- Home
- ISACA
- ISACA Advanced in AI Security Management (AAISM) Exam
- ISACA.AAISM.v2026-06-18.q81
- Question 71
Valid AAISM Dumps shared by EduDump.com for Helping Passing AAISM Exam! EduDump.com now offer the newest AAISM exam dumps, the EduDump.com AAISM exam questions have been updated and answers have been corrected get the newest EduDump.com AAISM dumps with Test Engine here:
Access AAISM Dumps Premium Version
(432 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 71/81
An organization is implementing AI agent development across multiple engineering teams. Which of the following is the MOST important focus of AI-specific security training for developers?
Correct Answer: A
For developer-facing, near-term hardening of AI agents, AAISM prioritizes secure agent design and runtime controls against prompt injection, unsafe memory/tool use, and tool-execution compromise. These are primary exploitation paths for agents that read external content, persist memory, and call tools with elevated privileges. Training must center on: guarding tool invocation, constraining memory scope, sanitizing
/validating inputs, and isolating high-risk actions. Topics like bias/fairness (B) and policy/hallucinations (C) are important but are governance/assurance concerns; API abuse and plug-in risk (D) matter, yet the core, developer-controlled attack surface for agents is injection and unsafe tool/memory design.
References:* AI Security Management (AAISM) Body of Knowledge: Agent Security-prompt injection defenses, tool execution constraints, memory governance* AAISM Study Guide: Developer controls for agent frameworks; input validation, sandboxing, scoped permissions, guardrail patterns
/validating inputs, and isolating high-risk actions. Topics like bias/fairness (B) and policy/hallucinations (C) are important but are governance/assurance concerns; API abuse and plug-in risk (D) matter, yet the core, developer-controlled attack surface for agents is injection and unsafe tool/memory design.
References:* AI Security Management (AAISM) Body of Knowledge: Agent Security-prompt injection defenses, tool execution constraints, memory governance* AAISM Study Guide: Developer controls for agent frameworks; input validation, sandboxing, scoped permissions, guardrail patterns
- Question List (81q)
- Question 1: During red-team testing of an AI system used to make lending...
- Question 2: A newly hired programmer suspects that the organization's AI...
- Question 3: Which of the following BEST describes the role of transparen...
- Question 4: Which of the following is the MOST effective action an organ...
- Question 5: Which of the following is the BEST mitigation control for me...
- Question 6: An organization has discovered that employees have started r...
- Question 7: Which of the following AI data management techniques involve...
- Question 8: Which of the following is the MOST serious consequence of an...
- Question 9: Which of the following BEST describes the role of model card...
- Question 10: An AI research team is developing a natural language process...
- Question 11: Which of the following would MOST effectively ensure an orga...
- Question 12: An organization has implemented a natural language processin...
- Question 13: Which of the following AI data life cycle phases presents th...
- Question 14: An organization's CIO provided the AI steering committee wit...
- Question 15: An organization utilizes AI-enabled mapping software to plan...
- Question 16: Which of the following BEST describes how supervised learnin...
- Question 17: How can an organization BEST protect itself from payment div...
- Question 18: Which of the following technologies can be used to manage de...
- Question 19: Which of the following is the MOST effective defense against...
- Question 20: Which of the following is the MOST important consideration w...
- Question 21: From a risk perspective, which of the following is the MOST ...
- Question 22: A financial institution plans to deploy an AI system to prov...
- Question 23: Which of the following types of testing can MOST effectively...
- Question 24: Which of the following would BEST ensure a proper business c...
- Question 25: An organization is reviewing an AI application to determine ...
- Question 26: Which of the following AI system vulnerabilities is MOST eas...
- Question 27: An aerospace manufacturing company that prioritizes accuracy...
- Question 28: Which of the following is the BEST way to ensure role clarit...
- Question 29: Within an incident handling process, which of the following ...
- Question 30: Which of the following key risk indicators (KRIs) is MOST re...
- Question 31: AI developers often find it difficult to explain the process...
- Question 32: Which of the following is the MOST important consideration f...
- Question 33: Which of the following should be done FIRST when developing ...
- Question 34: Secure aggregation enhances the security of federated learni...
- Question 35: Which of the following is the BEST way to ensure an organiza...
- Question 36: Which of the following approaches BEST helps to reduce model...
- Question 37: Which of the following is the MOST effective use of AI in in...
- Question 38: Which of the following controls BEST mitigates the inherent ...
- Question 39: Which of the following is the MOST important factor to consi...
- Question 40: Which of the following MOST effectively minimizes the attack...
- Question 41: Which of the following is the GREATEST risk inherent to impl...
- Question 42: An attacker crafts inputs to a large language model (LLM) to...
- Question 43: Implementing which of the following would MOST effectively a...
- Question 44: An organization is planning to commission a third-party AI s...
- Question 45: Which of the following is the MOST effective strategy for pe...
- Question 46: Which of the following is BEST for analyzing true positives,...
- Question 47: Which of the following is MOST important to consider when va...
- Question 48: An organization is deploying a large language model (LLM) an...
- Question 49: Personal data used to train AI systems can BEST be protected...
- Question 50: Which of the following employee awareness topics would MOST ...
- Question 51: An organization implementing a large language model (LLM) ap...
- Question 52: A financial organization is concerned about the risk of prom...
- Question 53: An organization recently introduced a generative AI chatbot ...
- Question 54: Which of the following BEST ensures AI components are valida...
- Question 55: In a new supply chain management system, AI models used by p...
- Question 56: An organization is facing a deepfake attack intended to mani...
- Question 57: Which of the following is the PRIMARY purpose of a dedicated...
- Question 58: A CISO has been tasked with providing key performance indica...
- Question 59: When implementing a generative AI system, which of the follo...
- Question 60: Which of the following is the MOST important course of actio...
- Question 61: Which of the following AI-driven systems should have the MOS...
- Question 62: A preliminary risk assessment of a SaaS-based large language...
- Question 63: Which of the following BEST enables an organization to stren...
- Question 64: A retail organization implements an AI-driven recommendation...
- Question 65: A large language model (LLM) has been manipulated to provide...
- Question 66: In the context of generative AI, which of the following woul...
- Question 67: Which of the following BEST describes the role of risk docum...
- Question 68: When preparing for an AI incident, which of the following sh...
- Question 69: Which of the following mitigation control strategies would B...
- Question 70: Which of the following is the MAIN objective of the operatio...
- Question 71: An organization is implementing AI agent development across ...
- Question 72: Which of the following methods provides the MOST effective p...
- Question 73: Which of the following is MOST important for effective AI ri...
- Question 74: The PRIMARY ethical concern of generative AI is that it may:...
- Question 75: Which of the following actions BEST enables the evaluation o...
- Question 76: The PRIMARY purpose of adopting and implementing AI architec...
- Question 77: After implementing a third-party generative AI tool, an orga...
- Question 78: Which of the following reviews MUST be conducted as part of ...
- Question 79: When integrating AI for innovation, which of the following c...
- Question 80: Which of the following BEST represents a combination of quan...
- Question 81: Which of the following BEST ensures the integrity of data se...
