AAISM™ ADVANCED IN AI SECURITY MANAGEMENT VERIFIED EXAM
SOLUTIONS - COMPREHENSIVE QUESTIONS AND ANSWERS -
CURRENT VERSION 2026/2027
Q1 What is AI Security Management?
AI Security Management is the discipline of identifying, assessing, and mitigating security
ANS risks specific to AI systems, including threats to model integrity, data pipelines, inference
outputs, and the operational infrastructure supporting AI deployments.
Q2 What distinguishes AI security from traditional cybersecurity?
AI security addresses unique risks such as adversarial attacks on model inputs, data
ANS poisoning, model inversion, prompt injection, and emergent model behaviors that are not
present in conventional software security frameworks.
Q3 Define 'adversarial attack' in the context of AI systems.
An adversarial attack is a deliberate manipulation of input data—often imperceptible to
ANS humans—designed to cause an AI model to produce incorrect or malicious outputs, exploiting
vulnerabilities in the model's decision boundaries.
Q4 What is a data poisoning attack?
A data poisoning attack involves injecting malicious or misleading data into the training
ANS dataset of an AI model so that the model learns incorrect associations, leading to
compromised performance or intentional backdoors during inference.
© AAISM™ Study Guide — Advanced in AI Security Management | 300 Questions & Answers
,Q5 What is model inversion?
Model inversion is an attack in which an adversary queries a trained model to reconstruct
ANS sensitive training data, effectively extracting private information about individuals whose data
was used during training.
Q6 Explain 'model extraction' or 'model stealing'.
Model extraction is a technique where an attacker makes repeated queries to a target model
ANS and uses the responses to train a surrogate model that replicates the target's behavior,
allowing the attacker to steal intellectual property or bypass security controls.
Q7 What is a backdoor attack in AI?
A backdoor attack embeds a hidden trigger into an AI model during training so that the model
ANS behaves normally on standard inputs but produces attacker-specified outputs whenever the
trigger pattern is present in an input.
Q8 What is prompt injection?
Prompt injection is an attack targeting large language models (LLMs) in which malicious
ANS instructions are embedded in user input or retrieved content to override the system's intended
instructions, hijack model behavior, or exfiltrate data.
Q9 Describe the concept of 'AI supply chain security'.
AI supply chain security encompasses protecting all components that contribute to an AI
ANS system, including third-party datasets, pre-trained models, libraries, APIs, cloud services, and
hardware, from compromise, tampering, or malicious insertion.
Q10 What is membership inference in AI security?
Membership inference is an attack in which an adversary determines whether a specific data
ANS record was part of a model's training set by analyzing the model's confidence scores,
enabling privacy violations against training data subjects.
Q11 What is differential privacy and why is it relevant to AI?
Differential privacy is a mathematical framework that adds calibrated statistical noise to data
ANS or model outputs so that the presence or absence of any single individual's data cannot be
inferred, thereby protecting training data privacy.
Q12 Define 'AI threat modeling'.
AI threat modeling is the structured process of identifying potential attackers, attack vectors,
ANS vulnerabilities, and impacts specific to AI system components—including data pipelines,
training processes, model weights, and inference APIs—to prioritize mitigations.
What is a GAN (Generative Adversarial Network) and what security concerns
Q13
does it raise?
© AAISM™ Study Guide — Advanced in AI Security Management | 300 Questions & Answers
, A GAN is an AI architecture consisting of a generator and discriminator trained adversarially.
ANS Security concerns include its use in generating deepfakes, synthetic phishing content,
adversarial examples, and evasion of content-moderation classifiers.
Q14 What is the MITRE ATLAS framework?
MITRE ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) is a
ANS knowledge base of adversary tactics, techniques, and case studies targeting AI systems,
analogous to MITRE ATT&CK but focused specifically on AI/ML threats.
Q15 Explain 'evasion attacks' in machine learning.
Evasion attacks occur at inference time when an adversary crafts inputs to cause a deployed
ANS model to misclassify or produce incorrect outputs without altering the model itself, commonly
seen in malware detection and image classifiers.
Q16 What is AI model robustness?
AI model robustness refers to a model's ability to maintain accurate, reliable performance
ANS when faced with noisy, corrupted, out-of-distribution, or adversarially perturbed inputs rather
than degrading in an exploitable manner.
Q17 What is 'shadow AI' and why is it a security concern?
Shadow AI refers to AI tools and systems deployed within an organization without official IT
ANS or security oversight, creating risks of unvetted data exposure, compliance violations, and
uncontrolled model behaviors.
Q18 Define 'AI hallucination' and its security implications.
AI hallucination occurs when a generative model produces confident but factually incorrect
ANS outputs. Security implications include generation of false legal, medical, or financial
information and potential for social engineering if users trust erroneous output.
Q19 What is 'jailbreaking' in the context of LLMs?
Jailbreaking refers to techniques used to bypass the safety guardrails or content policies built
ANS into large language models, often through crafted prompts that trick the model into producing
disallowed content or executing restricted actions.
Q20 What is a 'red team' exercise in AI security?
