An attack has occurred on an AI system that has been in use for two years. Which of the following would BEST mitigate the impact of the attack?
Correct Answer: B
When an AI system experiences an attack after being in production for an extended period, the most effective mitigation strategy is to update the deployed training data with new adversarial data. This process strengthens the model's resilience by retraining it to recognize and resist attack vectors that were previously unknown or unaccounted for. According to the AI Security Management (AAISM) framework, risk mitigation for AI systems must address model robustness through adversarial retraining, data quality improvement, and model lifecycle hardening rather than relying solely on reactive measures. Why Option B is Correct: * Incorporating adversarial examples into the training set enhances the system's ability to correctly classify and withstand malicious inputs. * This approach directly mitigates the vulnerability exploited in the attack and supports a proactive, continuous risk management cycle. Why Other Options Are Incorrect: * Option A: Monitoring helps detect suspicious activity but does not resolve the underlying vulnerability. * Option C: Concealing confidence scores may reduce model transparency but does not address the attack mechanism or its root cause. * Option D: Implementing access controls protects the model's architecture but does not improve model robustness against input manipulation attacks. Exact Extract from Official AAISM Study Guide: "AI risk management requires continuous improvement following incidents. After an adversarial or data poisoning event, the preferred risk treatment involves retraining the model using adversarial data and updated datasets to enhance robustness. This ensures the AI model adapts to evolving threat landscapes rather than merely restricting access or obscuring outputs." References: AI Security Management (AAISM) Body of Knowledge: AI Risk Treatment and Mitigation Strategies, Adversarial Robustness and Resilience Engineering. AI Security Management Study Guide: Model Lifecycle Security, Continuous Risk Treatment through Adversarial Retraining. ISO/IEC 23894:2023, Clause 8.3.2 - Risk treatment through robustness improvement and adversarial data inclusion.
Question 47
An organization is designing an AI-based credit risk assessment system integrating sensitive financial data. Which option BEST supports security-by-design?
Correct Answer: B
AAISM identifies AI-specific threat modeling as an essential early-stage control in security-by-design, particularly for high-risk systems like credit scoring. It systematically identifies: * data poisoning * bias vulnerabilities * model evasion * model extraction * misuse scenarios Differential privacy (A) is powerful but is a mitigation, not the overarching design control. Segmentation (C) and IP allow lists (D) are supporting controls but not the foundational step in secure design. References: AAISM Study Guide - Security-by-Design; AI Threat Modeling.
Question 48
Which AI data management technique involves creating validation and test data?
Correct Answer: B
AAISM describes data splitting as the process of dividing datasets into: * training * validation * test sets This is essential for reducing overfitting and ensuring robust evaluation. Learning (A) refers to model training. Annotating (D) labels data. Training (C) does not create validation/test data. References: AAISM Study Guide - AI Data Preparation & Dataset Splitting.
Question 49
An organization is implementing an AI-based credit assessment engine using internal and third-party customer data. Which of the following BEST aligns with data management controls for the AI life cycle?
Correct Answer: C
The strongest alignment with AI life-cycle data management controls is establishing documented procedures for data sourcing, lineage tracking, and quality validation. Governance requires end-to-end data controls- provenance, consent, sourcing approvals, lineage, quality checks, labeling standards, retention, and auditability-so models are trained and validated on trustworthy, compliant data. Hashing alone is pseudo- anonymization and does not deliver full governance. Restricting to structured data is an implementation constraint, not a control set. Encryption and access control protect confidentiality/availability but do not ensure lineage or quality. References: AI Security Management (AAISM) Body of Knowledge: Data Governance & Stewardship; AI Data Lifecycle Controls; Data Provenance, Lineage, and Quality Assurance. AAISM Study Guide: Data Intake Procedures; Lineage and Audit Evidence; Quality Gates and Approval Workflows.
Question 50
The PRIMARY purpose of adopting and implementing AI architecture as part of an organizational AI program is to:
Correct Answer: C
An AI architecture, within program governance, exists to align AI system components and lifecycle processes with business goals and policy constraints. Architecture provides the organizing structure linking strategy, capabilities, processes, data, models, controls, and assurance so that AI outcomes are traceable to business value, risk appetite, and compliance expectations. Efficiency, speed, and threat analysis are important architectural qualities, but they are not the primary purpose; the primary purpose is strategic and governance alignment so that technical choices and controls consistently realize organizational objectives. References:* AI Security Management™ (AAISM) Body of Knowledge: AI Program Architecture - alignment of capabilities, processes, and controls to business objectives* AI Security Management™ Study Guide: Architecture-driven governance, traceability from business goals to technical and control design
