ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

Your team is about to expose a cloud-hosted fraud-detection model as a public REST API. The chief concern is that an attacker could issue many queries and use the returned probability scores to infer sensitive attributes about the individuals whose data was used to train the model. Which control would MOST effectively mitigate this risk at inference time while still allowing legitimate users to obtain useful results?

Add differential-privacy noise to every prediction returned by the API, limiting per-query information leakage.
Encrypt the trained model file using a hardware security module before deploying the service.
Place the API behind a web application firewall that blocks injection attacks and limits request rates.
Disable model explainability features so that feature importance values are never exposed.

Report Issue

Answer Description

The threat described is a form of model-inversion or membership-inference attack, in which an adversary reconstructs or learns sensitive information about training records by analysing the model's output probabilities. Adding carefully-calibrated random noise to each prediction in accordance with differential privacy limits the amount of information any single record can reveal, providing provable bounds against such leakage. Encrypting the model at rest or shielding it with a generic web application firewall does not address information disclosed through the model's outputs. Simply disabling explainability features hides model internals but still leaves raw probabilities exposed, so it does not sufficiently mitigate inference attacks.

Ask Bash

Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.