CompTIA SecAI+ (CY0-001) glossary
Terms selected for CompTIA SecAI+ (CY0-001) based on common objective language and practice focus.
Prompt Injection
Attack that embeds malicious instructions within user input to manipulate a generative AI model's behavior.
Read full term ->Adversarial Machine Learning
Techniques that manipulate inputs or training data to deceive machine learning models.
Read full term ->Adversarial Risk Mitigation
Adversarial risk mitigation refers to strategies and techniques used to protect AI models from attacks that manipulate input data to produce incorrect outputs.
Read full term ->AI-Assisted Anomaly Detection
AI-assisted anomaly detection uses machine learning algorithms to identify unusual patterns or behaviors in data that may indicate security threats.
Read full term ->AI Bias
Systematic error in model outputs caused by unrepresentative or prejudiced training data.
Read full term ->AI Governance
AI governance involves establishing policies and frameworks to manage AI risks, ensure compliance, and promote ethical AI use.
Read full term ->AI Lifecycle GRC
AI Lifecycle Governance, Risk, and Compliance (GRC) involves integrating governance, risk management, and compliance practices throughout the AI development and deployment process.
Read full term ->AI-Driven Threat Detection
Using machine learning models to identify threats in real time from network, endpoint, or log telemetry.
Read full term ->Alert Correlation
Linking related security alerts to form a cohesive view of an incident or attack chain.
Read full term ->Automated Phishing
Using AI or automation to generate and send large volumes of realistic phishing messages.
Read full term ->Automation
Automation in cybersecurity refers to the use of technology to perform tasks with minimal human intervention, increasing efficiency and accuracy in threat detection and response.
Read full term ->Behavior Analysis
Monitoring user or entity actions over time and alerting when activity deviates from established baselines.
Read full term ->Continuous Monitoring
Continuous monitoring is the ongoing observation and analysis of system activities to detect security threats and ensure compliance with security policies.
Read full term ->Data Pipeline Security
Controls that protect data integrity and confidentiality as it flows through ingestion, processing, and storage stages.
Read full term ->Data Poisoning
Tampering with training data so a model learns incorrect patterns or biases.
Read full term ->Deep Learning
Subset of machine learning using multi-layered neural networks to learn complex patterns.
Read full term ->Deepfake
AI-generated synthetic media that realistically mimics a person's voice, face, or likeness.
Read full term ->Deployment Hardening
Deployment hardening involves securing AI system environments by implementing best practices and security measures across on-premises, cloud, and hybrid infrastructures.
Read full term ->Ethical AI Use
Ethical AI use refers to the responsible development and deployment of AI technologies in a manner that aligns with societal values and legal standards.
Read full term ->Event Triage
Prioritizing and categorizing security events to focus analyst effort on genuine threats.
Read full term ->Explainability
Ability to describe how an AI model arrives at a specific decision in understandable terms.
Read full term ->Foundation Model (FM)
Large pre-trained model that can be adapted or prompted for many downstream tasks.
Read full term ->GDPR
General Data Protection Regulation governing the collection and processing of personal data in the EU.
Read full term ->Generative AI Misuse
Generative AI misuse involves exploiting AI models to create harmful content or conduct malicious activities, such as generating fake identities or phishing emails.
Read full term ->Global AI Regulations
Global AI regulations encompass the international legal frameworks and standards that govern the use and development of AI technologies.
Read full term ->Hallucination
When a generative AI model produces confident but factually incorrect or fabricated output.
Read full term ->Inference Layer
Component that serves a trained model's predictions to applications in real time.
Read full term ->Machine Learning
Machine Learning (ML) is a subset of artificial intelligence that enables systems to learn and improve from experience without being explicitly programmed. It is crucial in cybersecurity for developing models that can detect and respond to threats in real-time.
Read full term ->Model Drift
Degradation of model accuracy over time as real-world data diverges from training data.
Read full term ->Model Extraction
Attack that reconstructs a proprietary model by querying its API and analyzing responses.
Read full term ->NIST AI RMF
National Institute of Standards and Technology AI Risk Management Framework for trustworthy AI.
Read full term ->NLP
Natural Language Processing enables AI systems to understand, interpret, and generate human language.
Read full term ->Polymorphic Malware
Malware that changes its code signature on each execution to evade signature-based detection.
Read full term ->Response Orchestration
Response orchestration involves coordinating multiple security tools and processes to automate and streamline incident response efforts.
Read full term ->Responsible AI
Framework for developing and deploying AI systems that are transparent, fair, accountable, and respect privacy and human oversight.
Read full term ->SOAR
Security Orchestration, Automation, and Response platform that automates incident workflows.
Read full term ->Supervised Learning
Training a model on labeled data so it can predict outcomes for new inputs.
Read full term ->Technical Controls
Technical controls are security measures implemented to protect AI systems, models, and data from unauthorized access and attacks.
Read full term ->Threat Modeling
Structured process for identifying threats, attack vectors, and mitigations for a system.
Read full term ->Unsupervised Learning
Model discovers hidden patterns in unlabeled data without predefined categories.
Read full term ->