Free Practice Questions for CompTIA CY0-001 Exam

Basic Concept: A denial-of-wallet (DoW) attack deliberately generates excessive API calls or token consumption to exhaust an organization ' s AI budget. Since LLM providers charge based on tokens processed, attackers can cause significant financial damage by driving massive usage. CompTIA SecAI+ Study Guide addresses financial abuse vectors in AI systems.

Why E is Correct: API rate controls limit the number of requests a user or application can make within a defined time period. By capping request frequency, rate controls directly prevent attackers from generating the massive API call volume needed to execute a denial-of-wallet attack.

Why F is Correct: Output token controls cap the maximum number of tokens the model can generate per response. Since billing is based on tokens consumed including outputs, limiting output tokens directly caps the cost per request, preventing attackers from triggering extremely long, expensive responses.

Why A is Wrong: Endpoint access controls manage device or network access. They do not directly limit token consumption or API call volume that drives denial-of-wallet costs.

Why B is Wrong: A CDN distributes content geographically to improve performance and absorb traffic. It does not control LLM API billing or token consumption.

Why C is Wrong: Model fine-tuning adjusts model parameters for improved performance on specific tasks. It is a training process that does not address active cost-exhaustion attacks.

Why D is Wrong: Modality controls restrict which input types such as text, images, or audio a model accepts. While useful for reducing attack surface, they do not directly address the rate or volume of API calls in a DoW attack.

Basic Concept: Deepfakes are AI-generated synthetic media that convincingly replace or manipulate a person ' s likeness, voice, or actions in images and videos. Creating realistic deepfakes requires generative AI techniques capable of learning and reproducing complex data distributions. CompTIA SecAI+ Exam Objectives cover deepfake technology under basic AI concepts.

Why A is Correct: Generative Adversarial Networks (GANs) are the primary technology behind deepfakes. A GAN consists of two competing neural networks: a generator that creates synthetic content and a discriminator that evaluates whether content is real or fake. Through adversarial training, the generator continuously improves at creating convincing synthetic media such as realistic human faces, voice clones, and video manipulations indistinguishable from authentic recordings.

Why B is Wrong: Multi-shot prompting is a prompting technique where multiple examples are provided to an LLM to guide its responses. It is an inference technique for language models and has no role in generating synthetic video or image deepfake content.

Why C is Wrong: Prompt engineering is the practice of crafting effective prompts to guide LLM outputs. It is a communication strategy for working with text-based AI systems, not a technology for generating synthetic media.

Why D is Wrong: Transfer learning is a training technique that repurposes knowledge from one domain to another, improving model performance with limited data. While it can be used in model training pipelines, it is not the core technology that enables deepfake generation.

Basic Concept: DoS attacks overwhelm AI systems by sending excessive requests that exhaust computational resources, memory, or bandwidth, preventing legitimate users from being served. The primary defense against volume-based attacks is throttling the rate at which requests can be processed. CompTIA SecAI+ Exam Objectives identify rate limiting as the key DoS mitigation control for AI systems.

Why B is Correct: Rate limiting directly addresses the root mechanism of DoS attacks by restricting the number of requests any single client or IP address can submit within a defined time window. By enforcing request quotas, rate limiting prevents attackers from generating the request volume necessary to overwhelm the system while preserving capacity for legitimate users. It is the most direct and effective preventive control against DoS attacks on AI APIs and services.

Why A is Wrong: Model guardrails inspect and filter the content of prompts and responses for policy compliance and safety. They operate at the semantic content level, not at the request volume level, and cannot prevent resource exhaustion from high-volume request flooding.

Why C is Wrong: End-to-end encryption protects the confidentiality and integrity of data in transit. Encrypted DoS traffic is just as damaging as unencrypted traffic; encryption does not limit request rates or prevent resource exhaustion.

Why D is Wrong: Access controls restrict who can interact with the system, which can reduce the potential attacker pool. However, authenticated users and compromised accounts can still launch DoS attacks, and access controls alone cannot prevent high-volume attacks from authorized sources.

Basic Concept: LLM API pricing is primarily based on token consumption — the number of tokens processed in both input prompts and output responses. Controlling token usage is the most direct lever for managing and reducing LLM API costs. CompTIA SecAI+ Study Guide covers AI cost management and resource controls under securing AI systems.

