A bank uses a video-based know your customer (KYC) verification process. Cybercriminals exploit this process by using deepfake technology to impersonate bank customers. Which of the following countermeasures is theBEST way for the bank to mitigate this risk?
Answer(s): D
The best countermeasure is to leverage AI-based liveness detection during video verification. This technology can detect whether the video feed comes from a real, live person rather than a pre-recorded or deepfake video, effectively mitigating impersonation risks.
Which of the following is an IS auditor's MOST important course of action when determining whether source data should be entered into approved generative AI tools to assist with an audit?
Answer(s): C
The most important course of action is to determine whether the information is reliable before entering source data into generative AI tools. Ensuring data reliability safeguards audit integrity and helps prevent the propagation of errors or unauthorized disclosures in AI-assisted analysis.
An AI social media platform uses an algorithm to increase user engagement that could unintentionally promote divisive content. Which of the following is the BEST course of action to mitigate this risk?
Answer(s): B
The best course of action to mitigate the risk of unintentionally promoting divisive content is to regularly audit and adjust algorithms to reduce biases. This proactive approach helps ensure that engagement-driven algorithms align with ethical standards and do not amplify harmful or polarizing material.
Which use case for an AI model to be used by a food delivery service would pose ethical risk to the organization?
Basing driver retention and termination decisions on the number of delivered orders per total hours worked compared to an industry benchmark poses the greatest ethical risk. This practice may unfairly penalize workers without accounting for contextual factors (e.g., traffic, order volume, location), leading to biased or discriminatory employment outcomes.
Which of the following BEST ensures that an AI system complies with user data ownership rights under privacy regulations?
The best way to ensure compliance with user data ownership rights under privacy regulations is by implementing a transparent data consent management process. This ensures users are informed, can give or withdraw consent, and retain control over how their data is collected and used by AI systems.
An IS auditor is auditing an organization's data governance framework. The primary objective is to provide assurance that data management practices are standardized to support a trustworthy AI system. Which of the following should be the auditor's MOST important consideration?
The most important consideration is accountability for data management. Clear ownership and responsibility ensure that data governance practices are consistently applied, monitored, and enforced -- supporting the development and operation of a trustworthy AI system.
An organization's system development process has been enhanced with AI. Which of the following features presents the GREATEST risk?
Answer(s): A
The greatest risk is when all codes are generated by AI without human oversight. This can lead to undetected errors, insecure code, or non-compliance with development standards, posing serious risks to system integrity and security.
A retail organization uses an AI model to analyze customers' purchase history in order to offer personalized discounts. Which of the following practices represents the MOST ethical use of customer data?
The most ethical use of customer data is to utilize it only after obtaining explicit consent and allowing customers to opt out. This approach respects data privacy rights, supports transparency, and aligns with ethical and legal standards for responsible AI use.
Share your comments for ISACA AAIA exam with other users:
hi everyone
waiting for the dump. please upload.
upload cks exam questions
awesome training material
where is dump
q. 289 - the correct answer should be b not d, since the question asks for the most secure way to provide access to a s3 bucket (a single one), and by principle of the least privilege you should not be giving access to all buckets.
please i need if possible h12-831,
good collection of questions and solution for pl500 certification
i would like to appear the exam.
i am very happy as i cleared my comptia a+ 220-1101 exam. i studied from as it has all exam dumps and mock tests available. i got 91% on the test.
need this dump
its really good to eventuate knowledge before appearing for the actual exam.
this is great
please i want the questions to pass the exam
i need to pass exam
great, i appreciate it.
please could you upload (isc)2 certified in cybersecurity (cc) exam questions
good questions, wrong answers
im preparing for exams
question no: 42 isnt azure vm an iaas solution? so, shouldnt the answer be "no"?
im study azure
i need this now
i took the aws saa-c03 test and scored 935/1000. it has all the exam dumps and important info.
good questions
well explained
i got the full version and it helped me pass the exam. pdf version is very good.
provide the download link, please
please upload thank.
please can you share 1z0-1055-22 dump pls
i will wait impatiently. thank youu
is it possible to clear the exam if we focus on only these 156 questions instead of 623 questions? kindly help!
really helped with preparation of my scrum exam
very informative and through explanations
prep for exam