After implementing a third-party generative AI tool, an organization learns about new regulations related to how organizations use AI. Which of the following would be the BEST justification for the organization to decide not to comply?
A school district contracts a third-party provider for AI-based curriculum recommendations. Which of the following is the BEST way to ensure the vendor uses AI responsibly?
A healthcare organization plans to use agentic AI for patient scheduling and claims. Management is concerned that the system may act independently and cause compliance or privacy issues.
Which of the following is the BEST way to address this concern?
An AI research team is developing a natural language processing model that relies on several open-source libraries. Which of the following is the team's BEST course of action to ensure the integrity of the software packages used?
A CISO has been tasked with providing key performance indicators (KPIs) on the organization's newly launched AI chatbot. Which of the following are the BEST metrics for the CISO to recommend?
An aerospace manufacturer prioritizing accuracy and security wants to use generative AI. Which LLM adoption plan BEST aligns with its risk appetite?
A post-incident investigation finds that an AI-powered anti-money laundering system inadvertently allowed suspicious transactions because certain risk signals were disabled to reduce false positives. Which of the following governance failures does this BEST demonstrate?
An organization is adopting an agentic AI solution from an external vendor to support its internal IT operations. To evaluate the security posture of this system, which of the following provides the MOST reliable and independently verifiable evidence of implemented security controls?
Which proactive control BEST mitigates the risk of memory poisoning in agentic AI systems?
Which of the following is the MOST effective way to identify deepfakes generated by AI?
A retailer's AI-driven dynamic pricing system failed after its feature store was corrupted, resulting in all prices being set to zero. The data source has been isolated, and management demands immediate recovery. Which of the following is the MOST appropriate course of action to restore operations while minimizing impact?
Which of the following BEST strengthens information security controls around the use of generative AI applications?
An organization is implementing a large language model (LLM) to answer questions for both employees and customers. The CIO wants the LLM to provide employees with additional internal data that should not be shared with customers. Which of the following is the MOST secure approach?
A sales organization uses third-party AI to monitor and score sales calls. After employees complained that their scores dropped unexpectedly, an investigation revealed the third-party partner had changed the AI model. Which of the following is the BEST way to address this issue?