AAISM Questions Prepare with Learning Information! 2026 Regularly updated
Get AAISM Products Practice Material for AAISM Exam Question Preparation
NEW QUESTION # 111
A financial institution plans to deploy an AI system to provide credit risk assessments for loan applications.
Which of the following should be given the HIGHEST priority in the system's design to ensure ethical decision-making and prevent bias?
- A. Restrict the model's decision-making criteria to objective financial metrics only.
- B. Regularly update the model with new customer data to improve prediction accuracy.
- C. Train the system to provide advisory outputs with final decisions made by human experts.
- D. Integrate a mechanism for customers to appeal decisions directly within the system.
Answer: C
Explanation:
In AI governance frameworks, credit scoring is treated as a high-risk application. For such systems, the highest-priority safeguard is human oversight to ensure fairness, accountability, and prevention of bias in automated decisions.
The AI Security Management (AAISM) domain of AI Governance and Program Management emphasizes that high-impact AI systems require explicit governance structures and human accountability. Human-in-the- loop design ensures that final decisions remain the responsibility of human experts rather than being fully automated. This is particularly critical in financial contexts, where biased outputs can affect individuals' access to credit and create compliance risks.
Official ISACA AI governance guidance specifies:
High-risk AI systems must comply with strict requirements, including human oversight, transparency, and fairness.
The purpose of human oversight is to reduce risks to fundamental rights by ensuring humans can intervene or override an automated decision.
Bias controls are strengthened by requiring human review processes that can analyze outputs and prevent unfair discrimination.
Why other options are not the highest priority:
A). Regular updates improve accuracy but do not guarantee fairness or ethical decision-making. Model drift can introduce new bias if not governed properly.
B). Appeals mechanisms are important for accountability, but they operate after harm has occurred.
Governance frameworks emphasize prevention through human oversight in the decision loop.
D). Restricting criteria to "objective metrics" is insufficient, as even objective data can contain hidden proxies for protected attributes. Bias mitigation requires monitoring, testing, and human oversight, not only feature restriction.
AAISM Domain Alignment:
Domain 1 - AI Governance and Program Management: Ensures accountability, ethical oversight, and governance structures.
Domain 2 - AI Risk Management: Identifies and mitigates risks such as bias, discrimination, and lack of transparency.
Domain 3 - AI Technologies and Controls: Provides the technical enablers for implementing oversight mechanisms and bias detection tools.
References from AAISM and ISACA materials:
AAISM Exam Content Outline - Domain 1: AI Governance and Program Management (roles, responsibilities, oversight).
ISACA AI Governance Guidance (human oversight as mandatory in high-risk AI applications).
Bias and Fairness Controls in AI (human review and intervention as a primary safeguard).
NEW QUESTION # 112
What is the GREATEST benefit of performing AI security risk assessments?
- A. Updating the risk register
- B. Securing appropriate funding
- C. Enabling risk prioritization
- D. Implementing privacy controls
Answer: C
Explanation:
AAISM emphasizes that the primary value of AI security risk assessments is prioritizing risks based on likelihood, impact, and business relevance.
Updating the register (A) is administrative. Privacy controls (B) are one category of mitigation. Funding (D) is possible but not the primary purpose.
References: AAISM Study Guide - AI Risk Assessment Objectives; Prioritization and Governance.
NEW QUESTION # 113
Which of the following AI data life cycle phases presents the GREATEST inherent risk?
- A. Preparation
- B. Training
- C. Monitoring
- D. Maintenance
Answer: A
Explanation:
The data Preparation phase-covering sourcing, collection, labeling, cleansing, and provenance-presents the greatest inherent risk because it is where privacy, consent, representativeness, bias, quality, lineage, and legality must be established. Decisions and defects here propagate into training and downstream use, amplifying ethical, regulatory, and accuracy risks.
While Training can introduce additional risks (e.g., poisoning, leakage), these are frequently mitigated by controls that depend on having trustworthy prepared data. Monitoring and Maintenance are later-life-cycle phases oriented toward detection and correction; they are critical but inherently rely on the foundation set during Preparation.
References: AI Security Management (AAISM) Body of Knowledge: "AI Data Lifecycle Risks-Sourcing, Consent, Provenance, and Bias," "Risk Treatment Priorities Across the Lifecycle"; AAISM Study Guide:
"Data Preparation Controls and Quality Gates," "Bias and Privacy Risk Controls at Ingestion."
