The White House Executive Order from November 2023 requires companies that develop dual-use foundation models to provide reports to the federal government about all of the following EXCEPT?
Scenario:
An organization wants to leverage its existing compliance structures to identify AI-specific risks as part of an ongoing data governance audit.
Which of the following compliance-related controls within an organization is most easily adapted to identify AI risks?
During the planning and design phases of the Al development life cycle, bias can be reduced by all of the following EXCEPT?
CASE STUDY
Please use the following answer the next question:
A local police department in the United States procured an Al system to monitor and analyze social media feeds, online marketplaces and other sources of public information to detect evidence of illegal activities (e.g., sale of drugs or stolen goods). The Al system works by surveilling the public sites in order to identify individuals that are likely to have committed a crime. It cross-references the individuals against data maintained by law enforcement and then assigns a percentage score of the likelihood of criminal activity based on certain factors like previous criminal history, location, time, race and gender.
The police department retained a third-party consultant assist in the procurement process, specifically to evaluate two finalists. Each of the vendors provided information about their system's accuracy rates, the diversity of their training data and how their system works. The consultant determined that the first vendor’s system has a higher accuracy rate and based on this information, recommended this vendor to the police department.
The police department chose the first vendor and implemented its Al system. As part of the implementation, the department and consultant created a usage policy for the system, which includes training police officers on how the system works and how to incorporate it into their investigation process.
The police department has now been using the Al system for a year. An internal review has found that every time the system scored a likelihood of criminal activity at or above 90%, the police investigation subsequently confirmed that the individual had, in fact, committed a crime. Based on these results, the police department wants to forego investigations for cases where the Al system gives a score of at least 90% and proceed directly with an arrest.
When notifying an accused perpetrator, what additional information should a police officer provide about the use of the Al system?
CASE STUDY
Please use the following answer the next question:
A local police department in the United States procured an Al system to monitor and analyze social media feeds, online marketplaces and other sources of public information to detect evidence of illegal activities (e.g., sale of drugs or stolen goods). The Al system works by surveilling the public sites in order to identify individuals that are likely to have committed a crime. It cross-references the individuals against data maintained by law enforcement and then assigns a percentage score of the likelihood of criminal activity based on certain factors like previous criminal history, location, time, race and gender.
The police department retained a third-party consultant assist in the procurement process, specifically to evaluate two finalists. Each of the vendors provided information about their system's accuracy rates, the diversity of their training data and how their system works. The consultant determined that the first vendor’s system has a higher accuracy rate and based on this information, recommended this vendor to the police department.
The police department chose the first vendor and implemented its Al system. As part of the implementation, the department and consultant created a usage policy for the system, which includes training police officers on how the system works and how to incorporate it into their investigation process.
The police department has now been using the Al system for a year. An internal review has found that every time the system scored a likelihood of criminal activity at or above 90%, the police investigation subsequently confirmed that the individual had, in fact, committed a crime. Based on these results, the police department wants to forego investigations for cases where the Al system gives a score of at least 90% and proceed directly with an arrest.
What is the best reason the police department should continue to perform investigations even if the Al system scores an individual's likelihood of criminal activity at or above 90%?
An artist has been using an Al tool to create digital art and would like to ensure that it has copyright protection in the United States.
Which of the following is most likely to enable the artist to receive copyright protection?
According to November 2023 White House Executive Order, which of the following best describes the guidance given to governmental agencies on the use of generative Al as a workplace tool?
CASE STUDY
Please use the following answer the next question:
A mid-size US healthcare network has decided to develop an Al solution to detect a type of cancer that is most likely arise in adults. Specifically, the healthcare network intends to create a recognition algorithm that will perform an initial review of all imaging and then route records a radiologist for secondary review pursuant agreed-upon criteria (e.g., a confidence score below a threshold).
