Free SISA CSPAI Practice Exam with Questions & Answers | Set: 2

The ChatGPT Plugin Privacy Leak highlighted vulnerabilities in plugin ecosystems, where weak API security led to data exposure. Implementing robust authentication (e.g., OAuth) and authorization (e.g., RBAC), coupled with regular audits, ensures only verified entities access APIs, preventing leaks. IP whitelisting is less comprehensive, and open access heightens risks. Audits detect misconfigurations, aligning with secure AI practices. Exact extract: "Stringent authentication, authorization, and regular audits are key to securing API access and preventing leaks in LLM plugins." (Reference: Cyber Security for AI by SISA Study Guide, Section on Plugin Security Case Studies, Page 170-173).

Leveraging foundation models like GPT or BERT for fintech involves fine-tuning with sector-specific data, such as transaction logs or market trends, to tailor for tasks like risk prediction, ensuring high accuracy without the overhead of scratch-building. This approach maintains efficiency by reusing pretrained weights, reducing training time and resources in SDLC, while domain adaptation mitigates generalization issues. It outperforms unadapted general models or fragmented specifics by providing cohesive, scalable solutions. Security is enhanced through controlled fine-tuning datasets. Exact extract: "Adopting a Foundation Model and fine-tuning with domain-specific data is most effective for leveraging existing models in fintech, balancing efficiency and accuracy." (Reference: Cyber Security for AI by SISA Study Guide, Section on Model Adaptation in SDLC, Page 105-108).

Transformer models leverage self-attention to process entire sequences concurrently, unlike RNNs, which handle inputs sequentially and struggle with long-range dependencies due to vanishing gradients. By computing attention scores across all words, Transformers capture both local and global contexts, enabling better modeling of relationships in tasks like translation or summarization. For example, in a long sentence, attention links distant pronouns to their subjects, improving coherence. This contrasts with RNNs’ sequential limitations, which hinder capturing far-apart dependencies. While parallelism (option C) aids efficiency, the core improvement lies in dependency modeling, not just speed. Exact extract: "The attention mechanism enables Transformers to attend to nearby and distant words simultaneously, significantly improving long-term dependency understanding over RNNs." (Reference: Cyber Security for AI by SISA Study Guide, Section on Transformer vs. RNN Architectures, Page 50-53).

Giskard, an open-source tool, enhances AI security by enabling real-time vulnerability detection, scanning models for issues like bias or adversarial weaknesses, and providing actionable insights for remediation. This proactive approach supports continuous monitoring, unlike automated patching or limited scopes, and integrates into SDLC for robust security. Exact extract: "Giskard enables real-time detection of vulnerabilities with actionable insights, strengthening AI security functions." (Reference: Cyber Security for AI by SISA Study Guide, Section on Vulnerability Detection Tools, Page 190-193).

GenAI LLMs rely on data-driven learning, leveraging vast datasets to model language patterns, semantics, and contexts through unsupervised or semi-supervised methods. This enables scalability and adaptability, unlike rule-based systems or human-dependent approaches. Large datasets drive generalization, though they introduce security challenges like data quality control. Exact extract: "A key concept of GenAI LLMs is data-driven learning with large-scale datasets, enabling robust language modeling." (Reference: Cyber Security for AI by SISA Study Guide, Section on GenAI Development Principles, Page 60-63).