Your organization wants to integrate a third-party pre-trained ML model into an internal application. The vendor provides the model weights but no documentation on the training data sources. As the security lead, what is the MOST appropriate action BEFORE integration? A. Run the model in an isolated sandbox and monitor its behavior B. Require a software bill of materials covering the model and its provenance C. Scan the model file for embedded malware before deployment D. Limit the model's runtime permissions to read-only data access Come back for the answer tomorrow, or study more now!

Your organization integrates an AI engine into its SOAR platform to auto-execute containment actions on flagged hosts. During a coordinated attack, the AI quarantines a critical production server, causing an outage. As the SOC manager, what is the MOST appropriate corrective action? A. Disable AI-driven automation and revert to fully manual response B. Define human-approval gates for high-impact automated actions C. Lower the AI's confidence threshold to reduce false containments D. Restrict automated containment to non-production network segments Come back for the answer tomorrow, or study more now!

Your organization is deploying a customer-facing chatbot powered by a third-party LLM. The product team wants to connect it directly to the order management database to answer real-time inventory questions. As the security architect, what is the BEST design control? A. Implement input validation to block prompt injection attempts B. Place an API gateway with strict allow-listed queries between the LLM and the database C. Require TLS 1.3 for all traffic between the chatbot and backend systems D. Deploy a WAF tuned for LLM-specific attack signatures Come back for the answer tomorrow, or study more now!

Your data science team plans to fine-tune a large language model using historical customer support transcripts containing PII. The business wants the model deployed organization-wide for internal use. As the CISO, what is the MOST appropriate action BEFORE training begins? A. Encrypt the training dataset at rest and restrict access to data scientists B. Apply data minimization and de-identification techniques to the training corpus C. Require model output filtering to prevent PII disclosure in responses D. Obtain renewed customer consent for the new processing purpose Come back for the answer tomorrow, or study more now!

Your organization deploys an autonomous AI agent that queries multiple internal data repositories to generate executive reports. The development team requests broad read access "so the model can learn what's relevant." As the security architect, what is the MOST appropriate approach? A. Grant read-only access to all repositories and log every query for review B. Provision a non-human identity with least-privilege, task-scoped entitlements C. Route all agent queries through a human-approved request workflow D. Use the developer's service account credentials for traceability Come back for the answer tomorrow, or study more now!