Page 1 of 40
AI for IT Automation and Security
Performance Assessment Passed | Full PA
Report with GNS3 Topology & JSON
Export | 2026 Update with complete
solutions.
Question A1
Which AI technique is most suitable for predicting network
device failures based on historical syslog patterns?
A) Reinforcement Learning
B) Time Series Forecasting with LSTM
C) K-Means Clustering
D) Apriori Algorithm
,Page 2 of 40
Rationale: LSTM networks excel at capturing temporal
dependencies in sequential data like syslog timestamps.
Reinforcement learning requires reward functions (unavailable
here), K-means is unsupervised clustering without temporal
modeling, and Apriori is for association rules.
Answer: B
Question A2
In the context of AI-driven configuration management, what
does "declarative intent-based automation" mean?
A) Writing step-by-step scripts to execute commands
B) Specifying desired end-state and letting AI determine
execution path
C) Manually reviewing every configuration change
D) Using only CLI commands for network devices
,Page 3 of 40
Rationale: Intent-based automation focuses on what should
happen, not how. The AI system translates the declared intent into
specific device-level operations, handling error recovery and
optimization automatically.
Answer: B
Question A3
A Python script using scikit-learn implements Isolation Forest
for detecting abnormal SSH login patterns. What is the primary
advantage of Isolation Forest over One-Class SVM?
A) Better accuracy on small datasets
B) Linear time complexity O(n) and lower memory usage
C) Supports only numeric features
D) Requires labeled anomaly data
, Page 4 of 40
Rationale: Isolation Forest has O(n) complexity and isolates
anomalies by random partitioning, making it highly efficient for
large network telemetry datasets. One-Class SVM has O(n²) to
O(n³) complexity.
Answer: B
Question A4-A25 (Continued - Selected Sample)
<details> <summary>Click to expand full Section A (Questions
A4-A25)</summary>
A4: Which loss function is most appropriate for a binary
classifier detecting malicious PowerShell commands?
Answer: Binary Cross-Entropy (Log Loss)
Rationale: Binary classification with probability outputs requires
cross-entropy; MSE assumes Gaussian errors.
AI for IT Automation and Security
Performance Assessment Passed | Full PA
Report with GNS3 Topology & JSON
Export | 2026 Update with complete
solutions.
Question A1
Which AI technique is most suitable for predicting network
device failures based on historical syslog patterns?
A) Reinforcement Learning
B) Time Series Forecasting with LSTM
C) K-Means Clustering
D) Apriori Algorithm
,Page 2 of 40
Rationale: LSTM networks excel at capturing temporal
dependencies in sequential data like syslog timestamps.
Reinforcement learning requires reward functions (unavailable
here), K-means is unsupervised clustering without temporal
modeling, and Apriori is for association rules.
Answer: B
Question A2
In the context of AI-driven configuration management, what
does "declarative intent-based automation" mean?
A) Writing step-by-step scripts to execute commands
B) Specifying desired end-state and letting AI determine
execution path
C) Manually reviewing every configuration change
D) Using only CLI commands for network devices
,Page 3 of 40
Rationale: Intent-based automation focuses on what should
happen, not how. The AI system translates the declared intent into
specific device-level operations, handling error recovery and
optimization automatically.
Answer: B
Question A3
A Python script using scikit-learn implements Isolation Forest
for detecting abnormal SSH login patterns. What is the primary
advantage of Isolation Forest over One-Class SVM?
A) Better accuracy on small datasets
B) Linear time complexity O(n) and lower memory usage
C) Supports only numeric features
D) Requires labeled anomaly data
, Page 4 of 40
Rationale: Isolation Forest has O(n) complexity and isolates
anomalies by random partitioning, making it highly efficient for
large network telemetry datasets. One-Class SVM has O(n²) to
O(n³) complexity.
Answer: B
Question A4-A25 (Continued - Selected Sample)
<details> <summary>Click to expand full Section A (Questions
A4-A25)</summary>
A4: Which loss function is most appropriate for a binary
classifier detecting malicious PowerShell commands?
Answer: Binary Cross-Entropy (Log Loss)
Rationale: Binary classification with probability outputs requires
cross-entropy; MSE assumes Gaussian errors.
