ISACA AAISM Cert Guide PDF 100% Cover Real Exam Questions
Pass AAISM Exam - Real Questions and Answers
ISACA AAISM Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
NEW QUESTION # 121
A school district contracts a third-party provider for AI-based curriculum recommendations. Which of the following is the BEST way to ensure the vendor uses AI responsibly?
- A. Requiring the vendor to provide the model card
- B. Confirming the AI solution supports single sign-on (SSO)
- C. Ensuring the vendor offers 24/7 technical support
- D. Verifying the vendor has updated terms of service
Answer: A
Explanation:
AAISM emphasizes transparency artifacts from vendors to enable due diligence and assurance. A model card documents intended use, data sources, limitations, performance across subgroups, known risks, and evaluation procedures-information necessary to assess safety, fairness, and compliance for sensitive contexts like education. SSO and support are useful operational features; generic ToS updates are insufficient without model-specific disclosures.
References: AI Security Management (AAISM) Body of Knowledge - Third-Party & Supply Chain Governance; Transparency Artifacts (Model Cards, Datasheets). AAISM Study Guide - Vendor Due Diligence Requirements; Documentation for Risk, Fairness, and Intended Use.
NEW QUESTION # 122
Which of the following mitigation control strategies would BEST reduce the risk of introducing hidden backdoors during model fine-tuning via third-party components?
- A. Performing threat modeling and integrity checks
- B. Disabling runtime logs during model training
- C. Leveraging open-source models and packages
- D. Implementing unsupervised learning methods
Answer: A
Explanation:
The most effective way to reduce the risk of hidden backdoors entering during fine-tuning via third-party components is to apply supply-chain aware threat modeling and integrity verification across data, code, models, and dependencies. This includes SBOM/MBOM review, cryptographic signing and hash verification, controlled provenance of datasets and model weights, dependency pinning, secure artifact repositories, and pre-deployment security testing (including backdoor scans and evals). Merely preferring open-source (Option B) does not guarantee integrity; learning paradigm changes (Option C) are unrelated to supply-chain risk; and disabling logs (Option D) reduces forensic visibility and increases risk.
References:
AAISM Body of Knowledge: Secure AI Supply Chain; Model Provenance, Integrity and SBOM/MBOM Controls; Pre-deployment Security Testing and Backdoor/Poisoning Evals.
AAISM Study Guide: AI Threat Modeling (Attack Surfaces in Training/Fine-tuning); Third-Party/Vendor Component Assurance; Cryptographic Integrity and Artifact Governance.
NEW QUESTION # 123
Within an incident handling process, which of the following would BEST help restore end user trust with an AI system?
- A. The AI model's outputs are validated by team members
- B. The AI model prioritizes incidents based on business impact
- C. AI is being used to monitor incident detection and alerts
- D. Remediation of the AI system based on lessons learned
Answer: A
Explanation:
Restoring end user trust during incident handling requires visible, immediate assurance that system outcomes are safe and appropriate. AAISM prescribes human oversight and approval gates for high-risk AI decisions, with human validation of outputs before use as a primary control to maintain trust while technical remediation is underway. Prioritization (A) and monitoring (B) aid operations but do not directly rebuild user confidence in outcomes. Post-incident improvements (D) are essential for long-term assurance but do not provide the immediate trust restoration that supervised, human-validated outputs deliver.
References: AI Security Management (AAISM) Body of Knowledge - Incident Handling & Communications; Human Oversight and Approval Gates; Trust Restoration During AI Incidents.
NEW QUESTION # 124
Which of the following is the BEST way to ensure an organization remains compliant with industry regulations when decommissioning an AI system used to record patient data?
- A. Ensure the certificate of destruction is received and archived in line with data retention policies
- B. Update governance policies based on lessons learned and ensure a feedback loop exists
- C. Ensure backups are tested and access controls are recorded and audited to ensure compliance
- D. Perform a post-destruction risk assessment to verify that there is no residual exposure of data
Answer: A
Explanation:
For regulated data such as patient information, AAISM requires provable data lifecycle closure at decommissioning. The authoritative evidence is a certificate of destruction (covering primary, replicas, backups, and caches) retained per the organization's records retention policy. While testing backups and auditing access (A), updating policies (B), and doing post-destruction risk assessment (C) are valuable practices, documented destruction attestation is the primary compliance proof point that the data was disposed of in accordance with regulatory and contractual obligations.
References: AI Security Management™ (AAISM) Body of Knowledge - Data Lifecycle Governance; Decommissioning & Secure Disposal; Records Retention and Evidence of Destruction.
