Q: 9
An attacker crafts inputs to a large language model (LLM) to exploit output integrity controls. Which
of the following types of attacks is this an example of?
Options
Discussion
Option A. Had something like this in a mock, fits prompt injection best here.
C/D? I keep seeing similar questions on practice exams, but the official guide really highlights prompt injection for LLM attacks targeting output controls. Anyone else leaning A after going through the latest sample tests?
Nah, I don’t think it’s D here. A is the better fit since prompt injection is all about crafting inputs that mess with how the LLM processes output, targeting the model’s interpretation itself. D (evasion) usually means avoiding detection or filtering, not directly manipulating output logic. B (jailbreaking) is tempting but is more about bypassing full system restrictions. Pretty sure ISACA wants A for this scenario. Agree?
B or D here, since jailbreaking is often about bypassing controls too. A feels more direct but the wording threw me off.
A or B? Crafting inputs to mess with output integrity is really prompt injection (A), but if those crafted prompts are used to push the model past checks, some call that jailbreaking (B). The key is whether the question wants the attack method or intent-here it's more about manipulating via the prompt, so A fits best. Still, ISACA sometimes blurs these lines in their wording. Anyone see a question where B was preferred in this context?
My pick: it's A, since official study materials and practice tests always point to prompt injection for LLM input manipulation scenarios. B sometimes comes up but only when the attack is about totally bypassing restrictions, not just changing outputs. Anyone checked the official guide chapter on LLM attacks?
A tbh, since prompt injection is about feeding crafted prompts to mess with what the LLM outputs. Jailbreaking (B) usually means bypassing all kinds of restrictions, not just output integrity controls. Saw similar logic used in practice sets.
A Had similar phrasing in official practice tests and the ISACA study guide. This one's straight prompt injection, not evasion.
Its D since evasion is about getting past security controls-seems like that's what they're doing by exploiting output controls. Pretty sure that's the angle here, but could be missing something.
B
Be respectful. No spam.
