CompTIA CySA+ (CS0-003) — Question 405

An analyst reviews code for a sensitive application for their company and uploads it to an AI platform. This application is critical to the company's business operations. Which of the following risks is most important for the analyst to consider?

Answer options

• A. Hallucinations
• B. Malicious prompts
• C. Data exposure
• D. Model poisoning

Correct answer: C

Explanation

The primary concern for the analyst should be data exposure, as submitting sensitive application code to an AI platform could lead to unintended leakage of confidential information. While hallucinations, malicious prompts, and model poisoning are valid risks, they do not directly relate to the immediate risk of compromising sensitive data, which is critical for business operations.