01. The MOST effective AI-driven capability to ensure real-time business continuity is:
a) Predicting potential disruptions without taking preventive action
b) Sending alerts while waiting for manual intervention
c) Keeping logs of incidents for future analysis
d) Automating system failover to backup servers
02. What is the MOST effective metric for monitoring AI solutions provided by AI vendors?
a) Wait for supplier reports before investigating.
b) Use real-time tools to track AI anomalies.
c) Prioritize endpoint logs over centralized platforms.
d) Track model input with key performance indicators.
03. Within which stage of the AI development life cycle should effective feature engineering be conducted?
a) Development
b) Testing
c) Design
d) Define
04. Which of the following is the MOST effective approach to mitigate privacy concerns when an organization collects personal data through a third-party AI application?
a) Have the vendor sign a nondisclosure agreement.
b) Obtain data subject consent on the end user interface.
c) Apply encryption to safeguard personnel data.
d) Conduct a review of applicable data protection regulations.
05. A hospital adopts an AI solution from an external vendor to help diagnose rare diseases. Which of the following BEST demonstrates the verification of security requirements for this technology?
a) Require contractual clauses stipulating periodic information security reviews.
b) Preview contractual clauses of mandatory security AI software update.
c) Perform regular in-depth vulnerability scans on the AI system.
d) Integrate requirements for sensitive data aligned with healthcare regulations.
06. When an AI impact assessment reveals biased training data, what is the MOST effective method to ensure regulatory compliance?
a) Keep the original dataset when the model’s accuracy is high.
b) Rely on model transparency to validate decision making
c) Use diverse and representative datasets to monitor the bias.
d) Focus on ethical guidelines to validate model performance.
07. Which of the following is the BEST method to uncover known vulnerabilities in an AI-based web application that has been recently deployed?
a) Dynamic application security testing (DAST)
b) Static application security testing (SAST)
c) Runtime application self-protection (RASP)
d) Interactive application security testing (IAST)
08. What is the role of an AI governance committee within an organization?
a) To prioritize AI vendors over other business operations
b) To oversee AI implementation and ensure alignment with ethical guidelines
c) To solely focus on marketing AI products
d) To ensure AI models are proprietary and not shared with stakeholders
09. Which of the following data management techniques BEST improves an AI model’s performance by enhancing training data quality?
a) Data classification
b) Data access
c) Data scrubbing
d) Data encoding
10. When designing an AI security architecture, what is the PRIMARY purpose of using adversarial training?
a) To make AI models more resilient to potential attacks
b) To improve the fairness of AI model decisions
c) To reduce the computational cost of resisting attacks
d) To enhance AI model performance on standard datasets
The purpose of this Sample Question Set is to provide you with information about the ISACA Advanced in AI Security Management (AAISM) exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the AAISM certification test. To get familiar with real exam environment, we suggest you try our Sample ISACA AI Security Management Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual ISACA Advanced in AI Security Management (AAISM) certification exam.