CompTIA CySA+ (CY0-001) — Question 2

An internal user enters a client credit card number into an internal generative machine learning (ML) model:
#User prompt: Customer Jane Doe has a new credit card that she wants to add to her account. The number is 5555-5555-5555-5555
Which of the following is the most effective way to prevent prompt injection attacks against a large language model (LLM)?

Answer options

• A. Guardrails
• B. Antivirus
• C. Web application firewall (WAF)
• D. Role-based access control

Correct answer: A

Explanation

Guardrails are designed to set boundaries and enforce safe interactions with AI models, making them the most effective measure against prompt injection attacks. Antivirus and web application firewalls protect against malware and network threats, respectively, but do not specifically address issues related to input manipulation in LLMs. Role-based access control manages user permissions but does not prevent prompt injections directly.