CompTIA CY0-001 Actual Questions

Basic Concept: AI-specific threat modeling requires consulting resources that catalogue adversarial attacks specifically developed for AI and ML systems. General cybersecurity frameworks may miss AI-unique attack vectors such as model inversion, data poisoning, and adversarial examples. CompTIA SecAI+ Study Guide identifies MITRE ATLAS as the authoritative source for AI system TTPs.

Why D is Correct: MITRE ATLAS provides a comprehensive, curated knowledge base of adversarial tactics, techniques, and procedures specifically targeting AI and ML systems, derived from real-world attack case studies. Analyzing ATLAS enables the architect to enumerate realistic AI-specific attacks applicable to the system being threat-modeled, which directly answers the question of which attacks can be performed.

Why A is Wrong: Using an LLM to map attack paths introduces uncertainty and potential hallucination risk. LLMs may generate plausible-sounding but inaccurate attack paths and cannot guarantee comprehensive coverage of AI-specific attack techniques.

Why B is Wrong: Quantifying risk of known vulnerabilities is a risk assessment step that occurs after identifying which attacks are possible. The architect must first identify attack possibilities before quantifying their risk impact.

Why C is Wrong: OWASP Top 10 covers web application vulnerabilities and, in its LLM edition, certain LLM-specific risks. However, MITRE ATLAS provides a more comprehensive and structured catalog of AI and ML-specific adversarial TTPs for systematic threat modeling.

Basic Concept: Generative AI chatbots interact with users in natural language and may access organizational knowledge bases, databases, or prior conversations. The conversational nature of these systems creates unique risks around sensitive information disclosure. CompTIA SecAI+ Study Guide ranks data leakage as the primary security concern for generative AI chatbots.

Why B is Correct: Data leakage occurs when a generative AI chatbot inadvertently reveals sensitive information including PII, confidential business data, intellectual property, training data, or system configurations in its responses. This can happen through prompt injection attacks, insufficient output filtering, or the model memorizing and reproducing sensitive training data. The impact is immediate, potentially irreversible, and can result in regulatory violations, competitive disadvantage, and reputational damage.

Why A is Wrong: Overly permissive access is a contributing factor that can exacerbate data leakage but is an access control design issue rather than the most directly impactful runtime risk of operating a generative AI chatbot.

Why C is Wrong: Weak encryption is a data protection concern for data in transit or at rest. While important, it is a configuration issue separate from the generative AI chatbot ' s core operational risks and is not specific to chatbot technology.

Why D is Wrong: Model validation ensures a model performs as expected before deployment. While important for quality assurance, it is a development lifecycle activity rather than an ongoing operational security risk associated with running a chatbot.

Basic Concept: When a chatbot leaks PII from one user ' s conversation into another user ' s responses, the root cause is cross-user memory contamination — the chatbot is retaining and sharing conversation context across user sessions. Disabling the memory feature stops the active data leakage immediately. CompTIA SecAI+ Study Guide covers session memory management as a privacy control for AI chatbots.

Why B is Correct: Disabling memory from chat history for all users immediately stops the mechanism causing PII leakage between users. If the chatbot retains no cross-session memory, it cannot include information from one user ' s conversation in another user ' s response. This is the most direct, immediate corrective action that eliminates the root cause of the privacy violation without requiring additional user behavior changes or service disruption.

Why A is Wrong: Taking the chatbot offline and restoring from backup is a drastic action appropriate when the issue requires investigating a potential compromise or data breach. For a configuration issue such as cross-user memory sharing, disabling the memory feature is a more targeted and proportionate first response that addresses the root cause directly.

Why C is Wrong: Asking users to refrain from using PII relies on voluntary user behavior change and does not address the technical root cause. Users may not comply, and even if they do, previously stored PII in memory would continue to leak. This is an ineffective first corrective action.

Why D is Wrong: Requiring users to label sensitivity does not stop the chatbot from storing and sharing PII that has already been submitted. Labels inform the system about data sensitivity but do not prevent the memory mechanism from sharing labeled sensitive data across user sessions.

Basic Concept: Before deploying an AI chatbot that has specific behavioral requirements — no harmful content, professional language, and accurate responses — organizations must verify that the controls designed to enforce these requirements actually work as intended. This pre-deployment verification is essential for customer-facing systems. CompTIA SecAI+ Study Guide covers guardrail testing as a required pre-deployment activity.

Why C is Correct: Guardrail testing and validation specifically verifies that the content filtering, safety controls, and behavioral constraints implemented in the chatbot function correctly before customer exposure. This involves systematically testing with edge cases, adversarial prompts, and boundary conditions to confirm that harmful content is blocked, language remains professional, and responses are accurate. This directly validates the three requirements stated in the question.

Why A is Wrong: Data labeling and classification is a data preparation activity performed during model training and development. By the time the chatbot is fully developed, this work should already be complete.

Why B is Wrong: Model auditing and evaluation assesses overall model performance, accuracy, and compliance at a broader level. While important, it does not specifically verify that the guardrails enforcing the three behavioral requirements work correctly for the specific failure modes customers might trigger.

Why D is Wrong: Regression modeling and minimization refers to statistical techniques for continuous outcome prediction. This is not a relevant pre-deployment activity for a conversational chatbot requiring behavioral safety validation.