NIST AI Risk Management Framework

Contents

• Introduction Introduction

  • About the SecAI+ exam

    1m 31s
• 1. The SecAI+ Exam 1. The SecAI+ Exam

  • (Locked)
    The SecAI+ exam

    2m 2s
  • (Locked)
    Careers in AI security

    2m 45s
  • (Locked)
    The value of certification

    1m 53s
  • (Locked)
    Study resources

    1m 22s
• 2. Inside the SecAI+ Exam 2. Inside the SecAI+ Exam

  • (Locked)
    In-person exam environment

    2m 43s
  • (Locked)
    At-home testing

    1m 14s
  • (Locked)
    SecAI+ question types

    2m 41s
  • (Locked)
    Passing the SecAI+ exam

    1m 43s
  • (Locked)
    Exam tips

    1m 3s
• 3. Domain 1: Basic AI Concepts Related to Cybersecurity 3. Domain 1: Basic AI Concepts Related to Cybersecurity

  • (Locked)
    Overview of the basic AI concepts related to the cybersecurity domain

    48s
• 4. Types of AI 4. Types of AI

  • (Locked)
    Types of AI

    2m 59s
  • (Locked)
    Machine learning

    3m 42s
  • (Locked)
    Deep learning

    3m 11s
  • (Locked)
    Natural language processing

    2m 50s
  • (Locked)
    LLMs vs. SLMs

    3m 41s
  • (Locked)
    Generative AI

    3m 55s
• 5. Model Training Techniques 5. Model Training Techniques

  • (Locked)
    Supervised learning

    2m 9s
  • (Locked)
    Unsupervised learning

    2m 32s
  • (Locked)
    Reinforcement learning

    1m 45s
  • (Locked)
    Federated learning

    1m 53s
  • (Locked)
    Model validation

    2m 37s
  • (Locked)
    Model fine-tuning

    2m 21s
• 6. Prompt Engineering 6. Prompt Engineering

  • (Locked)
    Prompt engineering

    1m 35s
  • (Locked)
    Prompt roles

    2m 3s
  • (Locked)
    Zero-shot prompting

    1m 24s
  • (Locked)
    One-shot prompting

    1m 6s
  • (Locked)
    Multi-shot prompting

    1m 34s
• 7. Data Processing 7. Data Processing

  • (Locked)
    Data types

    3m 5s
  • (Locked)
    Data cleansing

    2m 9s
  • (Locked)
    Data verification

    1m 52s
  • (Locked)
    Data integrity

    1m 47s
  • (Locked)
    Data lineage and provenance

    2m 2s
  • (Locked)
    Data augmentation

    1m 28s
  • (Locked)
    Data balancing

    1m 30s
  • (Locked)
    Watermarking

    1m 48s
• 8. Retrieval-Augmented Generation (RAG) 8. Retrieval-Augmented Generation (RAG)

  • (Locked)
    Retrieval-Augmented Generation (RAG)

    2m 6s
  • (Locked)
    Securing the knowledge store

    1m 52s
  • (Locked)
    Integrity of retrieved data

    1m 43s
  • (Locked)
    RAG privacy considerations

    2m 12s
• 9. Security in the AI Lifecycle 9. Security in the AI Lifecycle

  • (Locked)
    The AI lifecycle

    1m 39s
  • (Locked)
    Business alignment in the AI lifecycle

    1m 43s
  • (Locked)
    Data collection

    2m 20s
  • (Locked)
    Data preparation

    3m 15s
  • (Locked)
    Model development and selection

    2m 13s
  • (Locked)
    Model evaluation and validation

    2m 29s
  • (Locked)
    Model deployment and integration

    3m 25s
  • (Locked)
    Monitoring and maintenance

    3m 19s
• 10. Human-Centric AI Design 10. Human-Centric AI Design

  • (Locked)
    Human-centric AI design

    2m 33s
  • (Locked)
    Human-in-the-loop

    1m 36s
  • (Locked)
    Human oversight

    1m 26s
  • (Locked)
    Human validation

    1m 31s
• 11. Domain 2: Securing AI Systems 11. Domain 2: Securing AI Systems

  • (Locked)
    Overview of the Securing AI Systems domain

    51s
• 12. Data and Training Attacks 12. Data and Training Attacks

  • (Locked)
    Data poisoning

    2m 56s
  • (Locked)
    Model poisoning

    2m 32s
  • (Locked)
    Introducing biases

    1m 34s
  • (Locked)
    Transfer learning attacks

    2m 40s
  • (Locked)
    Model skewing

    2m 17s
  • (Locked)
    Backdoor and trojan attacks

    2m 4s
• 13. Prompt and Input Manipulation Attacks 13. Prompt and Input Manipulation Attacks

  • (Locked)
    Prompt injection

    2m 9s
  • (Locked)
    Circumventing guardrails and jailbreaking

    3m 18s
  • (Locked)
    Input manipulation

    1m 24s
• 14. Model Extraction and Information Leakage Attacks 14. Model Extraction and Information Leakage Attacks