To date, the healthcare network has taken the following steps: defined its Al ethical principles: conducted discovery to identify the intended uses and success criteria for the system: established an Al governance committee; assembled a broad, crossfunctional team with clear roles and responsibilities; and created policies and procedures to document standards, workflows, timelines and risk thresholds during the project.
The healthcare network intends to retain a cloud provider to host the solution and a consulting firm to help develop the algorithm using the healthcare network's existing data and de-identified data that is licensed from a large US clinical research partner.
In the design phase, what is the most important step for the healthcare network to take when mapping its existing data to the clinical research partner data?
All of the following are included within the scope of post-deployment Al maintenance EXCEPT?
You are the chief privacy officer of a medical research company that would like to collect and use sensitive data about cancer patients, such as their names, addresses, race and ethnic origin, medical histories, insurance claims, pharmaceutical prescriptions, eating and drinking habits and physical activity.
The company will use this sensitive data to build an Al algorithm that will spot common attributes that will help predict if seemingly healthy people are more likely to get cancer. However, the company is unable to obtain consent from enough patients to sufficiently collect the minimum data to train its model.
Which of the following solutions would most efficiently balance privacy concerns with the lack of available data during the testing phase?
A company has trained an ML model primarily using synthetic data, and now intends to use live personal data to test the model.
Which of the following is NOT a best practice apply during the testing?
CASE STUDY
A global marketing agency is adapting a large language model ("LLM") to generate content for an upcoming marketing campaign for a client's new product: a hard hat designed for construction workers of any gender to better protect them from head injuries.
The marketing agency is accessing the LLM through an application programming interface ("API") developed by a third-party technology company. They want to generate text to be used for targeted advertising communications that highlight the benefits of the hard hat to potential purchasers. Both the marketing agency and the technology company have taken reasonable steps to address Al governance.
The marketing company has:
• Entered into a contract with the technology company with suitable representations and warranties.
• Completed an impact assessment on the LLM for this intended use.
• Built technical guidance on how to measure and mitigate bias in the LLM.
• Enabled technical aspects of transparency, explainability, robustness and privacy.
• Followed applicable regulatory requirements.
• Created specific legal statements and disclosures regarding the use of the Al on its client's advertising.
The technology company has:
• Provided guidance and resources to developers to address environmental concerns.
• Build technical guidance on how to measure and mitigate bias in the LLM.
• Provided tools and resources to measure bias specific to the LLM.
• Enabled technical aspects of transparency, explainability, robustness and privacy.
• Mapped and mitigated potential societal harms and large-scale impacts.
• Followed applicable regulatory requirements and industry standards.
• Created specific legal statements and disclosures regarding the LLM. including with respect to IP and rights to data.
The agency has taken governance actions such as:
Conducting an impact assessment
Providing legal disclosures
Enabling bias mitigation and explainability
Complying with regulatory requirements
Which of the following should be included in the marketing company’s disclosures about the use of the LLM EXCEPT?
During the development of semi-autonomous vehicles, various failures occurred as a result of the sensors misinterpreting environmental surroundings, such as sunlight.
These failures are an example of?
Pursuant to the White House Executive Order of November 2023, who is responsible for creating guidelines to conduct red-teaming tests of Al systems?
A company plans on procuring a tool from an Al provider for its employees to use for certain business purposes.
Which contractual provision would best protect the company's intellectual property in the tool, including training and testing data?
CASE STUDY
Please use the following answer the next question:
A local police department in the United States procured an Al system to monitor and analyze social media feeds, online marketplaces and other sources of public information to detect evidence of illegal activities (e.g., sale of drugs or stolen goods). The Al system works by surveilling the public sites in order to identify individuals that are likely to have committed a crime. It cross-references the individuals against data maintained by law enforcement and then assigns a percentage score of the likelihood of criminal activity based on certain factors like previous criminal history, location, time, race and gender.
