AP Cybersecurity 1.5 Exercise 2: Human-in-the-Loop Decision Gate
AP Cybersecurity — Unit 1, Topic 1.5
Exercise 2: Human-in-the-Loop Decision Gate
You are the human analyst. For each AI-generated security alert, decide whether to approve the AI’s recommended action, override it, or escalate — and understand the consequences.
Lesson 5 of 5
Decision Scenarios
~25 min
Human Oversight · False Positives · Governance
Key Terms: Human-in-the-Loop — requiring human approval before automated system actions; False Positive — benign event misclassified as a threat; False Negative — real threat missed by the system; Autonomous Response — system acts without human confirmation.
Scenarios Reviewed
0 / 4
Your Role
For each scenario below: Read the AI’s recommended action. Before seeing the outcome, choose what you would do. Then reveal the correct decision and learn why human judgment matters.
Scenario 1 of 4 · High-Impact Action
AI Recommends: Block All Remote Access
AI Alert: Anomalous remote VPN logins detected from 14 different international IP addresses over the past 2 hours. AI confidence: 91%. Recommended action: Immediately disable all remote VPN access company-wide.
Context you discover: The Sales team sent out an all-hands email at 8 AM announcing a company-wide remote work day due to building maintenance.
Context you discover: The Sales team sent out an all-hands email at 8 AM announcing a company-wide remote work day due to building maintenance.
▷ What do you do?
The AI is 91% confident this is an attack. But you have additional context. Choose your action.
Best Answer: C — Partial Override with Targeted Investigation
Option A would create a major operational outage affecting hundreds of employees on a planned remote work day — a catastrophic false positive consequence. Option B ignores the AI alert entirely, which is also wrong since 14 different international IPs still warrants investigation. Option C is correct: cross-reference the VPN logins against the employee directory to separate legitimate remote workers from truly anomalous logins. This demonstrates the core human-in-the-loop principle — context the AI lacks (the remote work announcement) changes the appropriate response without ignoring the legitimate concern entirely. Option D removes human agency and delays response unnecessarily.
Option A would create a major operational outage affecting hundreds of employees on a planned remote work day — a catastrophic false positive consequence. Option B ignores the AI alert entirely, which is also wrong since 14 different international IPs still warrants investigation. Option C is correct: cross-reference the VPN logins against the employee directory to separate legitimate remote workers from truly anomalous logins. This demonstrates the core human-in-the-loop principle — context the AI lacks (the remote work announcement) changes the appropriate response without ignoring the legitimate concern entirely. Option D removes human agency and delays response unnecessarily.
AP Exam Tip: Human-in-the-loop decisions require balancing false positive costs (operational disruption) against false negative risks (missed attack). The correct answer minimizes both — not one at the expense of the other.
Scenario 2 of 4 · Low-Impact Automated Action
AI Recommends: Auto-Quarantine Suspicious Email
AI Alert: Incoming email to CEO contains a PDF attachment. AI detects embedded macro code, a mismatched sender domain (paypa1.com vs paypal.com), and requests wire transfer confirmation. AI confidence: 98.4%. Recommended action: Quarantine email automatically and alert the CEO’s assistant.
▷ What do you do?
The AI is 98.4% confident and the action (quarantine) is reversible with low operational impact.
Best Answer: A — Approve Automated Quarantine
This scenario demonstrates when automated AI response is appropriate: (1) very high confidence (98.4%); (2) multiple independent indicators converge (macro, spoofed domain, wire transfer request); (3) the action is low-impact and fully reversible (quarantine, not delete). Option B would expose the CEO to a likely phishing email. Option C is irreversible deletion with no audit trail — overreach. Option D delays response on a high-confidence, high-risk threat targeting the CEO. Automated quarantine with human notification is the textbook balanced response.
This scenario demonstrates when automated AI response is appropriate: (1) very high confidence (98.4%); (2) multiple independent indicators converge (macro, spoofed domain, wire transfer request); (3) the action is low-impact and fully reversible (quarantine, not delete). Option B would expose the CEO to a likely phishing email. Option C is irreversible deletion with no audit trail — overreach. Option D delays response on a high-confidence, high-risk threat targeting the CEO. Automated quarantine with human notification is the textbook balanced response.
