Browse Certification Practice Tests by Exam Family

ISACA AAISM Sample Questions & Practice Test

May 1, 2026

Try 12 ISACA Advanced in AI Security Management (AAISM) sample questions on AI threat modeling, data protection, model access, prompt risk, monitoring, incident response, and secure AI governance, then use the Notify me form for IT Mastery practice updates.

On this page

ISACA Advanced in AI Security Management (AAISM) is a focused route for professionals managing AI security risk, controls, monitoring, and incident response.

These original questions preview the decision style a full IT Mastery route should use. They are not official ISACA exam questions.

What this route should test

  • identifying AI-specific threats such as prompt injection, data leakage, model abuse, and insecure integrations
  • selecting controls for data, identity, monitoring, and model-change governance
  • responding to AI incidents without destroying evidence
  • aligning AI security controls with enterprise risk and business use

Sample Exam Questions

Question 1

Topic: prompt injection

A customer-facing AI assistant follows user instructions that override system rules and expose internal policy text. What is the primary risk?

  • A. Disk fragmentation
  • B. Prompt injection or instruction manipulation
  • C. Printer misconfiguration
  • D. Spreadsheet formatting

Best answer: B

Explanation: Prompt injection attempts to manipulate the model into ignoring intended instructions or revealing restricted information. Mitigations include input controls, grounding, output filtering, and privilege boundaries.

Question 2

Topic: data leakage

Developers want to paste production customer records into a public AI tool for troubleshooting. What should security require first?

  • A. Larger prompts
  • B. No review because the tool is convenient
  • C. Disabling all logs
  • D. Approved data-use controls, masking or synthetic data where appropriate, and vendor-risk review

Best answer: D

Explanation: Sensitive data should not be placed into AI tools without approved handling, privacy, contractual, and security controls.

Question 3

Topic: model access

An AI model can call backend tools that update customer records. What control is most important?

  • A. Tool access limited by identity, authorization, audit logs, and approved action boundaries
  • B. Anonymous write access
  • C. No monitoring because AI is automated
  • D. Public administrator tokens

Best answer: A

Explanation: When AI can invoke tools, security must control what actions are allowed, under which identity, with what authorization, and with what evidence.

Question 4

Topic: AI incident response

An AI agent sent unauthorized account-change instructions to several users. What should happen first?

  • A. Delete all conversations
  • B. Rename the model
  • C. Contain the agent, preserve logs, assess impacted users, and follow the incident plan
  • D. Ignore it because AI output is not security-relevant

Best answer: C

Explanation: AI incidents need containment and evidence preservation. Logs, prompts, outputs, tool calls, and data access records can be critical.

Question 5

Topic: threat modeling

Which scenario should be included in an AI threat model?

  • A. A monitor changes brightness
  • B. A user tries to make the model reveal restricted system instructions
  • C. A printer runs out of paper
  • D. A user chooses a dark theme

Best answer: B

Explanation: AI threat models should include prompt manipulation, data exfiltration, model abuse, tool misuse, and insecure integrations.

Question 6

Topic: supply chain

A business team wants to adopt a third-party model API. What should security review?

  • A. Only the vendor logo
  • B. Only the font on the vendor website
  • C. Whether the API name is short
  • D. Data handling, contractual terms, model-use limits, logging, availability, and vendor controls

Best answer: D

Explanation: AI supply-chain risk includes data processing, confidentiality, availability, model behavior, contractual protections, and security posture.

Question 7

Topic: monitoring

After deployment, the model begins producing responses outside approved policy. What monitoring signal matters most?

  • A. Output-quality and policy-violation indicators tied to alerting and response
  • B. Office attendance
  • C. Keyboard inventory
  • D. The length of the model name

Best answer: A

Explanation: AI security monitoring should detect policy violations, unsafe outputs, tool misuse, abnormal access, and drift from approved behavior.

Question 8

Topic: least privilege

An AI service account has broad read and write access across systems it does not use. What is the best remediation?

  • A. Add more permissions
  • B. Turn off authentication
  • C. Reduce permissions to required data and actions, then monitor use
  • D. Share the service account with all users

Best answer: C

Explanation: Least privilege applies to AI services and tool integrations. Excessive permissions increase blast radius if the model, prompt, or integration is abused.

Question 9

Topic: model change control

A vendor silently changes the model version used by a regulated workflow. What should the organization require?

  • A. No change records
  • B. Version-change notification, testing, approval, and rollback planning
  • C. Blind trust in every update
  • D. Deleting the workflow

Best answer: B

Explanation: Model version changes can affect behavior and risk. Secure management requires notification, validation, approval, and contingency planning.

Question 10

Topic: human oversight

An AI system recommends high-impact decisions. What control reduces risk?

  • A. Fully anonymous decisions
  • B. No appeal or review process
  • C. Automatic deletion of rationale
  • D. Human review for defined high-risk decisions and documented override criteria

Best answer: D

Explanation: Human oversight can provide accountability and risk control when outputs affect people, finances, compliance, or safety.

Question 11

Topic: red teaming

Why run adversarial tests against an AI assistant before launch?

  • A. To discover unsafe behavior, policy bypasses, data leakage, and tool misuse scenarios
  • B. To guarantee no future incident can occur
  • C. To replace all monitoring
  • D. To choose a product name

Best answer: A

Explanation: Red-team testing helps identify weaknesses before release. It reduces risk but does not eliminate the need for governance and monitoring.

Question 12

Topic: governance

Which artifact best supports secure AI operations over time?

  • A. A list of office plants
  • B. A screenshot of one chat response
  • C. A register of AI systems, owners, data sources, use cases, risks, controls, and review cadence
  • D. A marketing slide only

Best answer: C

Explanation: An AI inventory or register helps security teams understand exposure, assign accountability, and review controls as systems change.

Revised on Monday, May 18, 2026
AI Risk Management
CCOA