Why D is Correct: Adjusting token limits directly caps the maximum number of tokens used per request for both input and output. By setting appropriate token limits, the organization prevents excessively long prompts or verbose responses from consuming unnecessary tokens, directly translating to lower API costs and providing hard budget control.

Why A is Wrong: Prompt templates standardize how queries are structured, which can indirectly improve efficiency. However, they do not enforce a hard cap on token usage and cannot prevent costs from escalating with large volumes or verbose responses.

Why B is Wrong: Increasing CPU and memory addresses computational infrastructure performance on the client side. LLM API costs are billed by the API provider based on token usage, not on the client ' s hardware resources.

Why C is Wrong: Reducing model size means using a smaller, less powerful model version. While this may lower cost per token, it is a model selection decision, not an ongoing operational control that can be adjusted to manage cost in real time.

Basic Concept: Reducing post-deployment vulnerabilities requires catching security issues as early as possible in the development workflow. AI-assisted tools that analyze code during development provide the earliest possible intervention point. CompTIA SecAI+ Study Guide covers AI integration in secure development under AI-assisted security.

Why A is Correct: AI-assisted code linting analyzes source code in real time during development to identify security vulnerabilities, insecure coding patterns, policy violations, and quality issues before code is compiled or committed. By catching vulnerabilities at the coding stage — the earliest possible point in the development workflow — AI code linting prevents vulnerable code from progressing to testing, staging, or production, directly reducing post-deployment vulnerabilities at their source.

Why B is Wrong: Incident management handles security events and incidents after they have occurred in production. It is a reactive capability focused on response and recovery rather than early-stage vulnerability identification in the development workflow.

Why C is Wrong: Automated deployment/rollback automates the process of pushing code to production and reverting to previous versions when issues are detected post-deployment. It is a deployment safety mechanism rather than an early detection tool during the development phase.

Why D is Wrong: System auditing reviews and records system activities and configurations for compliance verification. It is primarily a detective and compliance control for systems that are already deployed, not an early development-phase vulnerability identification tool.

Basic Concept: RAG-based AI systems retrieve information from knowledge bases to augment their responses. The differential access to sensitive employee data based on user role demonstrates that role-based data access controls are functioning correctly, restricting what data different users can retrieve through the AI interface. CompTIA SecAI+ Study Guide covers data access controls as the primary mechanism for preventing sensitive data exposure in RAG systems.

Why A is Correct: Data access controls define what information each user role is permitted to retrieve from the knowledge base. In this scenario, administrator-level users can access employee directory information while employee-level users cannot. The RAG system enforces these permissions when retrieving data for the AI ' s responses, preventing unauthorized users from accessing sensitive employee data through the chatbot interface regardless of how they phrase their queries.

Why B is Wrong: Model-specific guardrails filter responses based on content policies. While they can prevent certain categories of sensitive information from being disclosed, the scenario specifically shows differential access based on user role, which is the characteristic of access control enforcement, not content-based guardrail filtering.

Why C is Wrong: Rate limiting restricts request frequency. It does not differentiate what data different users can access; it only controls how often they can make requests. Both the administrator and employee could be subject to the same rate limit while still receiving different data based on their access controls.

Why D is Wrong: Prompt templates standardize how queries are structured. They do not implement user role-based data access restrictions or prevent specific user types from accessing sensitive information in the underlying knowledge base.

Basic Concept: When API sessions or connections remain active and consuming resources after their intended operations have completed, they create resource leaks that progressively degrade system availability. Session lifecycle management is critical for maintaining AI system health. CompTIA SecAI+ Study Guide covers session management as an availability control for AI systems.

Why B is Correct: Enforcing session expiration ensures that external API sessions and connections are automatically terminated after a defined idle period or maximum duration. This prevents resource-consuming zombie sessions from accumulating and exhausting system memory, thread pools, or connection limits. The observed pattern — persistent unavailability that resolves temporarily with restart — is classic resource leak behavior from sessions that never close, making session expiration the direct fix.

Why A is Wrong: Token limits cap the number of tokens processed per request. While useful for controlling per-request resource consumption, they do not address the root cause of sessions persisting and consuming resources long after their operations complete.

Why C is Wrong: Increasing system memory defers the problem rather than solving it. The leak will eventually consume the additional memory too, requiring another restart. Addressing the root cause through session management is superior to scaling resources to accommodate the leak.

Why D is Wrong: MFA adds an additional authentication factor for users accessing the system. It is a security control for identity verification, not a mechanism for managing session lifecycle or preventing resource exhaustion from lingering sessions.

