Lesson 1.5 Quiz: AI in Cyber Defense

AP Cyber Hub Unit 1 1.1 ▼ Lesson Ex 1 Ex 2 Lab Quiz 1.2 ▼ Lesson Ex 1 Ex 2 Lab Quiz 1.3 ▼ Lesson Ex 1 Ex 2 Lab Quiz 1.4 ▼ Lesson Ex 1 Ex 2 Lab Quiz 1.5 ▼ Lesson Ex 1 Ex 2 Lab Quiz

Unit 1 · Lesson 1.5 Progress Check

Lesson 1.5 Quiz: AI in Cyber Defense

5 questions — Answer each question, then check your score below.

Score: 0 / 0 Answered questions update automatically

Q1 SIEM vs IDS/IPS

A junior analyst asks how a SIEM system differs from a traditional IDS. Which of the following BEST describes a capability that a SIEM has that a standalone IDS does NOT?

(A) A SIEM can detect network intrusions using signature-based pattern matching (B) A SIEM correlates log data from multiple sources across the organization to identify complex attack patterns (C) A SIEM automatically blocks malicious traffic at the network perimeter (D) A SIEM monitors network packets at the physical layer for RF anomalies

A traditional IDS monitors specific network segments or hosts for known attack signatures and anomalies. It sees what passes through its sensor. A SIEM (Security Information and Event Management) aggregates and correlates log data from across the entire organization — firewalls, endpoints, servers, cloud services, applications — and uses correlation rules and ML to detect multi-stage attack patterns that would be invisible to any single sensor. Option A describes basic IDS functionality, not a SIEM-specific capability. Option C describes an IPS (Intrusion Prevention System), not a SIEM. Option D is not a function of either.

(A) Incorrect — signature-based detection is a basic IDS function, not a SIEM differentiator.

(C) Incorrect — automatic blocking is an IPS capability; SIEM is primarily for detection and alerting.

(D) Incorrect — neither SIEM nor IDS operates at the RF/physical layer.

AP Exam Tip: Know the difference: IDS detects, IPS prevents, SIEM correlates. A SIEM's power is its breadth — it sees across the whole organization, not just one chokepoint.

Q2 Spot the Error in AI Security Config

A security student writes a summary of AI in cyber defense. Which statement contains an ERROR?

(A) AI-powered vulnerability scanners can identify code weaknesses faster than manual review by analyzing large codebases automatically (B) AI can reduce alert fatigue by automatically triaging and prioritizing security events by severity and likelihood (C) Once an AI security system is fully deployed, it requires no retraining because its rules are permanent (D) Human oversight remains essential because AI systems can generate false positives that disrupt legitimate operations

The error is in option C. AI security systems — especially ML-based ones — must be continuously retrained as the threat landscape changes. Attack techniques evolve, new malware variants emerge, and network behavior shifts over time. A model trained on historical data becomes stale and less effective as conditions change. The claim that "rules are permanent" fundamentally misunderstands how ML models work; unlike static rule sets, learned models degrade in relevance without retraining. Options A, B, and D are all accurate statements.

(A) Correct — AI code analysis tools (like SAST scanners) process large codebases at speeds impractical for humans.

(B) Correct — alert prioritization is one of the most commercially valuable AI security applications.

(D) Correct — human oversight to review false positives is a standard best practice.

AP Exam Tip: On spot-the-error questions, watch for statements that claim AI is static, perfect, or fully autonomous. The AP exam consistently reinforces that human oversight and continuous improvement are required.

Q3 AI Threat Detection Advantages

Which of the following are advantages of AI-powered threat detection compared to purely rule-based detection systems?

I. AI can identify previously unknown attack patterns by detecting statistical anomalies in behavior data.
II. AI-based systems eliminate all false positives, ensuring analysts only investigate real threats.
III. AI can process and correlate security events from thousands of endpoints simultaneously at a speed impossible for human analysts.

(A) I only (B) I and III only (C) II and III only (D) I, II, and III

Statement I is correct: anomaly detection is a core advantage of ML-based threat detection. By learning what "normal" looks like, AI can flag deviations even when the specific attack signature is not in any database. Statement III is correct: scale and speed are the most operationally significant AI advantages — correlating millions of events per second across the enterprise is beyond human capacity. Statement II is false: AI-based systems are known for generating large numbers of false positives, especially in early deployment. Managing false positive rates is one of the primary challenges of AI security operations.

