DumpsBox
Home/isaca/Free Isaca AAISM Actual Exam Questions/Question 7
← Back to Exam

Free Isaca AAISM Actual Exam Questions - Question 7 Discussion

Question No. 7
Which of the following AI system vulnerabilities is MOST easily exploited by adversaries?
Select one option, then reveal solution.
US
KY
Karan Y.
2026-02-17

C Denial of service just requires a lot of traffic, not much skill. It’s a pretty low-barrier attack compared to sneaky input tweaks or model access.

0
PL
Peter L.
2026-02-15

It’s B, weak access controls are usually just basic security flaws that anyone with minimal hacking skills can exploit. It’s often way easier than finding subtle input manipulation or model flaws.

0
PL
Peter L.
2026-02-12

C, since DoS attacks just need volume and little skill to disrupt service.

0
SK
Shoaib K.
2026-02-10

Option C makes sense here since denial of service attacks often just need volume and persistence rather than deep skill or system knowledge. Flooding a system to block legitimate use is pretty straightforward and doesn’t require hacking the AI’s logic or stealing credentials like with weak access controls. Compared to messing with input modifications or causing wrong outputs, simply overwhelming the system seems the easiest for most adversaries to pull off quickly.

0
JV
James V.
2026-01-24

C imo, denial of service attacks don’t need much technical skill—just enough to flood the system. It’s like crowding a doorway until no one else can get through, and that’s straightforward compared to messing with subtle input modifications or hacking access controls. Plus, you don’t need to bypass anything complicated, just keep pounding on the system resources.

0
SR
Sohail R.
2026-01-24

B imo, weak access controls are basically an open invitation. If the system doesn’t lock down who can get in or what they can do, attackers can just waltz in and cause all sorts of trouble without messing with complicated hacks or stealthy input changes. Compared to the other options, this feels like the simplest and fastest way to exploit an AI system.

0
JW
John W.
2026-01-23

Not A, because inaccurate generalizations happen naturally and aren’t always directly exploitable by attackers. I think C is less likely because DoS attacks require sustained effort and resources, unlike just slipping through weak access controls (B) or tricking the model with modified inputs (D). But considering ease of exploitation, D might actually be more straightforward since attackers can subtly tweak inputs remotely without needing to break in, making it an easy vulnerability to exploit quietly. So D could be the most easily exploited, especially given how hard it is to spot these chang

0
JW
John W.
2026-01-22

This one feels like B. Weak access controls seem like the simplest door to walk through—if the defenses aren’t solid, an attacker doesn’t need fancy tricks or insider help, just a way in. Compared to sneaky input mods or DoS, just having poor access setups is an obvious and straightforward vulnerability to exploit.

0
UE
Usman E.
2026-01-22

D. Detecting subtle input modifications is tricky, and attackers can exploit this without needing any special access or causing obvious disruptions. It’s often overlooked, making it an easy target.

0
AB
Ali B.
2026-01-19

Makes sense to me that B is the easiest since if access controls are weak, anyone can just get in and mess with the AI.

0
SO
Shoaib O.
2026-01-15

Option B seems like the easiest for attackers to use.

0