Basic Concept: Security assessment of AI-generated code requires a systematic review of the code itself to understand what has been generated and identify potential vulnerabilities before remediation steps are taken. Security assessments follow a structured methodology beginning with understanding the current state. CompTIA SecAI+ Study Guide covers AI-generated code security assessment under AI-assisted security.

Why D is Correct: Performing a source code review is the first and most fundamental step in assessing AI-generated code security. Before removing secrets, enforcing access controls, or scanning for sensitive data, the analyst must understand what the AI tool has generated by reviewing the code for security vulnerabilities, insecure patterns, logic flaws, and policy violations. The review provides the baseline knowledge needed to prioritize and direct all subsequent remediation actions.

Why A is Wrong: Removing hard-coded secrets is a specific remediation action for a specific finding. This step should come after the source code review has identified the presence and location of hard-coded secrets, not before the initial assessment reveals whether they exist.

Why B is Wrong: Enforcing access controls for code repositories is a security hardening measure for the repository infrastructure. It protects access to existing code but does not constitute an assessment of what the AI tool has generated from a security standpoint.

Why C is Wrong: Enabling sensitive data discovery scans repositories for PII and sensitive information patterns. While valuable as part of the assessment, it is a specific automated scanning tool best used after or alongside a manual code review that provides contextual understanding of the codebase.

Basic Concept: AI manipulation attacks exploit vulnerabilities in systems, interfaces, and content. Some security approaches are inherently more resistant to AI-driven attacks because they reduce the available avenues through which manipulation can occur, rather than attempting to detect or block individual attacks. CompTIA SecAI+ Study Guide covers defensive strategies for AI system protection.

Why D is Correct: Attack surface reduction minimizes the number of entry points, interfaces, and components available for exploitation. By eliminating unnecessary services, APIs, integrations, and features, it reduces the total number of pathways through which AI-driven manipulation attacks can be attempted. Unlike signature-based or behavioral detection, attack surface reduction provides structural resistance regardless of how sophisticated or novel the AI manipulation technique is.

Why A is Wrong: Payloads are the malicious content used in attacks, not a defensive control. Attackers using AI can generate increasingly sophisticated payloads designed to evade detection, making them highly susceptible to AI-driven manipulation rather than resistant to it.

Why B is Wrong: AI-generated content is a product of AI systems and can itself be manipulated or weaponized by adversarial AI. It is not a defense mechanism and is inherently vulnerable to AI-driven manipulation and poisoning.

Why C is Wrong: An API gateway provides a managed access point for API traffic with authentication and filtering capabilities. However, APIs are primary attack targets for AI manipulation and require ongoing security updates. API gateways are less fundamentally resistant than structural attack surface reduction.

Why E is Wrong: Antivirus relies on signatures and behavioral heuristics to detect known malware. AI-powered attacks can generate novel, polymorphic payloads that evade signature detection, making antivirus less resistant to AI manipulation than attack surface reduction.

Basic Concept: Responsible AI encompasses a set of principles designed to ensure AI systems operate ethically, fairly, and accountably. These principles guide AI development and deployment to minimize harm and maximize trustworthiness. CompTIA SecAI+ Exam Objectives list transparency and explainability as foundational responsible AI principles under Domain 4.

Why B is Correct: Transparency and explainability are cornerstone principles of responsible AI. Transparency means AI systems are open about their nature, capabilities, limitations, and how they make decisions. Explainability means the system can articulate the reasons behind its decisions in human-understandable terms. Together, they enable accountability, support regulatory compliance, allow bias detection, and build user trust. The CompTIA SecAI+ Study Guide and responsible AI frameworks including OECD and NIST AI RMF consistently identify this as a key principle.

Why A is Wrong: Using protected data for training would violate privacy and intellectual property rights. This is not a responsible AI principle — responsible AI actually requires ensuring that training data respects privacy, consent, and legal protections.

Why C is Wrong: Human-in-the-loop is an important operational practice for high-stakes AI decisions, but it is one design pattern rather than the key overarching principle of responsible AI. Not all responsible AI systems require human-in-the-loop operation for every decision.

Why D is Wrong: Maximizing model security is a cybersecurity objective for AI systems. While important, it is an operational security concern rather than a responsible AI governance principle focused on fairness, accountability, and trustworthiness in AI decision-making.