Chapter 12: Governance, Privacy & Risk - Quiz¶

Correct Answer: b) Data Minimization

Explanation: Data Minimization is the GDPR principle requiring organizations to collect only the data necessary to achieve their stated purpose. In SOC context, this means logging authentication events (necessary) but not full email content (excessive for most security use cases). Purpose Limitation means using data only for stated purposes, Legitimate Interest is a lawful basis for processing, and Data Subject Rights refer to individual rights like access and erasure.

Related Concepts: GDPR, Privacy-by-Design, Compliance

Correct Answer: c) 6 years

Explanation: HIPAA requires healthcare organizations to retain audit logs for 6 years. This applies to logs containing PHI, including SOC logs that capture access to patient data. Organizations must balance this long retention requirement with GDPR's data minimization principles if operating in both jurisdictions. Logs must also be encrypted and access-controlled.

Related Concepts: HIPAA, Compliance, Data Retention

Correct Answer: c) Within 72 hours

Explanation: PCI-DSS requires notification to card brands within 72 hours of discovering a breach involving cardholder data. This aligns with GDPR's 72-hour breach notification requirement. Organizations must have incident response plans that account for these strict timelines, including communication procedures and breach assessment processes.

Related Concepts: PCI-DSS, Incident Response, Breach Notification

Correct Answer: b) Building privacy protections into systems from the start, not as an afterthought

Explanation: Privacy-by-Design means embedding privacy protections into the architecture and design of systems from the beginning, rather than adding them later. In SOC context, this includes: designing log collection to capture only necessary data, implementing automatic PII redaction, setting appropriate retention periods before deployment, and building access controls into the logging infrastructure. It's proactive, not reactive.

Related Concepts: Privacy-by-Design, Data Minimization, Privacy Engineering

Correct Answer: c) Algorithmic bias

Explanation: This is algorithmic bias—the model performs differently across different groups (departments). This could result from biased training data (fewer finance department examples) or features that don't generalize (finance department has different normal behavior). Bias in ML models can lead to unfair treatment, false accusations, or missed threats for certain groups. Organizations must audit models for fairness across demographics and roles.

Related Concepts: Bias in ML, Fairness, Model Evaluation

Correct Answer: c) Increasing model complexity to capture more patterns

Explanation: Increasing model complexity typically reduces explainability. Complex models (deep neural networks, large ensembles) may achieve higher accuracy but are harder to interpret. SHAP and LIME are techniques for explaining black-box models, and decision trees provide inherent interpretability. In security operations, explainability is crucial for analyst trust, compliance requirements, and debugging false positives.

Related Concepts: Explainability, Interpretability, Model Transparency

Correct Answer: b) A mathematical framework that adds noise to data to protect individual privacy while enabling statistical analysis

Explanation: Differential privacy is a rigorous mathematical approach that adds carefully calibrated noise to datasets, allowing aggregate analysis (like training ML models) while protecting individual records. In SOC context, it enables: training threat detection models on sensitive user behavior data without exposing individual activities, sharing threat intelligence without revealing specific victims, and conducting research on breach data while protecting affected organizations. It provides quantifiable privacy guarantees.

Related Concepts: Differential Privacy, Privacy-Preserving ML, Anonymization

Correct Answer: c) Logs may contain PII, credentials, or sensitive business information that could be memorized and leaked by the LLM

Explanation: The primary privacy concern is data leakage. LLMs can memorize training data and regurgitate it in responses, potentially exposing: usernames, file paths with sensitive names, internal IP addresses, credentials accidentally logged, or confidential project names. Before training on SOC logs, you must: sanitize/redact PII and credentials, apply differential privacy techniques, use secure training environments, and implement output filtering to catch leakage. This aligns with GDPR's data protection requirements.

Related Concepts: LLM Privacy, Data Leakage, PII Redaction

Correct Answer: c) Guarantee that the model will detect 100% of threats

Explanation: No ML model can guarantee 100% detection—this is unrealistic and misleading. A proper AI risk assessment includes: performance metrics with realistic expectations (precision, recall, F1), bias analysis across groups, privacy/compliance review, adversarial robustness, explainability assessment, failure mode analysis (what happens when model is wrong), and operational risks (dependency on data quality, drift over time). Setting unrealistic expectations is itself a governance failure.

Related Concepts: Risk Assessment, AI Governance, Model Evaluation

Correct Answer: a) Protecting financial system audit logs and access controls for at least 7 years

Explanation: SOX requires public companies to maintain accurate financial records and internal controls. SOC responsibilities include: retaining audit logs for financial systems for 7+ years, monitoring access to financial applications and databases, detecting unauthorized changes to financial records, logging who modified financial data and when, and protecting the integrity of audit trails. SOX violations can result in criminal penalties for executives.

Related Concepts: SOX, Audit Logs, Compliance

Correct Answer: b) To provide oversight, policy development, and risk assessment for AI/ML deployments

Explanation: An AI governance committee provides cross-functional oversight for AI initiatives. Responsibilities include: reviewing AI use case proposals and risks, establishing ethical guidelines and red lines, approving high-risk AI deployments, monitoring AI system performance and bias, ensuring compliance with regulations, defining incident response for AI failures, and promoting responsible AI practices. The committee typically includes security, legal, privacy, and business stakeholders.

Related Concepts: AI Governance, Risk Management, Ethics

Correct Answer: c) Hallucination

Explanation: This is LLM hallucination—the model generates plausible-sounding but false information (fabricated IOC). Hallucinations are a major risk when using LLMs for security documentation. Mitigation strategies include: grounding with RAG (retrieve actual incident data before generating), output validation (check that IOCs exist in logs), human review (analyst must verify all generated content), confidence scoring, and clear disclaimers that LLM output requires validation.

Related Concepts: Hallucination, LLM Guardrails, Output Validation

Correct Answer: b) Purpose Limitation

Explanation: Purpose Limitation means using data only for the stated purpose at collection time. Example violation: SOC logs collected for security monitoring are used for employee performance reviews without separate authorization. This is a GDPR violation and trust breach. Organizations should document purposes in privacy policies, implement technical controls preventing unauthorized use, and conduct audits ensuring logs aren't misused.

Related Concepts: Purpose Limitation, GDPR, Privacy Principles

Correct Answer: b) A documented inventory of identified AI risks, likelihood, impact, and mitigation strategies

Explanation: A risk register is a governance artifact documenting AI risks. For each risk, it captures: description (e.g., "LLM may leak PII from training data"), likelihood (high/medium/low), impact (financial, reputational, compliance), current controls, residual risk, mitigation plan, and owner. Example risks: model bias, hallucination causing false investigations, adversarial evasion, privacy violations, dependency on vendor, model drift. The register is reviewed regularly and updated as new risks emerge.

Related Concepts: Risk Register, Risk Management, AI Governance

Correct Answer: b) False - Transparency and notification are required under privacy regulations like GDPR

Explanation: False. While security is a legitimate interest under GDPR, transparency is a separate requirement. Organizations must inform employees/users about: what data is monitored, how it's used (including AI/ML training), retention periods, and their rights. This is typically documented in privacy policies, employee handbooks, and acceptable use policies. Covert monitoring without notification can violate privacy laws, employment laws, and damage trust. Balance security needs with transparency obligations.

Related Concepts: Transparency, GDPR, Privacy Policies, Consent