The police department retained a third-party consultant assist in the procurement process, specifically to evaluate two finalists. Each of the vendors provided information about their system's accuracy rates, the diversity of their training data and how their system works. The consultant determined that the first vendor’s system has a higher accuracy rate and based on this information, recommended this vendor to the police department.
The police department chose the first vendor and implemented its Al system. As part of the implementation, the department and consultant created a usage policy for the system, which includes training police officers on how the system works and how to incorporate it into their investigation process.
The police department has now been using the Al system for a year. An internal review has found that every time the system scored a likelihood of criminal activity at or above 90%, the police investigation subsequently confirmed that the individual had, in fact, committed a crime. Based on these results, the police department wants to forego investigations for cases where the Al system gives a score of at least 90% and proceed directly with an arrest.
Which Al risk would NOT have been identified during the procurement process based on the categories of information requested by the third-party consultant?
CASE STUDY
Please use the following answer the next question:
A local police department in the United States procured an Al system to monitor and analyze social media feeds, online marketplaces and other sources of public information to detect evidence of illegal activities (e.g., sale of drugs or stolen goods). The Al system works by surveilling the public sites in order to identify individuals that are likely to have committed a crime. It cross-references the individuals against data maintained by law enforcement and then assigns a percentage score of the likelihood of criminal activity based on certain factors like previous criminal history, location, time, race and gender.
The police department retained a third-party consultant assist in the procurement process, specifically to evaluate two finalists. Each of the vendors provided information about their system's accuracy rates, the diversity of their training data and how their system works. The consultant determined that the first vendor’s system has a higher accuracy rate and based on this information, recommended this vendor to the police department.
The police department chose the first vendor and implemented its Al system. As part of the implementation, the department and consultant created a usage policy for the system, which includes training police officers on how the system works and how to incorporate it into their investigation process.
The police department has now been using the Al system for a year. An internal review has found that every time the system scored a likelihood of criminal activity at or above 90%, the police investigation subsequently confirmed that the individual had, in fact, committed a crime. Based on these results, the police department wants to forego investigations for cases where the Al system gives a score of at least 90% and proceed directly with an arrest.
During the procurement process, what is the most likely reason that the third-party consultant asked each vendor for information about the diversity of their datasets?
CASE STUDY
A premier payroll services company that employs thousands of people globally, is embarking on a new hiring campaign and wants to implement policies and procedures to identify and retain the best talent. The new talent will help the company's product team expand its payroll offerings to companies in the healthcare and transportation sectors, including in Asia.
It has become time consuming and expensive for HR to review all resumes, and they are concerned that human reviewers might be susceptible to bias.
To address these concerns, the company is considering using a third-party Al tool to screen resumes and assist with hiring. They have been talking to several vendors about possibly obtaining a third-party Al-enabled hiring solution, as long as it would achieve its goals and comply with all applicable laws.
The organization has a large procurement team that is responsible for the contracting of technology solutions. One of the procurement team's goals is to reduce costs, and it often prefers lower-cost solutions. Others within the company deploy technology solutions into the organization’s operations in a responsible, cost-effective manner.
The organization is aware of the risks presented by Al hiring tools and wants to mitigate them. It also questions how best to organize and train its existing personnel to use the Al hiring tool responsibly. Their concerns are heightened by the fact that relevant laws vary across jurisdictions and continue to change.
The organization continues planning the adoption of an AI tool to support hiring, but is concerned about potential bias in content generated by AI systems and how that could affect public perception.
Which of the following measures should the company adopt to best mitigate its risk of reputational harm from using the AI tool?
A US company has developed an Al system, CrimeBuster 9619, that collects information about incarcerated individuals to help parole boards predict whether someone is likely to commit another crime if released from prison.
When considering expanding to the EU market, this type of technology would?
CASE STUDY
A company is considering the procurement of an AI system designed to enhance the security of IT infrastructure. The AI system analyzes how users type on their laptops, including typing speed, rhythm and pressure, to create a unique user profile. This data is then used to authenticate users and ensure that only authorized personnel can access sensitive resources.
The data processed by the AI system would be classified as:
CASE STUDY
Please use the following answer the next question:
Good Values Corporation (GVC) is a U.S. educational services provider that employs teachers to create and deliver enrichment courses for high school students. GVC has learned that many of its teacher employees are using generative Al to create the enrichment courses, and that many of the students are using generative Al to complete their assignments.
In particular, GVC has learned that the teachers they employ used open source large language models (“LLM”) to develop an online tool that customizes study questions for individual students. GVC has also discovered that an art teacher has expressly incorporated the use of generative Al into the curriculum to enable students to use prompts to create digital art.
GVC has started to investigate these practices and develop a process to monitor any use of generative Al, including by teachers and students, going forward.
All of the following may be copyright risks from teachers using generative Al to create course content EXCEPT?
According to the GDPR, what is an effective control to prevent a determination based solely on automated decision-making?
Scenario:
A public sector agency is reviewing proposed AI use cases for improving services. It wants to prioritize implementations that deliver value but minimize unintended negative consequences.
When evaluating which AI use cases to implement, an organization should consider all of the following EXCEPT:
An Al system that maintains its level of performance within defined acceptable limits despite real world or adversarial conditions would be described as?
Scenario:
An organization is evaluating different AI models for integration into its internal workflows. Before moving forward with a particular AI solution from a third-party vendor, the governance team needs to assess the ethical and operational implications of the model.
The most important policy to assess the operations of an AI model is to follow the:
According to the GDPR's transparency principle, when an Al system processes personal data in automated decision-making, controllers are required to provide data subjects specific information on?
According to the Singapore Model Al Governance Framework, all of the following are recommended measures to promote the responsible use of Al EXCEPT?
Scenario:
An enterprise is evaluating multiple third-party generative AI tools to integrate into its platform. As part of its AI governance policy, it is assessing the most effective methods to reduce risks related to bias, data misuse, and liability when using third-party solutions.
All of the following are commonly adopted processes and policies in reducing potential risks introduced by third-party AI tools or applications EXCEPT:
Scenario:
A financial services company is planning a new AI project to assess creditworthiness. The AI team is mapping out what tasks should be completed during the planning phase of the AI lifecycle.
The planning phase of the AI lifecycle includes all of the following EXCEPT:
CASE STUDY
A global marketing agency is adapting a large language model ("LLM") to generate content for an upcoming marketing campaign for a client's new product: a hard hat designed for construction workers of any gender to better protect them from head injuries.
The marketing agency is accessing the LLM through an application programming interface ("API") developed by a third-party technology company. They want to generate text to be used for targeted advertising communications that highlight the benefits of the hard hat to potential purchasers. Both the marketing agency and the technology company have taken reasonable steps to address Al governance.
The marketing company has:
• Entered into a contract with the technology company with suitable representations and warranties.
• Completed an impact assessment on the LLM for this intended use.
• Built technical guidance on how to measure and mitigate bias in the LLM.
• Enabled technical aspects of transparency, explainability, robustness and privacy.
• Followed applicable regulatory requirements.
• Created specific legal statements and disclosures regarding the use of the Al on its client's advertising.
The technology company has:
• Provided guidance and resources to developers to address environmental concerns.
• Build technical guidance on how to measure and mitigate bias in the LLM.
• Provided tools and resources to measure bias specific to the LLM.
• Enabled technical aspects of transparency, explainability, robustness and privacy.
• Mapped and mitigated potential societal harms and large-scale impacts.
• Followed applicable regulatory requirements and industry standards.
• Created specific legal statements and disclosures regarding the LLM. including with respect to IP and rights to data.
Which stakeholder is responsible for the lawful collection of data used to train the foundational AI model?
A company developed Al technology that can analyze text, video, images and sound to tag content, including the names of animals, humans and objects.
What type of Al is this technology classified as?
TESTED 02 May 2025