NEW QUESTION # 114
A large financial services organization is integrating a third-party AI solution into its critical fraud detection system. Which of the following is the BEST way for the organization to reduce risk associated with AI vendor and supply chain dependencies?
- A. Establishing contractual agreements requiring vendors to provide evidence of secure development practices
- B. Conducting annual vulnerability assessments of the fraud detection system after integration
- C. Implementing isolated virtual environments to validate the integration of the fraud detection system with the solution
- D. Focusing on performance testing to ensure the solution meets operational requirements
Answer: A
Explanation:
AAISM emphasizes supplier assurance through contractual obligations as the foundational control for AI supply chain risk. Contracts should require verifiable evidence of secure development practices (e.g., secure SDLC, model and data provenance documentation, SBOM/MBOM where applicable, vulnerability disclosure, patch SLAs, audit rights, incident notification, and regulatory compliance assertions). This creates enforceable, continuous assurance beyond point-in-time tests.
* A is necessary but reactive and limited to your environment.
* B addresses performance, not supply chain security.
* D is a good isolation/validation practice but does not create vendor accountability across the lifecycle.
References:* AI Security Management (AAISM) Body of Knowledge: Third-Party and Supply Chain Governance-Contractual security requirements, evidence-based assurance, right-to-audit.* AI Security Management Study Guide: Vendor due diligence artifacts, secure development evidence, lifecycle obligations for AI providers.
NEW QUESTION # 115
Which of the following MOST effectively minimizes the attack surface when securing AI agent components during their development and deployment?
- A. Consolidate event logs for correlation and centralized analysis.
- B. Implement compartmentalization with least privilege enforcement.
- C. Deploy pre-trained models directly into production.
- D. Schedule periodic manual code reviews.
Answer: B
Explanation:
The most effective strategy tominimize attack surfacesin AI agent security is to apply compartmentalization and least privilege enforcement.
AAISM control frameworks emphasize:
* Isolation of components (e.g., training, inference, data pipelines) to limit lateral movement.
* Principle ofleast privilegeto restrict access only to what is required for function.
* Hardening AI pipelines through segmentation rather than relying solely on manual reviews or monitoring.
Pre-trained models and log centralization are useful but do not directly reduce the attack surface.Manual code reviewsare important but insufficient against runtime exploitation.
Thus,compartmentalization with least privilege enforcementis the most effective technical safeguard.
NEW QUESTION # 116
Which approach should an organization prioritize to effectively verify the security of its AI models?
- A. Testing team competencies in IT threat mitigation
- B. Automating vulnerability identification
- C. Developing a testing strategy including AI-specific threat modeling and adversarial attack simulations
- D. Using standard penetration testing methods
Answer: C
Explanation:
The AAISM standard explicitly states that traditional penetration tests alone are insufficient for AI systems.
Effective AI security testing requires:
* AI-specific threat modeling (e.g., data poisoning, prompt injection, model theft)
* Adversarial attack simulations (white-box, black-box, gradient-based attacks)
* Evaluation of robustness and manipulation resistance
Option B captures these requirements precisely.
Options A, C, and D do not address AI-specific attack vectors.
References: AAISM Study Guide - AI Security Testing and Adversarial Evaluation.
NEW QUESTION # 117
When evaluating a new AI tool for intrusion prevention, which is MOST important to ensure fit within the existing program architecture?
- A. Confirm tool capabilities align with control objectives
- B. Select a tool that integrates with the SIEM
- C. Prioritize real-time anomaly detection
- D. Ensure automated response orchestration
Answer: A
Explanation:
AAISM stresses that AI tools must align with the organization's existing control objectives and governance requirements, ensuring consistency with risk management, detection philosophy, and operational processes.
Integration with SIEM (D) is important but secondary. Anomaly detection (B) is a feature, not an architectural requirement. Automated orchestration (A) is optional.
References: AAISM Study Guide - AI Security Architecture & Control Alignment.
NEW QUESTION # 118
A health services organization is developing a proprietary generative AI chatbot to assist patients with medical devices. Which of the following should be the organization's HIGHEST priority?
- A. Tuning algorithms used in the AI model
- B. Maximizing neural network size
- C. Maximizing the amount of training data
- D. Selecting the appropriate training data
Answer: D
Explanation:
AAISM prioritizes training data suitability-lawful sourcing, provenance, quality, representativeness, and safety-especially in health-related applications. The correctness and appropriateness of training data determine clinical safety, reduction of harmful outputs, and compliance with data protection/sector obligations. Larger models or more data do not compensate for inappropriate or low-quality datasets; tuning is secondary to ensuring the right data with rigorous curation, labeling quality, and guardrails aligned to patient safety requirements.
References:* AI Security Management (AAISM) Body of Knowledge: Data Governance & Quality; High- Risk/Health Context Controls; Safety & Harm Minimization* AAISM Study Guide: Data Provenance & Suitability, Domain-Specific Dataset Controls; Compliance-by-Design for Sensitive Sectors
NEW QUESTION # 119
A financial institution plans to deploy an AI system to provide credit risk assessments for loan applications.
Which of the following should be given the HIGHEST priority in the system's design to ensure ethical decision-making and prevent bias?
- A. Restrict the model's decision-making criteria to objective financial metrics only.
- B. Regularly update the model with new customer data to improve prediction accuracy.
- C. Train the system to provide advisory outputs with final decisions made by human experts.
- D. Integrate a mechanism for customers to appeal decisions directly within the system.
Answer: C
Explanation:
In AI governance frameworks, credit scoring is treated as a high-risk application. For such systems, the highest-priority safeguard is human oversight to ensure fairness, accountability, and prevention of bias in automated decisions.
The AI Security Management™ (AAISM) domain of AI Governance and Program Management emphasizes that high-impact AI systems require explicit governance structures and human accountability. Human-in-the- loop design ensures that final decisions remain the responsibility of human experts rather than being fully automated. This is particularly critical in financial contexts, where biased outputs can affect individuals' access to credit and create compliance risks.
Official ISACA AI governance guidance specifies:
High-risk AI systems must comply with strict requirements, including human oversight, transparency, and fairness.
The purpose of human oversight is to reduce risks to fundamental rights by ensuring humans can intervene or override an automated decision.
Bias controls are strengthened by requiring human review processes that can analyze outputs and prevent unfair discrimination.
Why other options are not the highest priority:
A). Regular updates improve accuracy but do not guarantee fairness or ethical decision-making. Model drift can introduce new bias if not governed properly.
B). Appeals mechanisms are important for accountability, but they operate after harm has occurred.
Governance frameworks emphasize prevention through human oversight in the decision loop.
D). Restricting criteria to "objective metrics" is insufficient, as even objective data can contain hidden proxies for protected attributes. Bias mitigation requires monitoring, testing, and human oversight, not only feature restriction.
AAISM Domain Alignment:
Domain 1 - AI Governance and Program Management: Ensures accountability, ethical oversight, and governance structures.
Domain 2 - AI Risk Management: Identifies and mitigates risks such as bias, discrimination, and lack of transparency.
Domain 3 - AI Technologies and Controls: Provides the technical enablers for implementing oversight mechanisms and bias detection tools.
References from AAISM and ISACA materials:
AAISM Exam Content Outline - Domain 1: AI Governance and Program Management (roles, responsibilities, oversight).
ISACA AI Governance Guidance (human oversight as mandatory in high-risk AI applications).
Bias and Fairness Controls in AI (human review and intervention as a primary safeguard).
NEW QUESTION # 120
Which area of intellectual property law presents the GREATEST challenge in determining copyright protection for AI-generated content?
- A. Establishing licensing frameworks for AI-generated works
- B. Protecting trade secrets in AI technologies
- C. Determining the rightful ownership of AI-generated creations
- D. Enforcing trademark rights associated with AI systems
Answer: C
Explanation:
AAISM governance content highlights that the greatest intellectual property challenge in the context of AI- generated works is determining rightful ownership. Traditional copyright law requires human authorship, but AI-generated creations blur authorship and ownership boundaries, raising legal uncertainty about who can claim rights. Trademark enforcement, trade secret protection, and licensing frameworks are established areas of IP law but do not present the same fundamental challenge as ownership attribution. For AI-generated content, the central legal dilemma is ownership of the creation.