An AI red team exercise involves authorized security professionals attempting to identify
ANS vulnerabilities, misuse scenarios, and failure modes in an AI system—including adversarial
inputs, jailbreaks, and data leakage—to inform hardening efforts.
Q21 What is federated learning and how does it affect security?
Federated learning trains models across distributed devices without centralizing raw data.
ANS Security challenges include gradient inversion attacks, poisoning from malicious participants,
and the difficulty of auditing decentralized training contributions.
© AAISM™ Study Guide — Advanced in AI Security Management | 300 Questions & Answers
, Q22 Describe 'transfer learning' and associated security risks.
Transfer learning reuses a pre-trained model as a starting point for a new task. Security risks
ANS include inheriting backdoors or biases from the base model, and potential intellectual property
violations if the base model's licensing is not respected.
Q23 What is 'model watermarking' and why is it used?
Model watermarking embeds a hidden, verifiable signature into a model's weights or outputs
ANS to prove ownership and detect unauthorized copying or redistribution, supporting intellectual
property protection in AI deployments.
Q24 What does 'responsible AI' mean from a security perspective?
Responsible AI from a security perspective requires that AI systems be designed, trained,
ANS and deployed with explicit controls to prevent misuse, protect data privacy, ensure output
reliability, and maintain accountability for decisions made by or with the system.
Q25 What is 'explainability' and why does it matter for AI security?
Explainability refers to the degree to which the internal logic of an AI model can be
ANS understood by humans. It matters for security because opaque models are harder to audit for
vulnerabilities, biases, and backdoors.
Q26 What is 'AI fairness' and how does it relate to security?
AI fairness concerns equitable treatment across demographic groups. Security relevance
ANS arises because biased models can be exploited to produce discriminatory decisions at scale,
creating legal, reputational, and regulatory risk for organizations.
Q27 Define 'model drift' and its security implications.
Model drift is the gradual degradation in model performance due to changes in real-world
ANS data distributions over time. Security implications include increased misclassification rates
that can be exploited and reduced effectiveness of AI-based security controls.
Q28 What is an 'AI security policy'?
An AI security policy is a formal organizational document that defines standards, roles,
ANS responsibilities, and controls for the secure development, deployment, monitoring, and
retirement of AI systems within the organization.
Q29 What is the concept of 'least privilege' as applied to AI systems?
Least privilege applied to AI means that AI models and agents should be granted only the
ANS minimum permissions, data access, and system capabilities required for their designated
function, limiting blast radius if the system is compromised or misbehaves.
Q30 What is 'AI governance'?
© AAISM™ Study Guide — Advanced in AI Security Management | 300 Questions & Answers
SOLUTIONS - COMPREHENSIVE QUESTIONS AND ANSWERS -
CURRENT VERSION 2026/2027
Q1 What is AI Security Management?
AI Security Management is the discipline of identifying, assessing, and mitigating security
ANS risks specific to AI systems, including threats to model integrity, data pipelines, inference
outputs, and the operational infrastructure supporting AI deployments.
Q2 What distinguishes AI security from traditional cybersecurity?
AI security addresses unique risks such as adversarial attacks on model inputs, data
ANS poisoning, model inversion, prompt injection, and emergent model behaviors that are not
present in conventional software security frameworks.
Q3 Define 'adversarial attack' in the context of AI systems.
An adversarial attack is a deliberate manipulation of input data—often imperceptible to
ANS humans—designed to cause an AI model to produce incorrect or malicious outputs, exploiting
vulnerabilities in the model's decision boundaries.
Q4 What is a data poisoning attack?
A data poisoning attack involves injecting malicious or misleading data into the training
ANS dataset of an AI model so that the model learns incorrect associations, leading to
compromised performance or intentional backdoors during inference.
© AAISM™ Study Guide — Advanced in AI Security Management | 300 Questions & Answers
,Q5 What is model inversion?
Model inversion is an attack in which an adversary queries a trained model to reconstruct
ANS sensitive training data, effectively extracting private information about individuals whose data
was used during training.
Q6 Explain 'model extraction' or 'model stealing'.
Model extraction is a technique where an attacker makes repeated queries to a target model
ANS and uses the responses to train a surrogate model that replicates the target's behavior,
allowing the attacker to steal intellectual property or bypass security controls.
Q7 What is a backdoor attack in AI?
A backdoor attack embeds a hidden trigger into an AI model during training so that the model
ANS behaves normally on standard inputs but produces attacker-specified outputs whenever the
trigger pattern is present in an input.
Q8 What is prompt injection?
Prompt injection is an attack targeting large language models (LLMs) in which malicious
ANS instructions are embedded in user input or retrieved content to override the system's intended
instructions, hijack model behavior, or exfiltrate data.
Q9 Describe the concept of 'AI supply chain security'.
AI supply chain security encompasses protecting all components that contribute to an AI
ANS system, including third-party datasets, pre-trained models, libraries, APIs, cloud services, and
hardware, from compromise, tampering, or malicious insertion.
Q10 What is membership inference in AI security?
Membership inference is an attack in which an adversary determines whether a specific data
ANS record was part of a model's training set by analyzing the model's confidence scores,
enabling privacy violations against training data subjects.
