A security engineer is performing a threat modeling procedure against a machine learning system that correlates analytic information for decision support. Which of the following threat statements most likely applies to this type of system?
A.
An attacker is able to overload the system with incorrect information.
B.
An attacker conducts a password-spraying attack against the system's authentication method.
C.
An attacker exploits a server-side request forgery attack.
D.
An attacker accesses information that should not be disclosed due to an authorization error.
o Data Poisoning: Machine learning systems are vulnerable to data poisoning attacks, where an attacker injects incorrect or malicious data into the training dataset. This can cause the system to make incorrect decisions or predictions.
o Impact on Decision Support: Since the system relies on analytic information for decision support, overloading it with incorrect information can significantly degrade its performance and reliability, leading to poor decision-making.
o Password-Spraying Attack (Option B): This targets authentication methods but is not specific to the machine learning aspect.
o Server-Side Request Forgery (Option C): This exploits web server vulnerabilities but is not directly related to the machine learning system's data processing.
o Authorization Error (Option D): This involves access control issues but does not specifically address the threat of corrupting the machine learning model with incorrect data.
upvoted 1 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Steel16
5 days, 21 hours agoSteel16
5 days, 21 hours ago