NEW QUESTION # 125
A newly hired programmer suspects that the organization's AI solution is inferring users' sensitive information and using it to advise future decisions. Which of the following is the programmer's BEST course of action?
- A. Inform the governance panel
- B. Conduct a code review
- C. Alert the CIO to the risk
- D. Suggest fine-tuning the AI solution
Answer: A
Explanation:
AAISM directs personnel to use established AI governance channels for suspected privacy, ethics, or compliance risks. The governance panel (risk, privacy, legal/compliance, security, product/data science) is chartered to triage, record, investigate, and direct remediation for potential inference of sensitive attributes and resulting decision impacts. Direct technical action (A or C) bypasses due process and accountability; escalating directly to a single executive (B) lacks the structured, cross-functional oversight required for regulated and ethical AI risk handling.
References:AI Security Management (AAISM) Body of Knowledge: AI Governance Operating Model; Roles & Responsibilities; Risk Intake and Triage for Privacy/Inference Risks.AAISM Study Guide: Ethics & Responsible AI Escalation Pathways; Governance Board Procedures; Documentation and Decision Records.
NEW QUESTION # 126
During the deployment of a generative AI platform, a risk assessment highlighted threats such as data leakage and prompt manipulation. Which of the following is the BEST way to ensure appropriate control selection?
- A. Map identified AI threats to enterprise control catalogs and integrate AI-specific safeguards where gaps exist
- B. Postpone control selection until deployment and address risk through enhanced monitoring
- C. Rely primarily on vendor-provided security features and seek third-party certifications
- D. Apply AI-specific controls from external frameworks without customization and initiate monitoring to expedite compliance
Answer: A
Explanation:
AAISM requires that control selection be threat-led and context-specific, aligning AI threats to the organization's existing enterprise control catalogs (security, privacy, resilience) and augmenting them with AI- specific safeguards where coverage is insufficient. This ensures consistency with the risk appetite, removes duplication, and closes AI-unique gaps (e.g., prompt injection, data leakage from context windows, model misuse). Generic reliance on vendors or uncustomized external frameworks does not ensure fit-for-purpose coverage, and deferring control selection to post-deployment contradicts proactive risk treatment.
References: AI Security Management™ (AAISM) Body of Knowledge - Governance & Program Controls; Control Selection and Tailoring; Threat-to-Control Mapping for AI Systems; Risk Appetite & Control Assurance Alignment.
NEW QUESTION # 127
Security and assurance requirements for AI systems should FIRST be embedded in the:
- A. Model training phase
- B. Model design phase
- C. Model testing phase
- D. Model deployment phase
Answer: B
Explanation:
AAISM directs organizations to embed security, safety, and compliance controls at design time ("secure- by-design" and "shift-left"), ensuring requirements for robustness, privacy, and governance are defined as non-functional constraints on architecture, data sourcing, model choices, and evaluation criteria before any model is trained. Deferring these requirements to training, testing, or deployment increases residual risk and rework, and weakens traceability of control coverage.
References:* AI Security Management (AAISM) Body of Knowledge: Governance-Secure-by-Design; Policy-to-Control Traceability; Requirements Management* AAISM Study Guide: AI Program Lifecycle- Planning & Design Controls; Design-time Threat Modeling and Control Selection* AAISM Mapping to Standards: Design-phase Risk Identification and Requirements Engineering for AI
NEW QUESTION # 128
A financial organization is concerned about the risk of prompt injection attacks on its customer service chatbot. Which of the following controls BEST addresses this concern?
- A. Increasing model parameters
- B. Input validation
- C. Continuous monitoring
- D. Human-in-the-loop
Answer: B
Explanation:
AAISM emphasizes preventive technical controls for LLM threats such as prompt injection, including input validation/sanitization, instruction isolation, allow/deny lists, context segmentation, and output filtering.
These reduce the model's exposure to adversarial instructions embedded in user prompts or retrieved context.
Monitoring (A) is detective, not preventive; increasing parameters (B) does not inherently improve security against injection; human-in-the-loop (D) is valuable for high-risk decisions but does not directly neutralize injection vectors at the control boundary the way input validation and content filtering do.
References: AI Security Management (AAISM) Body of Knowledge - Technical Controls for LLM Security; Input/Output Filtering and Context Isolation; Secure Inference and Prompt Injection Mitigations.
NEW QUESTION # 129
Implementing which of the following would MOST effectively address bias in generative AI models?
- A. Fairness constraints
- B. Data minimization
- C. Adversarial training
- D. Data augmentation
Answer: A
Explanation:
AAISM identifies fairness constraints (e.g., constrained optimization, debiasing objectives, conditional generation controls, and post-processing calibrations) as the most direct, measurable method to mitigate disparate outcomes in generative systems. While data augmentation can help with coverage, and adversarial training improves robustness, fairness constraints explicitly target distributional fairness and outcome equity in generated content, aligning with governance and compliance goals.
