Quiz CY0-001: CompTIA SecAI+ Beta

The correct answer is D. Data scientist.
In an organizational governance structure, the data scientist is typically the role responsible for analyzing business use cases and developing predictive or analytical models from them. They work with data to identify patterns, build machine learning models, and translate business problems into technical solutions.
Why the other options are incorrect:
A. Platform architect
A platform architect designs the overall technical infrastructure and systems that support applications and data workflows. This role focuses on architecture and integration, not on building models from business use cases.
B. AI risk analyst
An AI risk analyst evaluates the risks associated with AI systems, such as fairness, compliance, security, and ethical concerns. This role is about oversight and governance, not model development.
C. MLOps engineer
An MLOps engineer manages the deployment, automation, monitoring, and maintenance of machine learning models in production. This role supports the lifecycle of models, but does not primarily create models from business use cases.
D. Data scientist
A data scientist takes business use cases and converts them into data-driven models. This is the role most directly associated with model development.
In short, the data scientist is the role that develops a model from business use cases.

The correct answer is C. Encryption.
The question asks about data security controls for data at rest within AI systems that involve data disclosure. "Data at rest" means information stored in a system, database, file, or repository rather than actively being transmitted or processed. For this type of data, the most suitable security control is encryption because it protects stored data by making it unreadable without the proper decryption key.
Why encryption is correct:
- It is specifically designed to protect stored information.
- If unauthorized users gain access to the storage medium, the data remains protected.
- It is a standard and widely accepted control for sensitive financial data and regulated environments.
Why the other options are not correct:
- A. Data lineage: This tracks the origin, movement, and transformation of data. It helps with auditability and governance, but it does not directly protect data at rest.
- B. Rate limits: These control how often a system can be accessed or queried. They help reduce abuse or excessive requests, but they do not secure stored data.
- D. Masking: This hides portions of data, often for display or use in non-production environments. While useful for reducing exposure, it is not as strong or fundamental a control for protecting data at rest as encryption.
In summary, when the goal is to secure stored sensitive data in AI systems, encryption is the most appropriate control.

The correct answer is D. Enabling stack call and debugging level traces at the function level.
The question is asking about monitoring an AI-based system during runtime, with the main concern being visibility into internal activity. That means the engineer wants to understand what is happening inside the application or AI workflow while it is running, not just observe external traffic or general security events.
Why D is correct:
Debugging-level traces and stack call traces provide detailed internal execution visibility. They can show:
- Function calls and execution paths
- Internal states and intermediate processing steps
- Errors, exceptions, and tracebacks
- How input is transformed as it moves through the system
This makes D the best choice when the goal is to monitor internal activity in runtime operations.
Why the other options are less appropriate:
A. Deploying a security information and event management (SIEM) tool
A SIEM collects and correlates logs from many systems, which is useful for security monitoring and alerting. However, it does not inherently provide deep visibility into the internal runtime behavior of the AI application itself. It is more about centralized log analysis than internal execution tracing.
B. Implementing a web application firewall (WAF) with header logging
A WAF focuses on filtering and monitoring HTTP traffic to protect web applications from attacks. Header logging may help track request metadata, but it still mainly provides external request visibility rather than internal system activity. It is not the best solution for understanding runtime internals.
C. Relying on vendor model controls and monitoring prompt inputs
This approach focuses on the AI model’s inputs and built-in vendor controls. It may help with safety and abuse detection, but it does not provide detailed runtime visibility into the internal operations of the system. It is more about controlling and observing prompts than tracing execution.
Key takeaway:
If the concern is visibility into internal activity during runtime, the most appropriate monitoring method is detailed application-level tracing and debugging logs. That is exactly what option D provides.
If you want, I can also explain how this differs from observability tools like logging, metrics, and tracing in AI systems.

