최신CompTIA SecAI+ Certification - CY0-001무료샘플문제
문제1
An attacker successfully completes a denial-of-service (DoS) attack through the context window of an AI system. Thousands of characters are obfuscated and hidden behind an emoji.
Which of the following techniques best mitigates this type of attack?
An attacker successfully completes a denial-of-service (DoS) attack through the context window of an AI system. Thousands of characters are obfuscated and hidden behind an emoji.
Which of the following techniques best mitigates this type of attack?
정답: A
설명: (KoreaDumps 회원만 볼 수 있음)
문제2
Which of the following improves the observability and auditing of an AI system?
Which of the following improves the observability and auditing of an AI system?
정답: C
설명: (KoreaDumps 회원만 볼 수 있음)
문제3
A cybersecurity administrator generates patching reports using AI, but the process takes a long time. Which of the following is the best way to increase performance?
A cybersecurity administrator generates patching reports using AI, but the process takes a long time. Which of the following is the best way to increase performance?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제4
Which of the following is a key principle of responsible AI systems?
Which of the following is a key principle of responsible AI systems?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제5
An organization is concerned with the exposure of sensitive data.
Which of the following is the most relevant security concern?
An organization is concerned with the exposure of sensitive data.
Which of the following is the most relevant security concern?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제6
Part 1: Use drop-down menu to select the most appropriate protocol or cipher for each system component.
Part 2: Use the drop-down menu to select the most appropriate technique to apply to the modified data.
An engineer is analyzing findings from a penetration test that indicate insufficient data encryption. The engineer must implement data security.
Part 1: Use drop-down menu to select the most appropriate protocol or cipher for each system component.
Part 2: Use the drop-down menu to select the most appropriate technique to apply to the modified data.
An engineer is analyzing findings from a penetration test that indicate insufficient data encryption. The engineer must implement data security.
정답:
Explanation:
See Explanation
Basic Concept: This is a Performance-Based Question (PBQ) - a simulation requiring interactive protocol and cipher selection in the actual exam. It tests the candidate ' s ability to select appropriate encryption protocols for different AI system components and apply proper data security techniques for sensitive AI data.
Key Concept - Encryption by Component: For data in transit between AI components, TLS 1.3 is the current standard protocol. For API communications, HTTPS with TLS 1.3 and certificate pinning is appropriate. For database connections used by AI systems, TLS with strong cipher suites such as AES-256-GCM should be applied. For data at rest in model stores and training data repositories, AES-256 encryption is standard. For authentication tokens and keys, RSA-2048 or ECC P-256 are appropriate asymmetric options.
Key Concept - Data Techniques: For sensitive AI training data that has been modified, tokenization replaces sensitive values with non-sensitive tokens. Masking obscures sensitive fields in outputs. Hashing provides one-way verification for data integrity.
Reference: CompTIA SecAI+ Study Guide Domain 2 covers encryption requirements for AI system data security. Candidates should know standard encryption protocols (TLS 1.3, AES-256), when to apply each cipher type, and which data security techniques such as masking, tokenization, and encryption at rest are appropriate for different AI system data categories and sensitivity levels.
문제7
A customer-facing, AI-powered chatbot has been jailbroken through prompt injections. As a result, the AI model is offering a 99% discount on the purchase of a new vehicle.
Which of the following should be implemented to enhance the model ' s robustness against such attacks?
A customer-facing, AI-powered chatbot has been jailbroken through prompt injections. As a result, the AI model is offering a 99% discount on the purchase of a new vehicle.
Which of the following should be implemented to enhance the model ' s robustness against such attacks?
정답: C
설명: (KoreaDumps 회원만 볼 수 있음)
문제8
A company is adopting AI and wants to create policies and procedures that include a structure for evaluating, publishing, and approving patterns for AI usage.
Which of the following should the company establish to meet this goal?
A company is adopting AI and wants to create policies and procedures that include a structure for evaluating, publishing, and approving patterns for AI usage.
Which of the following should the company establish to meet this goal?
정답: B
설명: (KoreaDumps 회원만 볼 수 있음)
문제9
A security analyst finds that the AI system is under a denial-of-wallet attack.
Which of the following should the analyst enforce to protect the company? (Choose two.)
A security analyst finds that the AI system is under a denial-of-wallet attack.
Which of the following should the analyst enforce to protect the company? (Choose two.)
정답: A,F
설명: (KoreaDumps 회원만 볼 수 있음)