ISACA Certified AI Security Manager — Question 1

An AI research team is developing a natural language processing model that relies on several open-source libraries. Which of the following is the team's BEST course of action to ensure the integrity of the software packages used?

Answer options

• A. Maintain a list of frequently used libraries to ensure consistent application in projects.
• B. Retrain the model regularly to handle package and library updates.
• C. Scan the packages and libraries for malware prior to installation.
• D. Use the latest version of all libraries from public repositories.

Correct answer: C

Explanation

The correct answer is C because scanning packages and libraries for malware before installation helps to ensure that the software is safe and does not contain harmful code. Options A and B do not directly address software integrity, while option D could introduce vulnerabilities as the latest versions may not be thoroughly vetted.