1. What are "Standard Contractual Clauses" (SCCs) in the context of AI vendor data flows?
✓ Correct. SCCs are EU-approved contract clauses that provide a legal mechanism for transferring personal data to countries outside the EEA that lack adequacy decisions — essential for transfers to US-based AI infrastructure providers.
✗ Standard Contractual Clauses are EU-approved legal mechanisms for transferring personal data to non-adequate countries like the US. They must be incorporated into Data Processing Agreements with AI vendors processing EU residents' data.
2. In the recommended AI crisis response framework, which three variables predict reputational recovery speed?
✓ Correct. Crisis communications research identifies these three variables consistently: speed of response, honesty of the initial statement, and a concrete accompanying action (suspension, audit, compensation, or policy change).
✗ The three variables identified by crisis communications research are speed of response, honesty of the initial statement, and a concrete operational action. Organizations that respond slowly, hedge their statements, and take no immediate action suffer deepest and longest-lasting damage.
3. In the 2024 Air Canada chatbot case, the British Columbia Civil Resolution Tribunal ruled that:
✓ Correct. The tribunal rejected Air Canada's "separate legal entity" argument and established that organizations are legally responsible for their AI systems' outputs to customers.
✗ The tribunal held Air Canada fully responsible for its website's AI-generated information and ordered payment of CAD $812 to the passenger — rejecting the argument that the chatbot was a separate legal entity.
4. Which NIST AI RMF function specifically calls for cross-functional teams in managing AI risk?
✓ Correct. The Govern function of the NIST AI RMF explicitly calls for cross-functional teams, governance structures, and organisational accountability — recognising that AI risk cannot be siloed in a single department.
✗ The Govern function of the NIST AI RMF specifically calls for cross-functional teams and governance structures. Map, Measure, and Manage are the operational risk management functions that governance structures enable and direct.
5. An organization's AI risk register records risks at deployment but is never updated after the model goes live. The most significant problem this creates is:
✓ Correct — ✓ Correct. Data drift — where real-world input distributions shift away from training distributions — can silently transform a low-risk model into a high-risk one. A static risk register treats an evolving system as frozen, creating a dangerous gap between documented risk and actual risk.
✗ The core problem with static risk registers is data drift: as real-world conditions change, a model that was low-risk at deployment may become high-risk. Without scheduled reassessment, the register reflects historical risk, not current risk — and controls calibrated at deployment may be inadequate for the system's current behavior.
6. What is the core risk of using AI-generated code from tools like GitHub Copilot without human review for open-source licence compliance?
✓ Correct. The GitHub Copilot class action raised exactly this issue: AI-generated code may reproduce licensed open-source code without attribution, potentially violating licence terms and DMCA Section 1202 (which prohibits removing copyright management information including licence notices). Organisations need code review policies to catch this.
✗ Incorrect. The primary risk is that AI-generated code may reproduce licensed open-source material — requiring licence compliance — and may strip licence notices in violation of DMCA Section 1202. The code does not automatically inherit licences, and AI provider ownership claims are not the primary risk in this context.
7. Which of the four root causes of AI failure explains a credit-scoring model that worked correctly before COVID-19 but produced wildly inaccurate scores in March 2020?
✓ Correct. Distribution shift occurs when the statistical properties of real-world data diverge from the training distribution. COVID-19 caused sudden, massive distribution shift across virtually every domain that had trained on pre-pandemic data.
✗ This is distribution shift — the world changed dramatically in ways the model had never seen, making its learned patterns invalid. COVID-19 caused widespread distribution shift failures across credit, fraud, demand, and supply chain models.
8. What specific NIST document (published January 2023) lists AI supply chain provenance verification as a core risk management requirement?
✓ Correct. NIST's AI RMF 1.0, published January 2023, is the primary US federal framework for AI risk management and specifically lists supply chain provenance verification — including training data origin and model weight chain of custody — as a core requirement.
✗ The NIST AI Risk Management Framework (AI RMF 1.0), published in January 2023, is the correct document. It specifically addresses AI supply chain risk including training data provenance and model integrity verification as core risk management requirements.
9. Which AI lifecycle phase creates data exposure risk through the memorisation of training examples that can be reproduced by targeted prompting?
✓ Correct. Memorisation occurs during training — model weights encode fragments of training data that can later be reproduced through targeted prompting, as demonstrated by Carlini et al.
✗ Memorisation occurs during training, when model weights encode information from the training corpus. This is a training-phase risk, not an inference or logging phase risk.
10. Training data poisoning attacks require an attacker to:
✓ Correct. Poisoning attacks work by corrupting training data — even a small fraction (0.1% in demonstrated attacks) — to embed backdoor behaviours triggered by specific patterns at inference.
✗ Poisoning attacks work by corrupting training data — not by accessing APIs, intercepting gradients, or requiring physical access. Even a tiny fraction of poisoned data can embed backdoor behaviours.