References:
AAISM Study Guide - AI Governance and Program Management (Intellectual Property and AI) ISACA AI Security Management - Copyright and Ownership Challenges
NEW QUESTION # 121
Which of the following actions BEST enables the evaluation of bias during an AI impact assessment?
- A. Measuring the AI system's performance processing speed under predefined varying workloads
- B. Analyzing the AI system's reaction time under peak workload conditions
- C. Comparing the AI system's output against historical data benchmarks
- D. Assessing the AI system's training data to ensure it represents all relevant end-user groups
Answer: D
Explanation:
The most direct and effective way to evaluate bias risk is to assess representativeness and coverage of the training data against all relevant user groups and contexts. Bias frequently originates from imbalanced, unrepresentative, or systematically skewed datasets. Ensuring demographic and contextual coverage, verifying labeling quality, and checking subgroup performance are foundational steps in bias evaluation and mitigation planning. Output benchmarking can surface symptoms but is insufficient without data representativeness analysis; latency and throughput measurements are performance concerns, not bias assessments.
References:* AI Security Management (AAISM) Body of Knowledge: AI Risk Identification and Treatment - bias sources in data and methods for representativeness assessment* AI Security Management Study Guide: Bias and fairness evaluation methods; subgroup coverage analysis; data quality and labeling assurance
NEW QUESTION # 122
Personal data used to train AI systems can BEST be protected by:
- A. Anonymizing personal data
- B. Hashing personal data
- C. Ensuring the quality of personal data
- D. Erasing personal data after training
Answer: A
Explanation:
AAISM guidance on privacy-preserving AI highlights anonymization as the most effective means of protecting personal data used in training. By irreversibly removing or masking identifiable attributes, anonymization ensures that training data cannot be linked back to individuals, thereby meeting key privacy obligations under laws such as GDPR. Erasing data after training may limit exposure but does not protect it during the training process. Ensuring data quality improves accuracy but does not mitigate privacy risk.
Hashing protects data integrity but does not guarantee anonymity, as hashes can sometimes be reversed or correlated. Therefore, anonymization is the recommended control for protecting personal data in AI training.
References:
AAISM Study Guide - AI Technologies and Controls (Privacy-Preserving Methods) ISACA AI Security Management - Data Anonymization Practices
NEW QUESTION # 123
Who is responsible for implementing recommendations in a final report after an external AI compliance audit?
- A. Internal auditors
- B. System architects
- C. Model owners
- D. End users
Answer: C
Explanation:
AAISM clarifies that model owners hold responsibility for ensuring corrective actions are implemented after AI audits. They are accountable for:
* model behavior
* compliance gaps
* security improvements
* governance alignment
Internal auditors (B) perform assessments but do not implement changes. System architects (A) support technical fixes but do not own compliance. End users (C) are not responsible for audit remediation.
References: AAISM Study Guide - Roles & Responsibilities; AI Ownership and Accountability.
NEW QUESTION # 124
A financial organization is concerned about the risk of prompt injection attacks on its customer service chatbot. Which of the following controls BEST addresses this concern?
- A. Input validation
- B. Increasing model parameters
- C. Human-in-the-loop
- D. Continuous monitoring
Answer: A
Explanation:
AAISM emphasizes preventive technical controls for LLM threats such as prompt injection, including input validation/sanitization, instruction isolation, allow/deny lists, context segmentation, and output filtering.
These reduce the model's exposure to adversarial instructions embedded in user prompts or retrieved context.
Monitoring (A) is detective, not preventive; increasing parameters (B) does not inherently improve security against injection; human-in-the-loop (D) is valuable for high-risk decisions but does not directly neutralize injection vectors at the control boundary the way input validation and content filtering do.
References: AI Security Management (AAISM) Body of Knowledge - Technical Controls for LLM Security; Input/Output Filtering and Context Isolation; Secure Inference and Prompt Injection Mitigations.
NEW QUESTION # 125
An organization is looking to purchase an AI application from a vendor but is concerned about the security of its data. Which of the following is the MOST effective way to address this concern?
- A. Mandate an AI security audit by an external auditor before procurement
- B. Assess the vendor's publicly available AI usage policy
- C. Initiate discussions between the organization's and the vendor's legal teams
- D. Ensure vendors disclose how the application uses the organization's data
Answer: D
Explanation:
The priority control in AI vendor due diligence is ensuring explicit disclosure of data handling: data flows, purpose limitation, retention/deletion, training vs. inference use, isolation controls, access paths, subcontractors, and storage/transfer boundaries. This disclosure is then tied to contractual commitments and measurable controls. A public policy (Option A) may be incomplete; a pre-procurement external audit (Option C) can be valuable but is not always feasible or targeted to your data use; legal discussions (Option D) are necessary for terms but must be grounded in clear, detailed data-use disclosures to be effective.
References:
AAISM Body of Knowledge: Third-Party AI Risk Management; Data Governance and Usage Controls; Contractual and Technical Safeguards for Vendor AI.
AAISM Study Guide: AI Procurement Due Diligence; Data-Use Transparency (Training vs. Fine-tuning vs.
Inference); Retention, Purpose Limitation, and Cross-Border Controls.
NEW QUESTION # 126
Which of the following should be the PRIMARY consideration for an organization concerned about liabilities associated with unforeseen behavior from agentic AI systems?
- A. Model dependencies
- B. Accountability model
- C. Approved base models
- D. Acceptable risk level
Answer: B
Explanation:
AAISM governance guidance stresses that when dealing with agentic AI systems capable of autonomous decision-making, the primary consideration is accountability. Without clear accountability structures, unforeseen or harmful outcomes may result in unmitigated liability for the organization. While dependencies, base models, and defined risk levels are important, they do not directly address who is responsible when systems act unpredictably. The key governance safeguard is the implementation of an accountability model that ensures liability and oversight are properly assigned.
References:
AAISM Exam Content Outline - AI Governance and Program Management (Accountability and Liability Management) AI Security Management Study Guide - Responsible Oversight of Agentic AI
NEW QUESTION # 127
Which of the following is a key risk indicator (KRI) for an AI system used for threat detection?
- A. Training time of the model
- B. Number of training epochs
- C. Number of system overrides by cyber analysts
- D. Number of layers in the neural network
Answer: C
Explanation:
AAISM materials emphasize that in operational AI systems, key risk indicators (KRIs) must reflect risks to performance and reliability rather than technical design factors alone. In the case of threat detection, the most relevant KRI is the frequency of system overrides by human analysts, as this indicates a lack of trust, frequent false positives, or poor detection accuracy. Training epochs, model depth, and training time are technical metrics but do not directly measure operational risk. Analyst overrides represent a practical measure of system effectiveness and risk.
References:
AAISM Study Guide - AI Risk Management (Operational KRIs for AI Systems) ISACA AI Security Management - Monitoring AI Effectiveness
NEW QUESTION # 128
During red-team testing of an AI system used to make lending decisions, which of the following techniques BEST simulates a data poisoning attack?
- A. Corrupting training data sets to manipulate outcomes
- B. Inputting encrypted data into the model
- C. Adding noise to output predictions
- D. Stealing model weights from a deployed API
Answer: A
Explanation:
AAISM defines data poisoning as the intentional manipulation of training data so that the learned model behaves incorrectly (e.g., skewed lending approvals/denials) while appearing valid. The correct simulation in red-team exercises is to corrupt or seed the training set with adversarial examples or mislabeled records to induce biased or erroneous decision boundaries. Encrypting inputs (A) is unrelated; output noise (B) describes perturbation of predictions, not training; model weight theft (C) is model extraction, not poisoning.
References: AI Security Management™ (AAISM) Body of Knowledge - Adversarial ML Threats; Data Poisoning and Training-Time Attacks. AAISM Study Guide - Red-Team Methods for AI; Poisoning vs.
Evasion vs. Model Extraction; Controls and Testing for Safety-Critical Decisions.
NEW QUESTION # 129
An organization uses an AI tool to scan social media for product reviews. Fraudulent social media accounts begin posting negative reviews attacking the organization's product. Which type of AI attack is MOST likely to have occurred?