References: AI Security Management (AAISM) Body of Knowledge - Fairness & Bias Management in Generative AI; Metrics, Constraints, and Remediation. AAISM Study Guide - Fairness Objectives, Post-hoc Debiasing, and Evaluation Protocols.
NEW QUESTION # 130
An organization plans to use AI to analyze the shopping patterns of its customers to predict interests and send targeted, customized marketing emails. Which of the following should be done FIRST?
- A. Update the terms of service
- B. Verify customer email addresses
- C. Train the marketing department
- D. Obtain customer consent
Answer: D
Explanation:
The first action, before any processing of personal data for AI-driven profiling and targeted communications, is to establish a lawful basis for processing. Under AAISM-aligned privacy governance, explicit and informed consent is prioritized for new or sensitive uses such as interest profiling and targeted marketing. Consent ensures purpose limitation, transparency, and user control prior to model ingestion and campaign activation.
Training teams, updating terms of service, or verifying contact details are important, but they do not provide legal authority to process data; therefore, they follow after consent is obtained.
References: AI Security Management™ (AAISM) Body of Knowledge - Privacy Governance and Lawful Basis; Purpose Limitation and Transparency; Consent Management in AI-enabled Marketing. AAISM Study Guide - Data Protection Controls for AI Profiling; Consent Capture and Record-Keeping.
NEW QUESTION # 131
During red-team testing of an AI system used to make lending decisions, which of the following techniques BEST simulates a data poisoning attack?
- A. Adding noise to output predictions
- B. Stealing model weights from a deployed API
- C. Corrupting training data sets to manipulate outcomes
- D. Inputting encrypted data into the model
Answer: C
Explanation:
AAISM defines data poisoning as the intentional manipulation of training data so that the learned model behaves incorrectly (e.g., skewed lending approvals/denials) while appearing valid. The correct simulation in red-team exercises is to corrupt or seed the training set with adversarial examples or mislabeled records to induce biased or erroneous decision boundaries. Encrypting inputs (A) is unrelated; output noise (B) describes perturbation of predictions, not training; model weight theft (C) is model extraction, not poisoning.
References: AI Security Management (AAISM) Body of Knowledge - Adversarial ML Threats; Data Poisoning and Training-Time Attacks. AAISM Study Guide - Red-Team Methods for AI; Poisoning vs.
Evasion vs. Model Extraction; Controls and Testing for Safety-Critical Decisions.
NEW QUESTION # 132
An organization decides to use an anomaly-based intrusion detection system (IDS) integrated with a generative adversarial network-enabled AI tool. The integrated tool would MOST effectively detect intrusions by leveraging:
- A. classified real intrusion data based on labeled data
- B. automated rule creation to increase model performance
- C. synthetic intrusion data to train the tool's components
- D. validation data sets to enable highly realistic AI decisions
Answer: C
Explanation:
AAISM describes GANs as effective for synthetic data generation to augment scarce or imbalanced security datasets. In anomaly IDS contexts, GANs can create realistic synthetic attack traffic and edge-case behaviors that improve detector sensitivity and robustness. While labeled "real" data is valuable, the specific advantage of a GAN-integrated pipeline is the capability to generate adversarially realistic synthetic intrusions for training and stress testing. Automated rules are a signature-based paradigm and do not leverage GAN strengths; validation sets are for evaluation, not primary improvement of anomaly coverage.
References:* AI Security Management™ (AAISM) Body of Knowledge: Security data engineering; synthetic data via generative models for rare-event detection; adversarial augmentation for IDS.* AI Security Management™ Study Guide: Model robustness with synthetic adversarial examples; training-set enrichment for anomaly detection.
NEW QUESTION # 133
Which of the following is the MOST important consideration for an organization that has decided to adopt AI to leverage its competitive advantage?
- A. Develop a business case for the procurement of AI monitoring tools
- B. Develop a comprehensive strategic roadmap for AI integration
- C. Develop internal training programs on AI governance, risk, and compliance (GRC)
- D. Develop a comprehensive risk management process to address AI-related issues
Answer: B
Explanation:
AAISM's governance guidance emphasizes that adopting AI for competitive advantage must begin with a comprehensive strategic roadmap for integration. This roadmap aligns AI adoption with business objectives, sets priorities, defines milestones, and ensures coordination across functions. Risk management, training, and tool procurement are essential, but they are tactical steps that follow once the strategic direction is defined.
