Question 1

A company implements a security system that tracks how many requests users send to an AI model per minute. If a user exceeds the threshold, further requests are temporarily blocked. Which monitoring control does this represent?

Options :

A : Token tracking

B : Response confidence level

C : Rate monitoring

D : Input validation

Answer: C

Question 2

A cloud-based AI service enforces user authentication tokens before allowing model access. Each endpoint has separate permissions defining which users can submit prompts or retrieve results. What mechanism does this describe?

Options :

A : Guardrail validation

B : Endpoint access control

C : Rate limit

D : Modality limit

Answer: B

Question 3

A healthcare chatbot flags low-confidence answers for manual verification and limits users to five queries per minute to prevent overload. Which two prompt monitoring mechanisms are applied?

Options :

A : Response confidence level

B : Rate monitoring

C : Data masking

D : Input sanitization

Answer: A,B

Question 4

An e-commerce platform's AI assistant has been manipulated by customers who discovered that certain user prompt patterns can extract the system's internal pricing algorithms and discount rules. Investigation shows the system prompt contained these rules for context, making them vulnerable to extraction. What fundamental system prompt security principle was violated?

Options :

A : System prompts should be limited to 100 tokens

B : System prompts should be encrypted at rest

C : System prompts should use only lowercase characters

D : System prompts should avoid containing sensitive information that shouldn't be revealed

Answer: D

Question 5

A financial AI chatbot is tricked by a user into revealing confidential internal policies by inserting a hidden instruction within a normal-looking question. Which type of attack has occurred?

Options :

A : Data poisoning

B : Evasion attack

C : Model inversion

D : Prompt injection

Answer: D