• To ensure you get the most out of your CIN membership and stay connected with the latest updates, we are asking all members to update their community profiles. Please take a few moments to log in and: • Complete all sections of your profile • Review your current information for accuracy • Enter an alternative email address if desired (CIN requires your valid business email address for your training organization). Keeping your profile up to date helps us better serve you, ensures your account is correctly linked with CompTIA’s CRM, streamlines processes, enhances communication, and guarantees you never miss out on valuable CIN opportunities. Thank you for taking this important step! step!

Recommendation/Advice/Experience on SecAI+

Jump to latest Follow Reply
shiftry

shiftry

Member
    • Mar 7, 2024
    5
    3
    1,071
    #1
    Hi Everyone!

    I'm preparing myself on taking SecAI+. I just finished the on-demand TTT series released early this year and I also adquired a training in Udemy related to this cert. I've been certified in CySA+ and Pentest+ since 2021 but for SecAI+ given that this is an "expansion series" which foundations are Security+ I would like to hear your advice, recommendation, study guide, experiences during the exam, etc that could provide more insights on this exam.

    Appreciate your comments and guidance

    Best regards
     
    • Like
    Reactions: Brandon G and Fanuel
    #3
    I do not mean for this to sound like a sales push, as it is not intended that way. But, in my experience taking CompTIA exams, I really like to use the CertMaster Practice to get ready. I think that tool offers different modes to look at questions, based on exam objectives and timed and untimed format. So you can really tailor your studying to areas you need to concentrate on.

    Given your experience, this is where I would focus zeroing in on the AI objectives questions, then taking a look at the total practice exams Just my opinion, as everyone prepares differently. 😁
     
    • Like
    Reactions: shiftry, Brandon G and BrianFord
    #4
    shiftry said:
    Hi Everyone!

    I'm preparing myself on taking SecAI+. I just finished the on-demand TTT series released early this year and I also adquired a training in Udemy related to this cert. I've been certified in CySA+ and Pentest+ since 2021 but for SecAI+ given that this is an "expansion series" which foundations are Security+ I would like to hear your advice, recommendation, study guide, experiences during the exam, etc that could provide more insights on this exam.

    Appreciate your comments and guidance

    Best regards
    Click to expand...
    I passed SecAI+ earlier today. Here are my thoughts:

    1. OWASP was more prominent than expected.
    2. The test started with 3 PBQs. You’re able to flag them for review and then come back to them. Remaining questions were multiple choice and easily digestible.
    3. The one hour limit for 54 questions was almost enough time. Did not get to one of the PBQs.

    Be strong and prevail.
     
    • Like
    Reactions: Masiku01, Ali Binmahfodh and shiftry
    #6
    Congrats on passing SecAI+, that’s a great achievement!
    • Interesting to hear OWASP showed up more prominently; that’s a good reminder for anyone prepping to brush up on those frameworks.
    • Thanks for clarifying the PBQ flow. Being able to flag and revisit them definitely helps with pacing.
    • The one‑hour limit is tight, so your note about not finishing one PBQ is valuable context for others planning their timing strategy.
    Appreciate you sharing these insights, they’ll be really useful for members preparing for the exam.
     
    #7
    owasp.org

    OWASP Top 10 for Large Language Model Applications | OWASP Foundation

    Aims to educate developers, designers, architects, managers, and organizations about the potential security risks when deploying and managing Large Language Models (LLMs)
    owasp.org owasp.org

    Key Takeaways from OWASP Top 10 for LLM Applications
    • Input manipulation: Attackers can trick LLMs with crafted prompts, leading to unauthorized access or bad decisions.
    • Unvalidated outputs: If you trust LLM responses blindly, they can introduce vulnerabilities (e.g., unsafe code execution).
    • Training data tampering: Poisoned datasets can corrupt models, affecting accuracy and ethics.
    • Resource overload: Heavy queries can disrupt services or drive up costs.
    • Sensitive data leaks: LLMs may accidentally reveal confidential information.
    • Plugin risks: Poorly controlled plugins can open doors to exploits like remote code execution.
    • Unchecked autonomy: Giving LLMs too much freedom can cause unintended, harmful actions.
     
    You must log in or register to reply here.
    Top Bottom
    Back
    Jump to latest Follow Reply
    Jump to latest Follow Reply
    Home
    Media
    Resources
    Menu