Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CompTIA
  3. CY0-001

CompTIA CY0-001 Exam (page: 1)
CompTIA SecAI+ Beta
Updated on: 31-Mar-2026

Viewing Page 1 of 11
CY0-001 PDF 78 Questions

Which of the following job roles in an organizational governance structure develops a model from business use cases?

  1. Platform architect
  2. AI risk analyst
  3. Machine learning operations (MLOps) engineer
  4. Data scientist

Answer(s): D

Explanation:

A data scientist develops models from business use cases by translating organizational needs into machine learning solutions. They prepare data, select algorithms, and build models that align with the use cases.



An administrator, who works for a financial institution, is required to implement data security controls for data at rest within AI systems that involve data disclosure.
Which of the following is the most suitable control?

  1. Data lineage
  2. Rate limits
  3. Encryption
  4. Masking

Answer(s): C

Explanation:

For financial institutions handling AI systems, protecting data at rest against disclosure requires encryption.
Encryption ensures that even if the storage medium is accessed or compromised, the data remains unreadable without the proper decryption keys.



A security engineer needs to monitor an AI-based system for runtime operations. The engineer is mostly concerned about the visibility of internal activity.
Which of the following is the most appropriate monitoring solution?

  1. Deploying a security information and event management (SIEM) tool
  2. Implementing a web application firewall (WAF) with header logging
  3. Relying on vendor model controls and monitoring prompt inputs
  4. Enabling stack call and debugging level traces at the function level

Answer(s): D

Explanation:

For runtime visibility into internal activity of an AI system, the most suitable control is enabling stack calls and debugging-level traces. This provides granular insights into function-level execution, dependencies, and operations, which directly supports monitoring of runtime behavior.



Which of the following should an auditor reference when reviewing a company's human resources AI systems for legal non-compliance?

  1. Organization for Economic Cooperation and Development (OECD) standard
  2. National Institute of Standards and Technology (NIST) AI Risk Management Framework 9RMF)
  3. European Union (EU) AI Act
  4. International Organization for Standardization (ISO)

Answer(s): C

Explanation:

The EU AI Act is legally binding legislation that specifically governs the use of AI systems, including those used in human resources for hiring, promotion, and evaluation. An auditor reviewing AI systems for legal non- compliance must reference this act because it establishes enforceable requirements related to transparency, bias, risk classification, and prohibited practices.



An airline corporation wants to implement a chatbot application using a large language model (LLM) so its customers:
Can ask question and receive answers about flight details.

Have the option to upload files.

Which of the following security controls should the airline use to protect against malicious input and unauthorized use beyond the service-level agreement? (Choose two.)

  1. Prompt guardrails
  2. Role-based access controls
  3. Firewall rules
  4. Model token quotas

Answer(s): A,D

Explanation:

Prompt guardrails are needed to prevent malicious or manipulated inputs (prompt injection) from causing the chatbot to provide harmful, misleading, or unauthorized responses.
Model token quotas limit the amount of input/output a user can generate, preventing abuse or excessive usage beyond the service-level agreement (SLA).



A security operations center (SOC) has a very high volume of logs and alerts. The manager proposes the implementation of machine learning (ML) system to help with triage.
Which of the following tasks is most suitable?

  1. Applying filters on specific alerts
  2. Automatically patching vulnerable systems
  3. Identifying and classifying alerts
  4. Summarizing the content of alerts

Answer(s): C

Explanation:

Machine learning is best suited for analyzing large volumes of security data and distinguishing between true threats and false positives. By identifying and classifying alerts, the ML system helps the SOC prioritize incidents and reduce analyst workload.



An organization recently created a custom model that integrates with a language model (LLM). The developer notices that the application programming interface (API) costs have increased.
Which of the following is the best control to reduce cost?

  1. Implementing prompt templates
  2. Increasing central processing unit (CPU) and memory
  3. Reducing the model size
  4. Adjusting token limits

Answer(s): D

Explanation:

API costs for large language model integrations are directly tied to token usage (input + output tokens). By adjusting token limits, the organization can reduce unnecessary processing of overly long prompts or responses, thereby lowering overall API costs without changing model size or infrastructure resources.



A security administrator needs to improve an AI model. During an initial investigation, the administrator notices that two successive login features are recorded every day, and then a successful login occurs after a specific time interval. All the successful login attempts have been during office hours.
Which of the following techniques should the administrator use to improve the AI model's security?