Q11 What is differential privacy and why is it relevant to AI?
Differential privacy is a mathematical framework that adds calibrated statistical noise to data
ANS or model outputs so that the presence or absence of any single individual's data cannot be
inferred, thereby protecting training data privacy.
Q12 Define 'AI threat modeling'.
AI threat modeling is the structured process of identifying potential attackers, attack vectors,
ANS vulnerabilities, and impacts specific to AI system components—including data pipelines,
training processes, model weights, and inference APIs—to prioritize mitigations.
What is a GAN (Generative Adversarial Network) and what security concerns
Q13
does it raise?
© AAISM™ Study Guide — Advanced in AI Security Management | 300 Questions & Answers
, A GAN is an AI architecture consisting of a generator and discriminator trained adversarially.
ANS Security concerns include its use in generating deepfakes, synthetic phishing content,
adversarial examples, and evasion of content-moderation classifiers.
Q14 What is the MITRE ATLAS framework?
MITRE ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) is a
ANS knowledge base of adversary tactics, techniques, and case studies targeting AI systems,
analogous to MITRE ATT&CK but focused specifically on AI/ML threats.
Q15 Explain 'evasion attacks' in machine learning.
Evasion attacks occur at inference time when an adversary crafts inputs to cause a deployed
ANS model to misclassify or produce incorrect outputs without altering the model itself, commonly
seen in malware detection and image classifiers.
Q16 What is AI model robustness?
AI model robustness refers to a model's ability to maintain accurate, reliable performance
ANS when faced with noisy, corrupted, out-of-distribution, or adversarially perturbed inputs rather
than degrading in an exploitable manner.
Q17 What is 'shadow AI' and why is it a security concern?
Shadow AI refers to AI tools and systems deployed within an organization without official IT
ANS or security oversight, creating risks of unvetted data exposure, compliance violations, and
uncontrolled model behaviors.
Q18 Define 'AI hallucination' and its security implications.
AI hallucination occurs when a generative model produces confident but factually incorrect
ANS outputs. Security implications include generation of false legal, medical, or financial
information and potential for social engineering if users trust erroneous output.
Q19 What is 'jailbreaking' in the context of LLMs?
Jailbreaking refers to techniques used to bypass the safety guardrails or content policies built
ANS into large language models, often through crafted prompts that trick the model into producing
disallowed content or executing restricted actions.
Q20 What is a 'red team' exercise in AI security?
An AI red team exercise involves authorized security professionals attempting to identify
ANS vulnerabilities, misuse scenarios, and failure modes in an AI system—including adversarial
inputs, jailbreaks, and data leakage—to inform hardening efforts.
Q21 What is federated learning and how does it affect security?
Federated learning trains models across distributed devices without centralizing raw data.
ANS Security challenges include gradient inversion attacks, poisoning from malicious participants,
and the difficulty of auditing decentralized training contributions.
© AAISM™ Study Guide — Advanced in AI Security Management | 300 Questions & Answers
, Q22 Describe 'transfer learning' and associated security risks.
Transfer learning reuses a pre-trained model as a starting point for a new task. Security risks
ANS include inheriting backdoors or biases from the base model, and potential intellectual property
violations if the base model's licensing is not respected.
Q23 What is 'model watermarking' and why is it used?
Model watermarking embeds a hidden, verifiable signature into a model's weights or outputs
ANS to prove ownership and detect unauthorized copying or redistribution, supporting intellectual
property protection in AI deployments.
Q24 What does 'responsible AI' mean from a security perspective?
Responsible AI from a security perspective requires that AI systems be designed, trained,
ANS and deployed with explicit controls to prevent misuse, protect data privacy, ensure output
reliability, and maintain accountability for decisions made by or with the system.
Q25 What is 'explainability' and why does it matter for AI security?
Explainability refers to the degree to which the internal logic of an AI model can be
ANS understood by humans. It matters for security because opaque models are harder to audit for
vulnerabilities, biases, and backdoors.
Q26 What is 'AI fairness' and how does it relate to security?
AI fairness concerns equitable treatment across demographic groups. Security relevance
ANS arises because biased models can be exploited to produce discriminatory decisions at scale,
creating legal, reputational, and regulatory risk for organizations.
Q27 Define 'model drift' and its security implications.
Model drift is the gradual degradation in model performance due to changes in real-world
ANS data distributions over time. Security implications include increased misclassification rates
that can be exploited and reduced effectiveness of AI-based security controls.
Q28 What is an 'AI security policy'?
An AI security policy is a formal organizational document that defines standards, roles,
ANS responsibilities, and controls for the secure development, deployment, monitoring, and
retirement of AI systems within the organization.
Q29 What is the concept of 'least privilege' as applied to AI systems?
Least privilege applied to AI means that AI models and agents should be granted only the
ANS minimum permissions, data access, and system capabilities required for their designated
function, limiting blast radius if the system is compromised or misbehaves.
Q30 What is 'AI governance'?
© AAISM™ Study Guide — Advanced in AI Security Management | 300 Questions & Answers