The correct answer is C. European Union (EU) AI Act.
When an auditor is reviewing a company’s human resources AI systems for legal non-compliance, the most relevant reference is the EU AI Act because it is a binding legal framework, not just a voluntary standard or guideline. HR-related AI uses, such as hiring, promotion, employee monitoring, and performance evaluation, are generally considered high-risk under the EU AI Act. That means these systems are subject to strict legal requirements related to transparency, documentation, risk management, data governance, human oversight, and accuracy.
Why C is correct:
- The EU AI Act is a law, so it is directly relevant to legal compliance.
- HR AI systems often fall into categories the Act treats as high-risk.
- An auditor checking for legal non-compliance should use a legal/regulatory source, not only a best-practice framework.
Why the other options are not the best answer:
- A. OECD standard
- The OECD AI principles are important ethical and policy guidelines, but they are not binding legal requirements for compliance review.
- B. NIST AI Risk Management Framework (AI RMF)
- NIST AI RMF is a useful framework for managing AI risk, but it is voluntary and primarily focused on risk management, not legal compliance.
- D. ISO
- ISO standards can help with governance and quality management, but they are typically voluntary standards rather than legal rules.
In short, if the auditor’s goal is to assess legal non-compliance in HR AI systems, the EU AI Act is the most appropriate reference because it is the primary legal instrument among the choices.

The correct answers are A. Prompt guardrails and D. Model token quotas.
The airline wants to build a chatbot powered by a large language model that can answer customer questions and also accept file uploads. In this kind of application, there are two main risks mentioned in the question:
1. Malicious input
2. Unauthorized use beyond the service-level agreement
Let’s look at the options one by one.
A. Prompt guardrails
Prompt guardrails are controls that help limit or filter what users can send to the model and what the model is allowed to do. They can help prevent prompt injection, harmful requests, and other malicious input. Since the chatbot will accept user questions and uploaded files, guardrails are important to reduce the risk that someone tries to manipulate the model with harmful or unexpected content.
Why it is correct:
- Helps protect against malicious input
- Can restrict unsafe prompts or instructions
- Useful for LLM-specific security
D. Model token quotas
Token quotas limit how many tokens a user, account, or application can send to or receive from the model within a certain time period. This helps prevent abuse, excessive usage, and attempts to go beyond agreed service limits.
Why it is correct:
- Prevents unauthorized or excessive use
- Helps enforce service-level agreement limits
- Protects against runaway cost and abuse
Now the incorrect options:
B. Role-based access controls
RBAC is useful for controlling who can access system resources, but it is not the best choice here for protecting against malicious input to the LLM or for enforcing usage limits under the SLA. It is more about user permissions than model interaction safety.
C. Firewall rules
Firewalls help control network traffic, but they do not directly address prompt injection, malicious text input, or LLM usage quotas. They are useful for general network security, not the specific risks described in the question.
Summary:
- Prompt guardrails protect the model from malicious input.
- Model token quotas prevent unauthorized or excessive usage beyond the SLA.
Therefore, the correct answer is A and D.

The correct answer is C. Identifying and classifying alerts.
A SOC with a very high volume of logs and alerts needs help reducing noise and prioritizing what matters most. Machine learning is especially well suited for recognizing patterns in large datasets, grouping similar items, and classifying events based on learned behavior. In this case, ML can assist by identifying which alerts are likely related, which ones are benign, and which ones may indicate real threats.
Why C is correct:
- ML is effective at alert triage because it can learn from historical data.
- It can classify alerts into categories such as low, medium, or high priority.
- It can help detect patterns that humans might miss when alerts arrive in large volumes.
- It improves SOC efficiency by reducing manual review workload.
Why the other options are incorrect:
A. Applying filters on specific alerts
- Filtering is usually a rule-based or manual process, not a primary ML task.
- It can reduce noise, but it does not leverage ML’s strength in pattern recognition and classification as well as option C does.
B. Automatically patching vulnerable systems
- This is a remediation task, not a triage task.
- ML may help identify vulnerabilities, but automatically patching systems is an administrative/automation function, not the main purpose of ML in alert handling.
D. Summarizing the content of alerts
- While summarization can be useful, it is not the best fit for a SOC triage use case.
- The primary need here is to sort and prioritize alerts, which is better described by identifying and classifying them.
In short:
ML is most useful here for identifying patterns and classifying alerts so analysts can focus on the most important incidents first.