- A. Availability attack
- B. Data poisoning
- C. Model inversion
- D. Deepfake
Answer: A
Explanation:
The AAISM materials classify availability attacks as attempts to disrupt or degrade the functioning of an AI system so that its outputs become unreliable or unusable. In this scenario, the fraudulent social media accounts are deliberately overwhelming the AI tool with misleading negative reviews, undermining its ability to deliver accurate sentiment analysis. This aligns directly with the concept of an availability attack. Model inversion relates to reconstructing training data from outputs, deepfakes involve synthetic content generation, and data poisoning corrupts the training set rather than manipulating inputs at runtime. Therefore, the fraudulent review campaign is most accurately identified as an availability attack.
References:
AAISM Study Guide - AI Risk Management (Adversarial Threats and Availability Risks) ISACA AI Security Management - Attack Classifications
NEW QUESTION # 130
When deriving statistical information generated by AI systems, which of the following types of risk is MOST important to address?
- A. Systemic bias in data
- B. Presence of hallucinations
- C. Incomplete outputs
- D. Lack of data normalization
Answer: A
Explanation:
The most critical risk when deriving statistical insights from AI-generated data is systemic bias in data.
According to the AI Security Management™ (AAISM) framework, systemic bias directly undermines the fairness, reliability, and validity of analytical results derived from AI systems. If the input data or learned model patterns are biased-reflecting skewed representation, sampling imbalance, or embedded prejudice- the statistical outputs will propagate and amplify these biases, leading to misinformed decisions and compliance violations.
Why Option A is Correct:
* Systemic bias affects the integrity and trustworthiness of AI-generated statistical information.
* It can introduce discriminatory outcomes, ethical breaches, and regulatory non-compliance-key concerns in AAISM's AI Risk Management and Governance principles.
* Mitigating systemic bias requires data quality assessments, fairness audits, bias detection tools, and model interpretability measures to ensure the derived insights are accurate and ethically sound.
Why Other Options Are Incorrect:
* Option B: Incomplete outputs can affect accuracy but are typically handled through process monitoring or retraining, not as a primary risk factor in statistical validity.
* Option C: Lack of data normalization is a technical preprocessing issue, not a governance-level risk impacting statistical trustworthiness.
* Option D: Hallucinations occur mainly in generative models (e.g., LLMs) and affect content generation, not statistical computation pipelines.
Exact Extract from Official AAISM Study Guide:
"Systemic bias in AI training and inference data represents the most material statistical risk. Bias propagates through derived metrics, predictive models, and decision outputs, compromising fairness, accuracy, and compliance. AI Security Management requires implementing bias detection, fairness testing, and governance mechanisms to identify and mitigate such systemic bias before using AI-generated analytics for organizational or regulatory reporting." References:
AI Security Management™ (AAISM) Body of Knowledge: AI Risk Identification and Evaluation, Bias and Fairness Management in AI Systems.
AI Security Management™ Study Guide: Systemic Bias Mitigation Techniques, Fairness Assurance in AI Analytics.
ISO/IEC 23894:2023 - Clause 7.2: Bias identification and treatment within AI risk frameworks.
NEW QUESTION # 131
Which phase of the AI data life cycle presents the GREATEST inherent risk?
- A. Training
- B. Monitoring
- C. Preparation
- D. Maintenance
Answer: A
Explanation:
AAISM identifies training as the phase with the highest inherent risk because this is where:
* data poisoning can occur
* sensitive data may be exposed
* bias can be introduced
* model inversion risks originate
* security and privacy vulnerabilities are embedded
Preparation (C) carries risk but is less critical. Maintenance (B) and monitoring (A) involve operational safeguards, not foundational risk creation.
References: AAISM Study Guide - AI Data Life Cycle Risks; High-Risk Model Training Phase.
NEW QUESTION # 132
AI developers often find deep learning systems difficult to explain PRIMARILY because:
- A. Knowledge dynamically changes without logs
- B. Training data is spread across public domains
- C. Algorithms rely on probability theories
- D. Neural network architectures include statistical methods not fully understood
Answer: D
Explanation:
AAISM notes that deep learning systems lack transparency due to complex neural architectures, where internal representations are statistical, nonlinear, and not directly interpretable.
While probability (C) and data sourcing (D) contribute to opacity, the root cause is the intrinsic complexity and opacity of deep neural networks.
References: AAISM Study Guide - Explainability Challenges in Deep Learning.