(A) Incomplete — Statement III is also correct.

(C) Incorrect — Statement II is false; AI systems often have higher false positive rates than tuned rule-based systems.

(D) Incorrect — Statement II is false.

AP Exam Tip: The AP exam will test trade-offs, not just benefits. AI scales well and detects anomalies, but generates false positives. Neither AI nor rules-only detection is perfect — strong security uses both.

Q4 Human Oversight Requirement

An AI-powered security system automatically quarantines any endpoint that exhibits behavior matching its threat model. One morning it quarantines 47 employee workstations during a software update rollout, causing a major operational outage. This scenario BEST illustrates why:

(A) AI security systems should be replaced entirely with human analysts (B) AI security systems should never be given automated response capabilities (C) Human oversight and approval workflows are essential before AI executes high-impact automated actions (D) Software updates should always be performed outside of business hours to avoid false positives

The scenario illustrates a false positive at scale: the AI correctly identified unusual behavior (mass simultaneous endpoint changes) but lacked context to distinguish a legitimate software rollout from an attack. The correct lesson is not to eliminate AI automation entirely (A/B), but to require human approval — or at minimum, human-in-the-loop review — before the system executes high-impact actions like mass quarantine. Option D is a partial workaround at best and does not address the core governance gap.

(A) Incorrect — the problem is not AI itself but the absence of human oversight before high-impact actions.

(B) Too extreme — automated responses to low-risk events (e.g., logging, alerting) are valuable; the issue is high-impact actions without review.

(D) Incorrect — a scheduling fix does not address the fundamental governance problem of unchecked automated response.

AP Exam Tip: The AP Cybersecurity CED explicitly emphasizes human oversight of AI systems. When a scenario shows AI causing unintended harm, the answer almost always involves adding human review to the decision loop — not removing AI entirely.

Q5 Adversarial Attack on AI Defender

An attacker crafts network packets that include subtle patterns specifically designed to cause an AI-based IDS to classify malicious traffic as benign. This technique is MOST ACCURATELY described as:

(A) A replay attack re-transmitting captured legitimate traffic (B) An adversarial input attack designed to exploit the AI model's decision boundary (C) A man-in-the-middle attack modifying packets in transit (D) A SQL injection attack embedded within network packet payloads

This is an adversarial input attack (also called an adversarial example). By understanding — or reverse-engineering — the patterns an AI model uses to classify traffic as malicious, an attacker can craft inputs that fall just outside the model's malicious classification boundary, causing it to produce a false negative. This is fundamentally different from a replay attack (A, which reuses old legitimate traffic), MitM (C, which intercepts in-transit data), or SQL injection (D, which targets database query parsing). Adversarial inputs are a known weakness of ML-based classifiers.

(A) Incorrect — replay attacks reuse captured traffic; they do not craft new inputs to fool classifiers.

(C) Incorrect — MitM is about interception position, not classifier manipulation.

(D) Incorrect — SQL injection targets database interpreters, not ML model inputs.

AP Exam Tip: Adversarial attacks on AI are a growing topic in cybersecurity. The core concept: ML classifiers have blind spots that can be discovered and exploited. Knowing this limitation is why AI defenders still need human analysis and rule-based fallbacks.

Quiz Complete

out of 5

Back to Course Hub Take Unit 1 Exam →

← Back to Exercise 2 Course Hub Unit 1 Exam →

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

✓

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

Name *

Email *

I am a... (optional)

Which course? (optional)

Phone (optional)

How did you find us? (optional)

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Message (optional — leave blank if just subscribing)

Send me free AP CS exam tips — daily practice questions, study resources, and exam strategies. + 20% OFF TUTORING
Unsubscribe anytime.

✉

tanner@apcsexamprep.com

📚

Courses

AP CSA, CSP, & Cybersecurity

⏱

Response Time

Within 24 hours

Prefer email? Reach me directly at tanner@apcsexamprep.com