The correct answer is D. Adjusting token limits.
When an application uses a language model, API cost is usually based on how many tokens are sent to and returned from the model. Tokens represent pieces of text, and the more tokens used in a request and response, the higher the cost. If an organization notices increased API costs, one of the most effective controls is to limit the number of tokens the model can generate or process.
Why D is correct:
- Adjusting token limits directly reduces the amount of text the model handles.
- This can lower both prompt-processing and response-generation costs.
- It also helps prevent unnecessarily long outputs, which can quickly increase usage and expense.
Why the other options are not the best answer:
- A. Implementing prompt templates
- Prompt templates can improve consistency and efficiency, but they do not directly control token consumption as effectively as token limits.
- B. Increasing central processing unit (CPU) and memory
- This may help performance in some systems, but it does not reduce LLM API usage costs.
- C. Reducing the model size
- Smaller models may cost less in some cases, but this is not the most direct or universal control for reducing API costs in a custom model integration.
In summary, setting or tightening token limits is the best way to control and reduce LLM API costs because it directly limits usage.

The correct answer is B. Pattern recognition.
Here’s why:
The scenario describes a security administrator observing repeated login behavior over time:
- Two successive login features are recorded every day
- A successful login occurs after a specific time interval
- All successful logins happen during office hours
This indicates the administrator is identifying a repeating trend or behavioral pattern in the login data. Pattern recognition is the technique used to detect and analyze such regularities in data. In the context of AI security, it helps the model learn what normal or suspicious activity looks like, which improves its ability to detect anomalies or threats.
Why the other options are not correct:
A. Access management
This is about controlling who can access systems and resources. It is a security control, but it does not describe analyzing repeated login behavior to improve an AI model.
C. Signature matching
This technique compares data against known malicious patterns or signatures. It is useful for detecting known threats, but the question focuses on recognizing a recurring behavioral sequence, not matching against a known attack signature.
D. Vulnerability analysis
This involves identifying weaknesses in systems or models. It is important for security assessment, but it does not fit the observed pattern of login events described in the question.
In short, the administrator is observing recurring login behavior and timing, which is best addressed by pattern recognition.

The correct answer is C. Data security regulatory violations.
Why this is the most concerning risk:
Public-facing large language models can retain, process, or be exposed to sensitive corporate information if employees paste in internal data, customer records, source code, contracts, or other confidential content. That creates the risk of violating privacy, security, and industry regulations such as GDPR, HIPAA, PCI DSS, or internal data handling policies. Because these models are external services, the company may lose control over where data goes, how it is stored, and whether it is used for model training or logging. This makes regulatory and data security exposure the most serious concern.
Why the other options are less correct:
A. Inaccuracies due to hallucinations
This is a real risk because LLMs can generate incorrect or misleading responses. However, it is usually a quality and reliability issue rather than the most severe company-wide risk.
B. Out-of-date acceptable use policies
This can create governance problems, but it is indirect. It is not as immediately serious as the possibility of exposing regulated or confidential data.
D. Malicious code generation
LLMs can assist in generating harmful code, but for a company allowing ordinary end users to use public LLMs, the broader and more likely concern is accidental leakage of sensitive information and resulting compliance violations.
In summary:
The biggest risk is not just that the model may be wrong or misused, but that employees may share sensitive corporate data with an external service, leading to security incidents and regulatory noncompliance.

The correct answer is D. Configuration standards.
Why D is correct:
Configuration standards are the rules and baseline settings used to secure systems and infrastructure. If developers and administrators must harden infrastructure to protect AI systems, they need clear standards for how servers, networks, storage, access controls, and related components should be configured. Hardening typically involves reducing unnecessary services, applying secure settings, limiting permissions, and ensuring systems are set up to resist attacks.
Why the other options are incorrect:
A. Intake processes
Intake processes are used to collect, review, and prioritize requests or inputs, such as project requests or data submissions. They are not specifically about securing or hardening infrastructure.
B. Acceptable use policies
Acceptable use policies define what users are allowed to do with systems and data. They focus on behavior and policy compliance, not on technical infrastructure hardening.
C. Development guidelines
Development guidelines help programmers write secure, consistent, and maintainable code. While they may include security best practices, they are broader than infrastructure hardening and do not specifically require hardening the underlying environment.
Summary:
The question asks which item requires developers to harden infrastructure to protect AI systems. Configuration standards are the most directly related because they define the secure setup and baseline protections for the infrastructure supporting those systems.