In applying STRIDE to an AI endpoint, which activity helps reduce tampering risk?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Study for the CompTIA SecAI+ (CY0-001) Exam. Review flashcards and multiple choice questions, each with detailed explanations. Ace your certification!

Multiple Choice

In applying STRIDE to an AI endpoint, which activity helps reduce tampering risk?

Explanation:
When you apply STRIDE, you want to uncover where tampering could occur in the flow of data through an AI endpoint. Mapping data flows to threats directly reveals those touchpoints—where data enters, moves, and is processed or stored—so you can identify potential tampering opportunities, such as data inputs being altered or model outputs being manipulated. This visibility lets you implement targeted mitigations at those points, like input validation, integrity checks, cryptographic signatures, secure communication channels, and tamper-evident logging, all of which help protect data and model integrity. The other options don’t address tampering risk within this threat-modeling context: increasing API throughput affects performance, not threat identification; reducing logging lowers visibility and hinders detection and auditing; removing access controls increases risk and does the opposite of reducing tampering risk.

When you apply STRIDE, you want to uncover where tampering could occur in the flow of data through an AI endpoint. Mapping data flows to threats directly reveals those touchpoints—where data enters, moves, and is processed or stored—so you can identify potential tampering opportunities, such as data inputs being altered or model outputs being manipulated.

This visibility lets you implement targeted mitigations at those points, like input validation, integrity checks, cryptographic signatures, secure communication channels, and tamper-evident logging, all of which help protect data and model integrity.

The other options don’t address tampering risk within this threat-modeling context: increasing API throughput affects performance, not threat identification; reducing logging lowers visibility and hinders detection and auditing; removing access controls increases risk and does the opposite of reducing tampering risk.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy