Which activities are considered detection techniques for common AI attacks?

Prepare for the ISACA Advanced in AI Security Management (AAISM) Test. Study with in-depth multiple choice questions, each offering insightful hints and detailed explanations. Equip yourself with expert knowledge and get exam-ready!

Multiple Choice

Which activities are considered detection techniques for common AI attacks?

Explanation:
Detection techniques for AI security center on watching how the system behaves and how data flows, so anomalies or misuse can be spotted early. Monitoring access logs lets you see who is interacting with the system and when, making it possible to spot unusual access patterns, unauthorized accounts, or attempts at data exfiltration. Reviewing data preprocessing scripts helps catch tampering or manipulation in the data pipeline—such as poisoned data, altered normalization, or injected biases—that could skew model behavior before training or during inference. Analyzing API call logs reveals suspicious usage patterns, such as bursts of requests, strange payloads, or calls to unusual endpoints, all of which can indicate automation, prompt injection attempts, or attempts to extract information from the model. These activities provide continuous visibility and the historical context needed to detect attacks as they occur. In contrast, training new models and deploying new algorithms are development activities aimed at improving performance or capabilities, not detecting attacks. Disabling all logging would remove visibility entirely, making detection impossible. Relying solely on user reports without logs ignores proactive monitoring and often delays finding and mitigating issues.

Detection techniques for AI security center on watching how the system behaves and how data flows, so anomalies or misuse can be spotted early. Monitoring access logs lets you see who is interacting with the system and when, making it possible to spot unusual access patterns, unauthorized accounts, or attempts at data exfiltration. Reviewing data preprocessing scripts helps catch tampering or manipulation in the data pipeline—such as poisoned data, altered normalization, or injected biases—that could skew model behavior before training or during inference. Analyzing API call logs reveals suspicious usage patterns, such as bursts of requests, strange payloads, or calls to unusual endpoints, all of which can indicate automation, prompt injection attempts, or attempts to extract information from the model.

These activities provide continuous visibility and the historical context needed to detect attacks as they occur. In contrast, training new models and deploying new algorithms are development activities aimed at improving performance or capabilities, not detecting attacks. Disabling all logging would remove visibility entirely, making detection impossible. Relying solely on user reports without logs ignores proactive monitoring and often delays finding and mitigating issues.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy