Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CompTIA
  3. CY0-001

CompTIA CY0-001 Exam (page: 2)
CompTIA SecAI+ Beta
Updated on: 31-Mar-2026

Viewing Page 2 of 11
CY0-001 PDF 78 Questions

Which of the following is the most concerning risk for a company that allows corporate end users to use public- facing large language models (LLMs)?

  1. Inaccuracies due to hallucinations
  2. Out-of-date acceptable use policies
  3. Data security regulatory violations
  4. Malicious code generation

Answer(s): C

Explanation:

The greatest concern with employees using public-facing LLMs is the potential exposure of sensitive or regulated corporate data. Submitting such information to external systems may violate data protection laws (e.g., GDPR, HIPAA), creating legal and compliance risks that outweigh issues like hallucinations or malicious outputs.



Which of the following requires developers to harden infrastructure to protect AI systems?

  1. Intake processes
  2. Acceptable use policies
  3. Development guidelines
  4. Configuration standards

Answer(s): D

Explanation:

Configuration standards define how infrastructure and systems must be securely set up and maintained. By following these standards, developers harden the environment that supports AI systems, reducing risks from misconfigurations and vulnerabilities.



Which of the following is the best example of an AI model that is trained to identify multiple points from input using a neural network to provide output for authentication?

  1. Facial recognition
  2. Encryption key
  3. Open Authorization (OAuth)
  4. Bounding box

Answer(s): A

Explanation:

Facial recognition uses neural networks to analyze multiple points or features from an input image (such as eyes, nose, mouth, and facial structure) to generate a unique identifier for authentication purposes.



An organization is developing and implementing AI features into a customer service application.
Which of the following practices should the organization put the place before releasing the application for customer trials?

  1. Data masking and sanitization
  2. External compliance audits
  3. Approved AI vendor lists
  4. Third-party risk management

Answer(s): A

Explanation:

Before releasing AI features for customer trials, it is critical to protect sensitive information that may be used during testing. Data masking and sanitization ensure customer or corporate data is anonymized or obfuscated, reducing the risk of data exposure while still allowing realistic evaluation of the AI system.



An internal user enters a client credit card number into an internal generative machine learning (ML) model:

#User prompt: Customer Jane Doe has a new credit card that she wants to add to her account. The number is 5555-5555-5555-5555

Which of the following is the most effective way to prevent prompt injection attacks against a large language model (LLM)?

  1. Guardrails
  2. Antivirus
  3. Web application firewall (WAF)
  4. Role-based access control

Answer(s): A

Explanation:

Guardrails are the primary security control for LLMs to prevent prompt injection attacks. They enforce rules on what inputs are accepted and how the model responds, blocking malicious or sensitive prompts (such as credit card numbers) before they can manipulate or exploit the model.



A security alert triggers an agentic system. An analyst notices the following payload in the logs"



The alert includes multiple shell commands that are not typically run as part of any hardening.
Which of the following is the most effective control to implement?

  1. Adding logic that includes approved strings before running the shell commands
  2. Deprecating model usage and retaining the model with safer parameters
  3. Modifying the application to ignore the SECURITY_UPDATE tag
  4. Using only approved libraries when interacting with agentic systems

Answer(s): A

Explanation:

The payload in the alert attempts to trick the system into executing unauthorized shell commands. The most effective control is to implement allow-list validation (approved strings) before execution. This ensures that only predefined, safe commands are executed, blocking prompt injection attempts that introduce malicious code such as the fake patch script.



A global security operations center (SOC) wants to adapt and leverage the strength of AI in order to enhance its security operations.
Which of the following is the best way to enhance the global SOC functions?

  1. Generate code and execute in production to help save time.
  2. Enable a personal assistant that can act in the global SOC with no human intervention.
  3. Use open-source models in production to help the efficiency of threat detection and threat analysis.
  4. Summarize alerts to easily gain insights on the environment.

Answer(s): D

Explanation:

AI can significantly enhance SOC operations by summarizing and correlating high volumes of alerts, enabling analysts to quickly identify patterns, prioritize threats, and gain actionable insights. This reduces analyst fatigue and improves response times without introducing unsafe automation risks.



An attacker successfully completes a denial-of-service (DoS) attack through the context window of an AI system. Thousands of characters are obfuscated and hidden behind an emoji.
Which of the following techniques best mitigates this type of attack?

  1. Fraud detection
  2. Large language model (LLM)-as-a-judge
  3. Pattern recognition
  4. Prompt filter

Answer(s): D

Explanation:

A DoS attack through the context window relies on overwhelming the model with excessive or obfuscated input. Prompt filtering prevents such malicious or oversized inputs from being processed, ensuring that the model only receives safe, properly structured data within acceptable limits.



Viewing Page 2 of 11



Share your comments for CompTIA CY0-001 exam with other users:

sk 5/13/2023 2:10:00 AM

ecellent materil for unserstanding
INDIA


Gerard 6/29/2023 11:14:00 AM

good so far
Anonymous


Limbo 10/9/2023 3:08:00 AM

this is way too informative
BOTSWANA


Tejasree 8/26/2023 1:46:00 AM

very helpfull
UNITED STATES


Yolostar Again 10/12/2023 3:02:00 PM

q.189 - answers are incorrect.
Anonymous


Shikha Bakra 9/10/2023 5:16:00 PM

awesome job in getting these questions
AUSTRALIA


Kevin 10/20/2023 2:01:00 AM

i cant find aws certified practitioner clf-c01 exam in aws website but i found aws certified practitioner clf-c02 exam. can everyone please verify the difference between the two clf-c01 and clf-c02? thank you
UNITED STATES


D Mario 6/19/2023 10:38:00 PM

grazie mille. i got a satisfactory mark in my exam test today because of this exam dumps. sorry for my english.
ITALY


Bharat Kumar Saraf 10/31/2023 4:36:00 AM

some of the answers are incorrect. need to be reviewed.
HONG KONG


JP 7/13/2023 12:21:00 PM

so far so good
Anonymous


Kiky V 8/8/2023 6:32:00 PM

i am really liking it
Anonymous


trying 7/28/2023 12:37:00 PM

thanks good stuff
UNITED STATES


exampei 10/4/2023 2:40:00 PM

need dump c_tadm_23
Anonymous


Eman Sawalha 6/10/2023 6:18:00 AM

next time i will write a full review
GREECE


johnpaul 11/15/2023 7:55:00 AM

first time using this site
ROMANIA


omiornil@gmail.com 7/25/2023 9:36:00 AM

please sent me oracle 1z0-1105-22 pdf
BANGLADESH


John 8/29/2023 8:59:00 PM

very helpful
Anonymous


Kvana 9/28/2023 12:08:00 PM

good info about oml
UNITED STATES


Checo Lee 7/3/2023 5:45:00 PM

very useful to practice
UNITED STATES


dixitdnoh@gmail.com 8/27/2023 2:58:00 PM

this website is very helpful.
UNITED STATES


Sanjay 8/14/2023 8:07:00 AM

good content
INDIA


Blessious Phiri 8/12/2023 2:19:00 PM

so challenging
Anonymous


PAYAL 10/17/2023 7:14:00 AM

17 should be d ,for morequery its scale out
Anonymous


Karthik 10/12/2023 10:51:00 AM

nice question
Anonymous


Godmode 5/7/2023 10:52:00 AM

yes.
NETHERLANDS


Bhuddhiman 7/30/2023 1:18:00 AM

good mateial
Anonymous


KJ 11/17/2023 3:50:00 PM

good practice exam
Anonymous


sowm 10/29/2023 2:44:00 PM

impressivre qustion
Anonymous


CW 7/6/2023 7:06:00 PM

questions seem helpful
Anonymous


luke 9/26/2023 10:52:00 AM

good content
Anonymous


zazza 6/16/2023 9:08:00 AM

question 21 answer is alerts
ITALY


Abwoch Peter 7/4/2023 3:08:00 AM

am preparing for exam
Anonymous


mohamed 9/12/2023 5:26:00 AM

good one thanks
EGYPT


Mfc 10/23/2023 3:35:00 PM

only got thru 5 questions, need more to evaluate
Anonymous