AP Exam Tip: Not all AI automation is bad. Low-impact, reversible, high-confidence actions (quarantine, alert, log) are appropriate for automation. High-impact, irreversible actions (delete, block, terminate) should require human review.
Scenario 3 of 4 · Adversarial Context
AI Recommends: No Action (False Negative Risk)
AI Alert: No alert generated. An employee manually reports to you that they received a phone call from someone claiming to be IT support who asked them to install a remote support tool.
Context: The AI SIEM shows no anomalies. The employee did not install the tool. No related network activity was detected.
Context: The AI SIEM shows no anomalies. The employee did not install the tool. No related network activity was detected.
▷ What do you do?
The AI sees nothing. But you have a human report of a suspicious social engineering attempt.
Best Answer: B — Investigate and Communicate
This is a false negative scenario — the AI detected nothing because social engineering attacks operate at the human layer, not the network layer. The SIEM cannot detect a phone call. Human-in-the-loop means humans also feed intelligence into the AI, not just review its outputs. Option A incorrectly defers entirely to AI silence. Option C is disproportionate to the threat — the employee did not install anything. Option D again over-relies on AI and delays a legitimate investigation. This scenario demonstrates that human analysts catch what AI misses.
This is a false negative scenario — the AI detected nothing because social engineering attacks operate at the human layer, not the network layer. The SIEM cannot detect a phone call. Human-in-the-loop means humans also feed intelligence into the AI, not just review its outputs. Option A incorrectly defers entirely to AI silence. Option C is disproportionate to the threat — the employee did not install anything. Option D again over-relies on AI and delays a legitimate investigation. This scenario demonstrates that human analysts catch what AI misses.
AP Exam Tip: AI security tools have blind spots: they cannot detect attacks that occur entirely at the human/social layer. This is why security awareness training and human reporting channels are essential complements to AI detection.
Scenario 4 of 4 · Governance Question
AI Recommends: Terminate Process on Executive Workstation
AI Alert: Executive workstation (CFO) is running a process that matches behavioral patterns of data exfiltration malware. AI confidence: 73%. Recommended action: Automatically terminate the flagged process and generate a security incident report.
▷ What do you do?
73% confidence. High-value target. Terminating a process on a CFO’s workstation carries significant risk of disruption.
Best Answer: B — Manual Investigation Before Action
73% confidence means 27% probability of a false positive — meaningful risk when the action is terminating a process on a C-suite executive’s workstation during business hours. This could disrupt a board presentation, a live financial transaction, or a regulatory filing. The correct approach: immediately identify what the process is (task manager, EDR console), check with IT who manages the CFO’s workstation for context, then make a human decision. Option A accepts too much false positive risk on a high-impact action. Option C dismisses a 73% confidence threat entirely. Option D introduces an arbitrary time constraint that doesn’t improve the decision quality.
73% confidence means 27% probability of a false positive — meaningful risk when the action is terminating a process on a C-suite executive’s workstation during business hours. This could disrupt a board presentation, a live financial transaction, or a regulatory filing. The correct approach: immediately identify what the process is (task manager, EDR console), check with IT who manages the CFO’s workstation for context, then make a human decision. Option A accepts too much false positive risk on a high-impact action. Option C dismisses a 73% confidence threat entirely. Option D introduces an arbitrary time constraint that doesn’t improve the decision quality.
AP Exam Tip: The threshold for automated action should rise with the impact of the action. Low impact + high confidence = automate. High impact + moderate confidence = human review required. This governance principle is directly tested in the AP Cybersecurity CED.
out of 4
Take the 1.5 Quiz →
+ Extension Challenge
Write a one-paragraph governance policy for your organization that defines: (1) which types of AI security actions can be fully automated, (2) which require human approval, and (3) what the escalation path is for high-confidence, high-impact alerts.
Get in Touch
Whether you're a student, parent, or teacher — I'd love to hear from you.
Just want free AP CS resources?
Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.
Typically responds within 24 hours
✓
Message Sent!
Thanks for reaching out. I'll get back to you within 24 hours.
✉
Email
tanner@apcsexamprep.com
📚
Courses
AP CSA, CSP, & Cybersecurity
⏱
Response Time
Within 24 hours
Prefer email? Reach me directly at tanner@apcsexamprep.com