  1. Access management
  2. Pattern recognition
  3. Signature matching
  4. Vulnerability analysis

Answer(s): B

Explanation:

The administrator is analyzing repeated login behaviors and time-based patterns that precede successful access. Pattern recognition allows the AI model to detect these behavioral trends, improving its ability to identify anomalies or potential attacks while aligning with normal office-hour login behavior.



Viewing Page 1 of 11



Share your comments for CompTIA CY0-001 exam with other users:

Curtis Nakawaki 6/29/2023 9:13:00 PM

a good contemporary exam review
UNITED STATES


x-men 5/23/2023 1:02:00 AM

q23, its an array, isnt it? starts with [ and end with ]. its an array of objects, not object.
UNITED STATES


abuti 7/21/2023 6:24:00 PM

cool very helpfull
Anonymous


Krishneel 3/17/2023 10:34:00 AM

i just passed. this exam dumps is the same one from prepaway and examcollection. it has all the real test questions.
INDIA


Regor 12/4/2023 2:01:00 PM

is this a valid prince2 practitioner dumps?
UNITED KINGDOM


asl 9/14/2023 3:59:00 PM

all are relatable questions
CANADA


Siyya 1/19/2024 8:30:00 PM

might help me to prepare for the exam
Anonymous


Ted 6/21/2023 11:11:00 PM

just paid and downlaod the 2 exams using the 50% sale discount. so far i was able to download the pdf and the test engine. all looks good.
GERMANY


Paul K 11/27/2023 2:28:00 AM

i think it should be a,c. option d goes against the principle of building anything custom unless there are no work arounds available
INDIA


ph 6/16/2023 12:41:00 AM

very legible
Anonymous


sephs2001 7/31/2023 10:42:00 PM

is this exam accurate or helpful?
Anonymous


ash 7/11/2023 3:00:00 AM

please upload dump, i have exam in 2 days
INDIA


Sneha 8/17/2023 6:29:00 PM

this is useful
CANADA


sachin 12/27/2023 2:45:00 PM

question 232 answer should be perimeter not netowrk layer. wrong answer selected
Anonymous


tomAws 7/18/2023 5:05:00 AM

nice questions
BRAZIL


Rahul 6/11/2023 2:07:00 AM

hi team, could you please provide this dump ?
INDIA


TeamOraTech 12/5/2023 9:49:00 AM

very helpful to clear the exam and understand the concept.
Anonymous


Curtis 7/12/2023 8:20:00 PM

i think it is great that you are helping people when they need it. thanks.
UNITED STATES


sam 7/17/2023 6:22:00 PM

cannot evaluate yet
Anonymous


nutz 7/20/2023 1:54:00 AM

a laptops wireless antenna is most likely located in the bezel of the lid
UNITED STATES


rajesh soni 1/17/2024 6:53:00 AM

good examplae to learn basic
INDIA


Tanya 10/25/2023 7:07:00 AM

this is useful information
Anonymous


Nasir Mahmood 12/11/2023 7:32:00 AM

looks usefull
Anonymous


Jason 9/30/2023 1:07:00 PM

question 81 should be c.
CANADA


TestPD1 8/10/2023 12:22:00 PM

question 18 : response isnt a ?
EUROPEAN UNION


ally 8/19/2023 5:31:00 PM

plaese add questions
TURKEY


DIA 10/7/2023 5:59:00 AM

is dumps still valid ?
FRANCE


Annie 7/7/2023 8:33:00 AM

thanks for this
EUROPEAN UNION


arnie 9/17/2023 6:38:00 AM

please upload questions
Anonymous


Tanuj Rana 7/22/2023 2:33:00 AM

please upload the question dump for professional machinelearning
Anonymous


Future practitioner 8/10/2023 1:26:00 PM

question 4 answer is c. this site shows the correct answer as b. "adopt a consumption model" is clearly a cost optimization design principle. looks like im done using this site to study!!!
Anonymous


Ace 8/3/2023 10:37:00 AM

number 52 answer is d
UNITED STATES


Nathan 12/17/2023 12:04:00 PM

just started preparing for my exam , and this site is so much help
Anonymous


Corey 12/29/2023 5:06:00 PM

question 35 is incorrect, the correct answer is c, it even states so: explanation: when a vm is infected with ransomware, you should not restore the vm to the infected vm. this is because the ransomware will still be present on the vm, and it will encrypt the files again. you should also not restore the vm to any vm within the companys subscription. this is because the ransomware could spread to other vms in the subscription. the best way to restore a vm that is infected with ransomware is to restore it to a new azure vm. this will ensure that the ransomware is not present on the new vm.
Anonymous