QUESTION 121
An Al model’s documentation shows that the modeler utilized K-means clustering to categorize a data set that included a large volume of records. Which of the following is an advantage of using a K-means clustering algorithm for determining classification categories to group applicable data before it is inserted into the learning model?
A. The algorithm requires the modeler to specify the number of clusters, which significantly affects the outcome.
B. The algorithm is not significantly affected by outliers, resulting in less need for data cleansing.
C. The algorithm is supervised and can include the modeler’s biases in the analysis
D. The algorithm is unsupervised, which eliminates subjectivity and possible bias from data labeling.
Correct Answer: D
QUESTION 122
An investment advisory system is supported by a generative Al algorithm, and there is concern that opposing recommendations are returned from the same prompt. Which of the following is the MOST likely reason that this would happen?
A. Al output is the product of dynamic data and statistical methods.
B. A new set of training and configuration data is fed to the Al model for iS each execution.
C. Al systems perform a high volume of computation to reflect large variances.
D. Discriminatory results are removed prior to the Al model’s output.
Correct Answer: A
QUESTION 123
When auditing a machine learning (ML) solution, false negatives can BEST be assessed by examining the level of:
A. precision.
B. completeness.
C. accuracy.
D. recall.
Correct Answer: D
QUESTION 124
An organization uses an A-based chatbot that collects customer data during interactions. Which of the following is MOST important to ensure compliance with data consent requirements?
A. Anonymizing user interaction data after three months
B. Obtaining consent each time queries are processed by the chatbot
C. Deleting data immediately following customer interactions with the chatbot
D. Embedding a consent mechanism that provides clear options before data collection begins
Correct Answer: D
QUESTION 125
Which of the following is the MOST critical consideration for incident response in Al systems?
A. Deploying automated incident response systems to flag unusual patterns in Al model behavior
B. Conducting regular training to enhance understanding of Al troubleshooting
C. Assigning accountability for managing and resolving Al-related incidents
D. Developing a process to monitor and correct biased outputs in Al models
Correct Answer: C
QUESTION 126
The PRIMARY purpose of conducting bias testing on an Al model is to:
A. verify the model’s outputs align with the expectations for fairness.
B. check the model’s performance in different operational environments.
C. ensure the model treats all input data fairly and equitably.
D. confirm the system’s ability to generate accurate outputs consistently.
Correct Answer: C
QUESTION 127
An IS auditor used an Al tool to generate an audit report for management. Which of the following should be audit management’s GREATEST concern?
A. Excessive reliance on Al technology while performing audits
B. Issues with the accuracy of the conclusions
C. Findings and conclusions inconsistent with prior audits
D. Additional cost of using Al tools for report generation
Correct Answer: B
QUESTION 128
When reviewing an organization’s Al data governance program, which of the following is MOST important to validate to ensure compliance with privacy regulations?
A. Implementation of privacy techniques in Al models
B. Security of private cloud deployment of Al models
C. Feasibility of Al model retraining to incorporate new privacy data
D. Avoidance of Al models that are based on open-source algorithms
Correct Answer: A
QUESTION 129
Which of the following is the GREATEST risk resulting from excessive agency in Al systems?
A. Increased need for oversight of model actions
B. Inefficient prioritization of tasks
C. Uncontrolled access and unauthorized actions
D. Slower Al system responses and performance
Correct Answer: C
QUESTION 130
Which of the following should be the PRIMARY consideration when establishing an accountability structure for Al governance?
A. Protecting the intellectual property rights of Al developers
B. Minimizing financial risk associated with Al implementation
C. Ensuring Al systems are used ethically and responsibly
D. Maximizing the efficiency and productivity gains from Al technologies
Correct Answer: C
QUESTION 131
A company is developing an Al system to generate videos and images. Which of the following would BEST enable the company to mitigate harm caused by deepfakes?
A. Model encryption
B. Differential privacy
C. Sanitization
D. Watermarking
Correct Answer: D
QUESTION 132
In order to ensure effective alignment with organizational priorities, which of the following is MOST important for an IS auditor to address when developing an audit plan for an Al-based tool?
A. Cost-benefit strategy for Al adoption
B. Al users understanding of ethical standards
C. The Al tools security alignment with governance policies
D. Management practices for Al oversight
Correct Answer: D
QUESTION 133
If an organization’s business objectives require an Al solution that continually learns from the results of its outputs, an IS auditor would need to confirm risk and controls around:
A. applying biases.
B. backpropagation.
C. activation functions.
D. applying weights.
Correct Answer: A
QUESTION 134
An anti-fraud team in a financial organization is building a machine learning (ML) to model to detect online fraud, and an internal audit team has been engaged to audit the model. When auditing the model training stage, which of the following is MOsT important to include in the scope of the audit?
A. Training staff expertise
B. Training procedure
C. Data schema
D. Data fairness
Correct Answer: D
QUESTION 135
A model developer is looking to mitigate the risk of information loss within an imbalanced data set that contains majority and minority classes. Which of the following strategies would an Is auditor consider to be MOST appropriate?
A. Tuning the model’s hyperparameters
B. Oversampling to create new data points
C. Undersampling to remove excess data points
D. Splitting data into k-folds with cross-validation
Correct Answer: B
QUESTION 136
An IS auditor observes that an organization is using generative Al to analyze a large data set. The generative Al has a context limitation of 8,000 tokens, while the data set contains 1,000,000 rows. Which of the following is the MOST significant risk in this situation?
A. Al will prioritize the most important rows in the data set.
B. Al will be biased toward data within the token limit.
C. Al will analyze only a portion of the data set. of
D. Al will reject the input file due to the size of the data set.
Correct Answer: C
QUESTION 137
Which of the following assessments of data quality would an IS auditor use to validate relationship completeness between large data sets?
A. Referential integrity checks
B. Drift detection algorithms
C. Counterfactual analyses
D. Cross-column profiling
Correct Answer: A
QUESTION 138
An IS auditor has identified that the configuration of a proprietary Al model has been leaked. Which of the following is the MOST significant risk?
A. Attackers can disable security systems by analyzing the model’s source code.
B. Attackers can exploit vulnerabilities in the model.
C. Attackers can train their own improved model for legitimate use.
D. Attackers can use the data to degrade the model’s performance.
Correct Answer: B
QUESTION 139
During an audit of an organization that has adopted Al, i was discovered that data ownership responsibilities were not clearly defined. Which of the following is the MOST likely consequence of this gap?
A. Decreased performance of Al models due to redundant data ownership
B. Increased risk of data breaches due to o1 lack of accountability
C. Higher operational costs for managing data storage solutions
D. Reduced organizational reliance on Al solutions
Correct Answer: B
QUESTION 140
A large organization is implementing a new Al system that uses customer data. Which of the following is the BEST approach for risk mitigation to protect customer privacy?
A. Assign sole responsibility for risk mitigation to the development team.
B. Implement a mechanism for customers to opt out of the use of their data.
C. Conduct periodic risk and vulnerability assessments.
D. Implement data anonymization and impact assessments.
Correct Answer: D
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.