Without a roadmap, adoption becomes fragmented and risks misalignment with business strategy. The most important consideration at the adoption stage is therefore creating a strategic integration roadmap.
References:
AAISM Exam Content Outline - AI Governance and Program Management (Strategy and Roadmapping) AI Security Management Study Guide - Business Alignment of AI Initiatives
NEW QUESTION # 134
Which of the following is the MOST important consideration when an organization is adopting generative AI for personalized advertising?
- A. Commercial risk
- B. Fraud risk
- C. Regulatory risk
- D. Reputational risk
Answer: C
Explanation:
In AI program decisions that process personal data for targeted or personalized advertising, the primary governance obligation is to ensure regulatory compliance with data protection and profiling requirements.
AAISM emphasizes that when AI use cases involve personal data, regulatory risk is paramount because unlawful collection, consent failures, opaque profiling, or non-compliant automated decision-making can trigger enforcement actions, fines, mandated remediation, and restrictions on processing-risks that outweigh commercial or reputational impacts in both likelihood and severity for this use case. AAISM guidance requires upfront legal basis assessment, purpose limitation, data minimization, transparency, user rights enablement, and DPIA/AI impact assessments before deployment, making regulatory conformance the first- order decision criterion for personalized advertising with generative AI.
References:* AI Security Management (AAISM) Body of Knowledge: AI Governance-Compliance-by- design, lawful basis and purpose limitation for profiling; Impact assessments and consent governance.* AI Security Management Study Guide: Personal-data use cases, high-risk processing controls, regulatory risk prioritization in AI adoption decisions.
NEW QUESTION # 135
An organization is looking to purchase an AI application from a vendor but is concerned about the security of its data. Which of the following is the MOST effective way to address this concern?
- A. Initiate discussions between the organization's and the vendor's legal teams
- B. Assess the vendor's publicly available AI usage policy
- C. Mandate an AI security audit by an external auditor before procurement
- D. Ensure vendors disclose how the application uses the organization's data
Answer: D
Explanation:
AAISM's approach to third-party and vendor risk for AI systems stresses data usage transparency as a primary control. The guidance explains that organizations must obtain clear documentation on "what data is collected, how it is processed, stored, retained, and whether it is reused for training or shared with other parties." Option C directly addresses this by requiring the vendor to disclose how the application uses organizational data, enabling appropriate risk assessment, contractual controls, and technical safeguards. An external audit (A) can be useful but may be costly and not always feasible pre-procurement. Legal discussions (B) are important but ineffective without clarity on data flows. Publicly available policies (D) are often high- level and marketing-oriented, lacking the specificity required for proper risk evaluation. Therefore, obtaining explicit data usage disclosures from the vendor is the most effective starting point.
References: AI Security Management™ (AAISM) Study Guide - Third-Party AI Risk and Data Sharing; Vendor Governance Requirements.
NEW QUESTION # 136
For a life insurance company deploying AI for fraud detection, which factor is MOST critical?
- A. Adaptability
- B. Explainability
- C. Accuracy
- D. Robustness
Answer: D
Explanation:
AAISM emphasizes robustness as the key requirement for fraud-detection systems because they must resist adversarial manipulation, data poisoning, spoofing, and input tampering.
Accuracy (B) matters but does not protect against adversarial attacks. Explainability (C) is important but secondary. Adaptability (D) is useful but not the top security requirement.
References: AAISM Study Guide - AI Robustness; Fraud Detection and Adversarial Resistance.
NEW QUESTION # 137
An organization is facing a deepfake attack intended to manipulate stock prices. The organization's crisis communication plan has been activated. Which of the following is MOST important to include in the initial response?
- A. Conduct a detailed forensic analysis to identify the source of the deepfake
- B. Provide clarifying information in a pre-approved public statement
- C. Conduct employee awareness training on recognizing deepfake videos and audio
- D. Engage with brand monitoring services to track social media activity
Answer: B
Explanation:
AAISM guidance on crisis management and communication emphasizes that the initial priority in responding to a reputational or market manipulation attack is to provide accurate clarifying information to the public through a pre-approved statement. This ensures stakeholders and markets are given verified facts immediately, limiting the spread of misinformation. While forensic analysis, employee training, and monitoring activities are important, they occur after the immediate need for public trust and damage control is addressed. Pre-approved statements are a central control in AI-related incident response to ensure consistency, timeliness, and credibility in communications.
References:
AAISM Study Guide - AI Governance and Program Management (Incident Response and Crisis Communication) ISACA AI Security Management - Public Communication and Trust Preservation
NEW QUESTION # 138
An organization is adopting an agentic AI solution from an external vendor to support internal IT operations.
