specific threat modeling requires consulting resources that catalogue adversarial attacks specifically developed for AI and ML systems. General cybersecurity frameworks may miss AI-unique attack vectors such as model inversion, data poisoning, and adversarial examples. CompTIA SecAI+ Study Guide identifies MITRE ATLAS as the authoritative source for AI system TTPs.

Why D is Correct: MITRE ATLAS provides a comprehensive, curated knowledge base of adversarial tactics, techniques, and procedures specifically targeting AI and ML systems, derived from real-world attack case studies. Analyzing ATLAS enables the architect to enumerate realistic AI-specific attacks applicable to the system being threat-modeled, which directly answers the question of which attacks can be performed.

Why A is Wrong: Using an LLM to map attack paths introduces uncertainty and potential hallucination risk. LLMs may generate plausible-sounding but inaccurate attack paths and cannot guarantee comprehensive coverage of AI-specific attack techniques.

Why B is Wrong: Quantifying risk of known vulnerabilities is a risk assessment step that occurs after identifying which attacks are possible. The architect must first identify attack possibilities before quantifying their risk impact.

Why C is Wrong: OWASP Top 10 covers web application vulnerabilities and, in its LLM edition, certain LLM-specific risks. However, MITRE ATLAS provides a more comprehensive and structured catalog of AI and ML-specific adversarial TTPs for systematic threat modeling.

Basic Concept: Different ML model architectures offer varying degrees of explainability. In cybersecurity, understanding why a model classified a log entry as malicious or benign is critical for analyst trust, investigation, and regulatory compliance. CompTIA SecAI+ covers model explainability under responsible AI and basic AI concepts.

Why C is Correct: Decision trees are inherently interpretable models that classify data through a series of transparent if-then rules. Every classification decision can be traced through the exact path of conditions that led to it, showing precisely which log entry features triggered the classification. Analysts can read and understand the decision path, making decision trees the gold standard for explainable ML classification in security applications where understanding the reason for a classification is as important as the classification itself.

Why A is Wrong: Large language models are complex transformer architectures with hundreds of billions of parameters. They function as black boxes — their internal decision-making processes are not human-interpretable, making them poor choices when explainability is the primary requirement.

Why B is Wrong: Neural networks are non-linear black box models. While they can achieve high classification accuracy, their multi-layer architecture makes it extremely difficult to explain why specific decisions were made in human-understandable terms.

Why D is Wrong: Generative adversarial networks are designed for generating synthetic data, not for classification tasks. They consist of competing generator and discriminator networks and are fundamentally unsuitable for log entry classification with explainability requirements.

Basic Concept: Generative AI produces natural language content based on input data. In a security operations context, triage involves rapidly understanding and prioritizing security events. Generative AI ' s strength lies in synthesizing information and producing readable summaries from complex data. CompTIA SecAI+ Study Guide covers generative AI applications in security operations.

Why C is Correct: Summarizing security findings by category is a natural application of generative AI in triage. The AI can process large volumes of alerts and security events, group them by type or severity, and generate concise natural language summaries that enable analysts to quickly understand the current threat landscape without reading individual alerts. This directly reduces triage time and cognitive load.

Why A is Wrong: Predicting the next attack target requires predictive analytics and threat intelligence correlation. While AI can assist with this, it is a forecasting task better suited to analytical ML models rather than generative AI, and it is a strategic intelligence function rather than a triage task.

Why B is Wrong: Statistical analysis for malicious code assessment uses mathematical and ML techniques to analyze code characteristics. This is a traditional ML classification task, not a generative AI application, and is performed during malware analysis rather than alert triage.

Why D is Wrong: Tagging malware using ML algorithms is a classification task that uses supervised ML models trained on malware features. It is a detection and classification function, not a generative AI triage application.

Basic Concept: End users are the employees who interact with AI systems daily and may inadvertently create compliance risks through their AI usage behaviors. Equipping users with clear guidance on acceptable and compliant AI use is the most effective way to reduce compliance violations at the user level. CompTIA SecAI+ Study Guide emphasizes policies and procedures as the foundational compliance tool for end users.

Why B is Correct: Policies and procedures directly inform end users of what AI-related behaviors are compliant, what is prohibited, and how to use AI tools safely and legally. Comprehensive AI usage policies covering acceptable use, data handling requirements, prohibited data inputs, and reporting obligations give users the knowledge they need to avoid compliance violations. Without clear policies, users cannot reliably identify compliant from non-compliant behavior.