11. GDPR Article 22 gives individuals the right not to be subject to solely automated decisions that significantly affect them. Which enterprise AI use-case most clearly triggers this provision?
✓ Correct. Automated loan approval/rejection is a significant decision with direct legal and financial effects on individuals — exactly the scenario Article 22 targets.
✗ Article 22 targets solely automated decisions with significant effects. Automated loan approval/rejection — with direct financial and legal consequences — is the clearest trigger.
12. The March 2023 ChatGPT bug that exposed users' chat content to other users was caused by:
✓ Correct. The incident was an infrastructure bug — a Redis caching library vulnerability — demonstrating that AI data breaches can originate in supporting infrastructure, not just the model itself.
✗ The bug was in a Redis caching library — infrastructure supporting the AI system, not the model itself. This illustrates how AI-adjacent infrastructure can create data exposure incidents.
13. What does the NIST AI RMF identify as the highest level of AI governance maturity?
✓ Correct. Adaptive is NIST's highest maturity level — characterised by governance that actively evolves, incorporates incident learnings, and adapts to new AI capabilities and emerging risks rather than maintaining static processes.
✗ NIST's highest maturity level is Adaptive. The four levels are Partial, Risk-Informed, Repeatable, and Adaptive. "Compliant" is not a NIST maturity level — compliance is an outcome of governance, not a maturity descriptor.
14. What did Google's CEO Sundar Pichai say about the Gemini image generation outputs in February 2024?
✓ Correct. Pichai called the outputs "completely unacceptable" in an internal memo that was subsequently leaked — adding a layer of internal contradiction to the already escalating public response sequence.
✗ Pichai called the Gemini image outputs "completely unacceptable" in an internal memo that leaked to the press — compounding the reputational damage by suggesting the public statements had not fully reflected internal views.
15. Protect AI's security research on Hugging Face in 2023 identified what specific threat to organisations downloading models from the platform?
✓ Correct. Protect AI found that PyTorch's pickle serialization format could be exploited in malicious model files to execute arbitrary code — and over 2,800 potentially malicious models had already been uploaded to Hugging Face before coordinated disclosure.
✗ Protect AI discovered that malicious model files could exploit PyTorch's pickle deserialization format to execute arbitrary code when models were loaded — a supply chain attack that over 2,800 Hugging Face models were potentially exploiting.
16. The "Hidden Killer" backdoor poisoning research found that standard model evaluation benchmarks were effective at detecting the embedded backdoors. True or false?
✓ Correct. The paper's most significant finding was that the backdoors were completely undetectable by standard benchmark evaluation — poisoned models performed normally on test sets, with no indicator of compromise until the trigger phrase was used.
✗ False. The critical finding was that standard benchmark evaluation failed completely to detect the backdoors. The model performed normally on all standard test sets, making detection impossible without specialist adversarial red-teaming targeting the specific trigger mechanism.
17. New York City's Local Law 144 (2023) requires employers using AI in hiring to:
✓ Correct. Local Law 144 requires annual independent bias audits with public disclosure — making New York the first US jurisdiction to mandate bias auditing of AI hiring tools. It has become a template for AI employment regulation nationwide.
✗ Incorrect. Local Law 144 requires annual independent bias audits with public disclosure. It does not mandate consent forms, human-only committees above salary thresholds, or pre-deployment registration of AI tools.
18. General-purpose AI model providers (such as those developing large language models) are required under the EU AI Act to:
✓ Correct. All GPAI providers must maintain documentation, comply with EU copyright law, and publish training data summaries. Systemic risk model providers (above 10²⁵ FLOPs) additionally must conduct evaluations, adversarial testing, and report incidents to the European AI Office.
✗ Incorrect. GPAI providers face documentation, copyright compliance, and transparency obligations — not pre-approval requirements, strict liability for all outputs, or access restrictions to certified EU businesses.
19. The "algorithm aversion paradox" describes which of the following findings?
✓ Correct. The algorithm aversion paradox is the counterintuitive finding that people hold AI to a higher standard of fairness than humans — even when algorithms are statistically less biased — intensifying reputational consequences from AI failures.
✗ The algorithm aversion paradox specifically captures the finding that people who oppose human bias react more intensely to algorithmic bias, holding AI systems to a higher fairness standard than human decision-makers — even when the AI is statistically less biased.
20. In what year did Reuters report that Amazon had scrapped its AI recruiting tool due to gender bias?
✓ Correct. Reuters reported on Amazon's abandoned AI recruiting tool in 2018. The tool had been in development since 2014, trained on a decade of male-dominated résumé data.
✗ Reuters reported the Amazon AI recruiting tool story in 2018. The tool had been developed since 2014 and was quietly abandoned after engineers failed twice to remediate its gender bias.