A security operations center (SOC) has a very high volume of logs and alerts. The manager proposes the implementation of machine learning (ML) system to help with triage. Which of the following tasks is most suitable?
Answer(s): C
Machine learning is best suited for analyzing large volumes of security data and distinguishing between true threats and false positives. By identifying and classifying alerts, the ML system helps the SOC prioritize incidents and reduce analyst workload.
An organization recently created a custom model that integrates with a language model (LLM). The developer notices that the application programming interface (API) costs have increased. Which of the following is the best control to reduce cost?
Answer(s): D
API costs for large language model integrations are directly tied to token usage (input + output tokens). By adjusting token limits, the organization can reduce unnecessary processing of overly long prompts or responses, thereby lowering overall API costs without changing model size or infrastructure resources.
A security administrator needs to improve an AI model. During an initial investigation, the administrator notices that two successive login features are recorded every day, and then a successful login occurs after a specific time interval. All the successful login attempts have been during office hours. Which of the following techniques should the administrator use to improve the AI model's security?
Answer(s): B
The administrator is analyzing repeated login behaviors and time-based patterns that precede successful access. Pattern recognition allows the AI model to detect these behavioral trends, improving its ability to identify anomalies or potential attacks while aligning with normal office-hour login behavior.
Which of the following is the most concerning risk for a company that allows corporate end users to use public- facing large language models (LLMs)?
The greatest concern with employees using public-facing LLMs is the potential exposure of sensitive or regulated corporate data. Submitting such information to external systems may violate data protection laws (e.g., GDPR, HIPAA), creating legal and compliance risks that outweigh issues like hallucinations or malicious outputs.
Which of the following requires developers to harden infrastructure to protect AI systems?
Configuration standards define how infrastructure and systems must be securely set up and maintained. By following these standards, developers harden the environment that supports AI systems, reducing risks from misconfigurations and vulnerabilities.
Post your Comments and Discuss CompTIA CY0-001 exam dumps with other Community members:
No discussions yet for this exam. Be the first to share your experience and help others prepare!
Our website is free, but we have to fight against AI bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the CY0-001 content, but please register or login to continue.
💬 Did you find this helpful?
Thank you for sharing! Your feedback helps the community.