NEW QUESTION # 133
An organization is deploying an automated AI cybersecurity system. Which of the following would be the MOST effective strategy to minimize human error and improve overall security?
- A. Using historical data to train AI detection software
- B. Conducting periodic penetration testing
- C. Utilizing machine learning (ML) algorithms to ensure responsible use
- D. Implementing manual monitoring of potential alerts
Answer: A
Explanation:
Training detection models on relevant, representative historical data improves signal quality, reduces false positives, and automates triage-directly lowering human workload and error rates (e.g., alert fatigue, missed correlations). Penetration testing is valuable but episodic and does not systematically reduce day-to-day operator error. "Ensure responsible use" is a governance aim, not a concrete method to cut human error in detection. Manual monitoring increases reliance on human judgment and is prone to inconsistency.
References: AI Security Management (AAISM) Body of Knowledge: Model Development & Evaluation Controls; Data Selection and Representativeness; Operationalization to Reduce Human Error. AAISM Study Guide: Tuning Detection Systems with Historical Corpora; Alert Quality, Precision/Recall, and SOC Workflow Integration.
NEW QUESTION # 134
An attack has occurred on an AI system that has been in use for two years. Which of the following would BEST mitigate the impact of the attack?
- A. Monitoring AI systems for suspicious activities
- B. Implementing strict access controls to the model's architecture
- C. Updating deployed training data with new adversarial data
- D. Replacing the AI model with a new model that hides confidence levels
Answer: C
Explanation:
When an AI system experiences an attack after being in production for an extended period, the most effective mitigation strategy is to update the deployed training data with new adversarial data. This process strengthens the model's resilience by retraining it to recognize and resist attack vectors that were previously unknown or unaccounted for. According to the AI Security Management (AAISM) framework, risk mitigation for AI systems must address model robustness through adversarial retraining, data quality improvement, and model lifecycle hardening rather than relying solely on reactive measures.
Why Option B is Correct:
* Incorporating adversarial examples into the training set enhances the system's ability to correctly classify and withstand malicious inputs.
* This approach directly mitigates the vulnerability exploited in the attack and supports a proactive, continuous risk management cycle.
Why Other Options Are Incorrect:
* Option A: Monitoring helps detect suspicious activity but does not resolve the underlying vulnerability.
* Option C: Concealing confidence scores may reduce model transparency but does not address the attack mechanism or its root cause.
* Option D: Implementing access controls protects the model's architecture but does not improve model robustness against input manipulation attacks.
Exact Extract from Official AAISM Study Guide:
"AI risk management requires continuous improvement following incidents. After an adversarial or data poisoning event, the preferred risk treatment involves retraining the model using adversarial data and updated datasets to enhance robustness. This ensures the AI model adapts to evolving threat landscapes rather than merely restricting access or obscuring outputs." References:
AI Security Management (AAISM) Body of Knowledge: AI Risk Treatment and Mitigation Strategies, Adversarial Robustness and Resilience Engineering.
AI Security Management Study Guide: Model Lifecycle Security, Continuous Risk Treatment through Adversarial Retraining.
ISO/IEC 23894:2023, Clause 8.3.2 - Risk treatment through robustness improvement and adversarial data inclusion.
NEW QUESTION # 135
How can an organization BEST protect itself from payment diversions caused by deepfake attacks impersonating management?
- A. Mandate that payments be sent only once per week
- B. Implement resilient payment approval processes
- C. Issue a security policy on deepfakes
- D. Require mandatory deepfake detection training for all employees
Answer: B
Explanation:
AAISM's risk management framework stresses that the most effective defense against deepfake-enabled fraud, such as payment diversion, is resilient payment approval processes. This includes multi-step verification, segregation of duties, and independent confirmations for high-value transactions. Employee training, policies, or limiting payment frequency may reduce exposure, but they cannot guarantee prevention.
Only process-based controls enforce structural safeguards that prevent fraudulent instructions from being executed, even if a deepfake impersonation attempt is successful.
References:
AAISM Exam Content Outline - AI Risk Management (Fraud and Deepfake Risk) AI Security Management Study Guide - Transactional Resilience and Controls
NEW QUESTION # 136
......
ISACA AAISM Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
Most Reliable ISACA AAISM Training Materials: https://certkingdom.vce4dumps.com/AAISM-latest-dumps.html