ISACA Certified Artificial Intelligence Auditor (CAIA) — Question 42

Which of the following techniques would be MOST effective as part of incident management procedures for a prompt injection attack?

Answer options

• A. Fine-tune the AI model.
• B. Scan inputs for code-like structure of text.
• C. Deploy input validation to sanitize abuse prompts.
• D. Monitor the prompts for excessive special characters.

Correct answer: C

Explanation

The correct answer, C, is effective because input validation ensures that potentially malicious prompts are sanitized before being processed. Options A and B do not directly address the immediate risks of prompt injection, while D, although it may help in identifying suspicious activity, does not prevent the attack itself.