Isaca AAISM Exam - Topic 1 Question 16 Discussion

Actual exam question for Isaca's AAISM exam

Question #: 16
Topic #: 1

An organization deploying an LLM is concerned input manipulations could compromise security. What is the MOST effective way to determine an acceptable risk threshold?

ADeploy real-time logging and monitoring

BRestrict all inputs containing special characters

CAssess the business impact of known threats

DImplement a static threshold limiting LLM outputs

Show Suggested Answer

Suggested Answer: C

AAISM instructs that acceptable risk thresholds must be determined using business impact analysis. This aligns with the broader enterprise risk management principle of defining tolerances based on:

* potential harm

* regulatory exposure

* financial impact

* operational disruption

Monitoring (A) detects attacks but does not set thresholds. Blocking special characters (B) is unrealistic and overly restrictive. Static thresholds (D) ignore business context and practicality.

============================================

by Casie at May 30, 2026, 02:32 AM

Limited Time Offer

25%

Off

Get Premium AAISM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!