Why A is Wrong: An AI center of excellence governs AI adoption at the organizational level, developing standards and approving use cases. While it benefits the organization overall, its governance activities are directed at organizational processes and technical standards rather than providing direct day-to-day compliance guidance to individual end users.

Why C is Wrong: Data loss prevention (DLP) technology automatically prevents the transmission of sensitive data through monitoring and blocking capabilities. While effective at preventing certain compliance violations technically, it cannot guide users on why certain behaviors are non-compliant or how to make compliant choices in situations DLP doesn ' t cover.

Why D is Wrong: MFA secures user authentication and prevents unauthorized account access. It is an identity security control that protects accounts, not a mechanism that helps users understand or comply with AI governance requirements.

Basic Concept: AI chatbots that generate non-answers — responses that do not actually address user questions — consume CPU resources for processing without delivering value. This can indicate the model is attempting to generate responses for queries outside its knowledge domain or confidence threshold. CompTIA SecAI+ Study Guide covers AI performance optimization and response quality management.

Why B is Correct: Implementing a response confidence level threshold allows the chatbot to recognize when it lacks sufficient confidence to provide a meaningful answer and respond accordingly, either with a helpful redirect or a clear indication that it cannot answer the query. This reduces the costly processing cycles spent generating poor-quality non-answers, lowers CPU utilization from failed response generation, and improves customer experience by setting appropriate expectations rather than returning unhelpful responses.

Why A is Wrong: Guardrails filter content for safety and policy compliance. They prevent harmful or out-of-policy responses but do not address the underlying issue of the model generating low-confidence non-answers to legitimate customer queries.

Why C is Wrong: Prompt logging records user inputs for analysis and auditing. While useful for identifying what types of questions cause non-answers, logging alone does not solve the problem or reduce CPU utilization from failed response generation.

Why D is Wrong: Cost monitoring tracks AI system expenditure. It can identify that costs are high due to excessive CPU usage but does not implement a solution to reduce the non-answer rate or improve response generation efficiency.

Basic Concept: Identifying AI-specific application vulnerabilities requires consulting a resource that has cataloged and documented the unique vulnerability types that affect AI systems, particularly LLMs. Different security standards serve different purposes, and selecting the right reference for AI application vulnerabilities is essential. CompTIA SecAI+ Study Guide references OWASP for AI application vulnerability guidance.

Why C is Correct: OWASP maintains the OWASP Top 10 for Large Language Model Applications, which specifically catalogs the most critical and common vulnerabilities in AI applications including prompt injection, sensitive information disclosure, excessive agency, insecure output handling, and training data poisoning. This AI-specific vulnerability list is the most directly relevant and accessible resource for a presentation on AI application vulnerabilities.

Why A is Wrong: ISO 27001 is a general information security management system standard covering broad organizational security controls. It does not specifically catalog AI application vulnerabilities or LLM-specific weakness categories.

Why B is Wrong: CWE catalogues software weakness types at a code and design level for traditional software. While some weaknesses apply to AI systems, CWE does not have a dedicated AI application vulnerability taxonomy comparable to the OWASP LLM Top 10.

Why D is Wrong: NIST RMF is a risk management framework providing guidance for managing and reducing information security risk. It is a process framework, not a vulnerability catalog, and does not list specific AI application vulnerability types suitable for a vulnerabilities presentation.

Basic Concept: Input manipulation attacks — including adversarial examples and prompt injection — alter inputs to cause AI systems to produce unintended, harmful, or inappropriate outputs. Defending against these attacks requires mechanisms that validate and constrain both inputs and outputs at runtime. CompTIA SecAI+ Study Guide identifies guardrails as the primary defense against input manipulation in AI systems.

Why D is Correct: Guardrails implement real-time validation and filtering of both incoming inputs and outgoing recommendations. They detect manipulated inputs that deviate from expected patterns, enforce content policies on outputs, and prevent the system from producing inappropriate recommendations regardless of how cleverly the input was crafted. Guardrails provide the most comprehensive and directly applicable defense against the described manipulation attack scenario.

Why A is Wrong: Cross-validation is a model evaluation technique that assesses how well a model generalizes to independent datasets during training. It measures predictive performance but does not provide runtime protection against input manipulation attacks on a deployed system.

Why B is Wrong: Feature regularization is a training technique that adds penalties to model weights to prevent overfitting. It improves generalization during training but does not inspect or validate inputs at inference time to detect manipulation.

Why C is Wrong: Feature scaling normalizes input feature values to a standard range for training efficiency. Like regularization, it is a preprocessing and training step that has no effect on defending against runtime input manipulation attacks on deployed systems.

Basic Concept: Dynamic Application Security Testing (DAST) tests running applications by sending various inputs to discover vulnerabilities. AI can significantly enhance DAST by intelligently generating diverse, targeted test payloads that traditional tools might miss. CompTIA SecAI+ covers AI augmentation of security testing methodologies.

Why C is Correct: Payload creation is highly suitable for AI automation during DAST. AI can generate diverse, contextually appropriate attack payloads such as SQL injection strings, XSS vectors, command injection attempts, and format string exploits tailored to the specific application ' s behavior observed during testing. AI can learn from the application ' s responses to previous payloads and generate increasingly targeted inputs, discovering vulnerabilities more efficiently than static payload databases.

Why A is Wrong: DDoS attacks are volume-based attacks designed to overwhelm network or application infrastructure. Automating DDoS during DAST is inappropriate as it would disrupt service availability rather than discover application security vulnerabilities, and it is harmful to legitimate operations.

Why B is Wrong: Data poisoning is an attack targeting AI/ML model training data integrity. It is relevant to securing AI systems but is not a DAST technique for testing web or software application security vulnerabilities during dynamic testing.

Why D is Wrong: Threat modeling is a structured analysis process performed before development or testing to identify potential threats and design appropriate countermeasures. It is a planning activity, not an attack technique that can be automated during dynamic application security testing.

Basic Concept: When API sessions or connections remain active and consuming resources after their intended operations have completed, they create resource leaks that progressively degrade system availability. Session lifecycle management is critical for maintaining AI system health. CompTIA SecAI+ Study Guide covers session management as an availability control for AI systems.

Why B is Correct: Enforcing session expiration ensures that external API sessions and connections are automatically terminated after a defined idle period or maximum duration. This prevents resource-consuming zombie sessions from accumulating and exhausting system memory, thread pools, or connection limits. The observed pattern — persistent unavailability that resolves temporarily with restart — is classic resource leak behavior from sessions that never close, making session expiration the direct fix.

Why A is Wrong: Token limits cap the number of tokens processed per request. While useful for controlling per-request resource consumption, they do not address the root cause of sessions persisting and consuming resources long after their operations complete.

Why C is Wrong: Increasing system memory defers the problem rather than solving it. The leak will eventually consume the additional memory too, requiring another restart. Addressing the root cause through session management is superior to scaling resources to accommodate the leak.

Why D is Wrong: MFA adds an additional authentication factor for users accessing the system. It is a security control for identity verification, not a mechanism for managing session lifecycle or preventing resource exhaustion from lingering sessions.

Basic Concept: Security assessment of AI-generated code requires a systematic review of the code itself to understand what has been generated and identify potential vulnerabilities before remediation steps are taken. Security assessments follow a structured methodology beginning with understanding the current state. CompTIA SecAI+ Study Guide covers AI-generated code security assessment under AI-assisted security.

Why D is Correct: Performing a source code review is the first and most fundamental step in assessing AI-generated code security. Before removing secrets, enforcing access controls, or scanning for sensitive data, the analyst must understand what the AI tool has generated by reviewing the code for security vulnerabilities, insecure patterns, logic flaws, and policy violations. The review provides the baseline knowledge needed to prioritize and direct all subsequent remediation actions.

Why A is Wrong: Removing hard-coded secrets is a specific remediation action for a specific finding. This step should come after the source code review has identified the presence and location of hard-coded secrets, not before the initial assessment reveals whether they exist.

Why B is Wrong: Enforcing access controls for code repositories is a security hardening measure for the repository infrastructure. It protects access to existing code but does not constitute an assessment of what the AI tool has generated from a security standpoint.

Why C is Wrong: Enabling sensitive data discovery scans repositories for PII and sensitive information patterns. While valuable as part of the assessment, it is a specific automated scanning tool best used after or alongside a manual code review that provides contextual understanding of the codebase.