Exam AAIA Topic 1 Question 149 Discussion

Actual exam question for ISACA's AAIA exam
Question #: 149
Topic #: 1
Which of the following techniques would be MOST effective as part of incident management procedures for a prompt injection attack?

Suggested Answer: C Vote an answer

Prompt injection attacksinvolve maliciously crafted inputs intended to override system instructions, exfiltrate data, or cause harmful behavior. The most effective control aligned with incident management is to deploy robust input validation and sanitization(C), which includes rules and filters designed to detect and neutralize potentially malicious content before it reaches the model. AAIA's coverage of AI threats and vulnerabilities highlights the importance ofinput validation and secure prompt handlingfor generative AI systems.
Fine-tuning the model (A) is a long-term adaptation, not an immediate incident control. Scanning for code- like structure (B) or excessive special characters (D) may catch some attacks but are too narrow; many prompt injections use natural language. Comprehensiveinput validationand sanitization is the most effective and generalizable incident management response.
References:
ISACA,AAIA Exam Content Outline- Domain 5: Ethical and Legal Considerations in AI; AI-specific threats and incident management.
ISACA AI security guidance covering prompt injection and input validation controls.

by Virginia at Jul 03, 2026, 03:10 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10