Which of the following provides the MOST reliable and independently verifiable evidence of implemented security controls?
- A. General AI security whitepapers
- B. Third-party audit reports
- C. Internal red-team testing reports
- D. Industry benchmarking peer review
Answer: B
Explanation:
AAISM states that when evaluating external AI vendors, independently issued third-party audit reports (SOC, ISO, AI assurance assessments) provide the strongest evidence of implemented controls because they are objective, repeatable, and externally verified.
Peer reviews (A) lack formality, internal red-team reports (C) are non-independent, and whitepapers (D) are marketing documents without assurance value.
References: AAISM Study Guide - Third-Party AI Risk Management; Independent Assurance and Audit Requirements.
NEW QUESTION # 139
Which of the following AI data management techniques involves creating validation and test data?
- A. Annotating
- B. Splitting
- C. Learning
- D. Training
Answer: B
Explanation:
Data splitting partitions a labeled dataset into training, validation, and test subsets to enable unbiased model tuning and evaluation. Training (A) consumes the training split; annotating (B) adds labels; learning (D) is a general term for model optimization, not a data management step.
References: AI Security Management (AAISM) Body of Knowledge - Data Lifecycle Controls; Dataset Partitioning for Validation and Testing. AAISM Study Guide - Train/Validation/Test Splits and Evaluation Integrity.
NEW QUESTION # 140
A health services organization is developing a proprietary generative AI chatbot to assist patients with medical devices. Which of the following should be the organization's HIGHEST priority?
- A. Maximizing the amount of training data
- B. Selecting the appropriate training data
- C. Tuning algorithms used in the AI model
- D. Maximizing neural network size
Answer: B
Explanation:
AAISM prioritizes training data suitability-lawful sourcing, provenance, quality, representativeness, and safety-especially in health-related applications. The correctness and appropriateness of training data determine clinical safety, reduction of harmful outputs, and compliance with data protection/sector obligations. Larger models or more data do not compensate for inappropriate or low-quality datasets; tuning is secondary to ensuring the right data with rigorous curation, labeling quality, and guardrails aligned to patient safety requirements.
References:* AI Security Management™ (AAISM) Body of Knowledge: Data Governance & Quality; High- Risk/Health Context Controls; Safety & Harm Minimization* AAISM Study Guide: Data Provenance & Suitability, Domain-Specific Dataset Controls; Compliance-by-Design for Sensitive Sectors
NEW QUESTION # 141
The PRIMARY goal of data poisoning attacks is to:
- A. undermine the integrity of the AI system's outputs
- B. manipulate the behavior of the model during development
- C. compromise the confidentiality of output data from the model
- D. compromise the confidentiality of model input data
Answer: A
Explanation:
AAISM defines data poisoning as the insertion of malicious or corrupted data into training (or fine-tuning) pipelines to degrade or bias model behavior, thereby compromising output integrity in production. While poisoning occurs during development/training (C), its primary objective is the downstream integrity impact on predictions/outputs (D). Options A and B relate to confidentiality threats (e.g., inversion or leakage), not poisoning.
References:* AI Security Management (AAISM) Body of Knowledge: Model Integrity Threats-data poisoning aims and effects; supply-side data controls* AAISM Study Guide: Risk scenarios for poisoning; mitigations via data provenance checks, robust training, and anomaly detection
NEW QUESTION # 142
An organization is deploying a large language model (LLM) and is concerned that input manipulations may compromise its integrity. Which of the following is the MOST effective way to determine an acceptable risk threshold?
- A. Implement a static risk threshold by limiting LLM outputs
- B. Deploy a real-time logging and monitoring system
- C. Assess the business impact of known threats
- D. Restrict all user inputs containing special characters
Answer: C
Explanation:
AAISM requires that risk thresholds/tolerances be set by aligning threat likelihood and impact with the organization's business context and risk appetite. Determining "acceptable" risk starts with assessing business impact of credible threats (e.g., prompt injection leading to data exfiltration, policy evasion, or harmful actions), then translating this into control intensity and thresholds. Hard input restrictions (A) and static output caps (C) are blunt measures that may degrade utility without ensuring alignment to risk appetite. Monitoring (B) is essential for detection, but it does not, by itself, define what level of risk is acceptable.
References: AI Security Management™ (AAISM) Body of Knowledge - Risk Appetite and Tolerance for AI; Threat Modeling for LLMs; Business Impact Analysis and Risk Acceptance Criteria.
NEW QUESTION # 143
......
100% Free AAISM Daily Practice Exam With 257 Questions: https://pass4sure.dumpstorrent.com/AAISM-exam-prep.html