  • (Locked)
    Model inversion

    1m 46s
  • (Locked)
    Membership Inference

    1m 47s
  • (Locked)
    Model theft

    2m 15s
  • (Locked)
    Sensitive information disclosure

    1m 21s
• 15. Integration and Operational Attacks 15. Integration and Operational Attacks

  • (Locked)
    Manipulating application integrations

    4m 8s
  • (Locked)
    AI supply chain attacks

    2m 4s
  • (Locked)
    Insecure plug-in design

    2m 9s
  • (Locked)
    Insecure output handling

    1m 23s
  • (Locked)
    Output integrity attacks

    2m 8s
  • (Locked)
    Model denial of service

    1m 31s
  • (Locked)
    Excessive agency

    1m 33s
  • (Locked)
    Overreliance

    1m 34s
  • (Locked)
    AI hallucinations

    1m 4s
• 16. AI Security Controls 16. AI Security Controls

  • (Locked)
    Model risk assessment

    3m 1s
  • (Locked)
    Model guardrails

    3m 16s
  • (Locked)
    Prompt templates

    2m 38s
  • (Locked)
    Guardrail testing and validation

    3m 50s
• 17. AI Access Controls 17. AI Access Controls

  • (Locked)
    Prompt firewalls

    2m 31s
  • (Locked)
    Limits and quotas

    3m 45s
  • (Locked)
    Model access controls

    3m 10s
  • (Locked)
    Data access controls

    3m 14s
  • (Locked)
    Agent access controls

    3m 34s
  • (Locked)
    Network and API access controls

    3m 58s
• 18. Encryption and Data Safety 18. Encryption and Data Safety

  • (Locked)
    Data encryption

    4m 19s
  • (Locked)
    Data classification labeling

    3m 42s
  • (Locked)
    Data minimization

    3m 31s
  • (Locked)
    Data redaction

    3m 53s
  • (Locked)
    Data masking

    3m
  • (Locked)
    Data anonymization

    3m 33s
• 19. AI Monitoring and Auditing 19. AI Monitoring and Auditing

  • (Locked)
    Monitoring prompts and responses

    2m 51s
  • (Locked)
    Log monitoring

    4m 30s
  • (Locked)
    Rate and cost monitoring

    5m 1s
  • (Locked)
    Auditing for AI hallucinations

    3m 33s
  • (Locked)
    Auditing for accuracy

    3m 29s
  • (Locked)
    Auditing for bias and fairness

    4m 35s
  • (Locked)
    Auditing access and security compliance

    3m 48s
• 20. Domain 3: AI-Assisted Security 20. Domain 3: AI-Assisted Security

  • (Locked)
    Overview of the AI-assisted Security Ddmain

    39s
• 21. AI-Assisted Security Tools 21. AI-Assisted Security Tools

  • (Locked)
    AI in security tools

    1m 36s
  • (Locked)
    IDE plug-ins

    1m 53s
  • (Locked)
    Browser plug-ins

    2m 30s
  • (Locked)
    CLI plug-ins

    1m 56s
  • (Locked)
    Chatbots and personal assistants

    3m 4s
  • (Locked)
    MCP servers

    3m 41s
• 22. AI Security Use Cases 22. AI Security Use Cases

  • (Locked)
    Threat detection and prevention

    5m 40s
  • (Locked)
    Secure code development

    4m 8s
  • (Locked)
    Penetration testing

    1m 52s
  • (Locked)
    Incident response and management

    1m 52s
  • (Locked)
    Language-driven security operations

    3m 4s
• 23. AI-Enabled Attacks 23. AI-Enabled Attacks

  • (Locked)
    Deepfake content

    3m 27s
  • (Locked)
    Adversarial networks

    2m 3s
  • (Locked)
    Reconnaissance

    1m 29s
  • (Locked)
    Social engineering

    2m 2s
  • (Locked)
    Obfuscation

    1m 33s
  • (Locked)
    Automated data correlation

    2m 27s
  • (Locked)
    Automated attack generation

    5m 7s
• 24. Automating Security Tasks 24. Automating Security Tasks

  • (Locked)
    Scripting tools

    2m 17s
  • (Locked)
    Document synthesis and summarization

    1m 28s
  • (Locked)
    Incident response ticket management

    2m 22s
  • (Locked)
    Change management

    2m 59s
  • (Locked)
    AI agents

    2m 55s
  • (Locked)
    AI in the CI/CD pipeline

    6m 6s
• 25. Domain 4: AI Governance, Risk, and Compliance 25. Domain 4: AI Governance, Risk, and Compliance

  • (Locked)
    Overview of the AI Governance, Risk, and Compliance domain

    38s
• 26. AI Governance 26. AI Governance

  • (Locked)
    Governing AI

    1m 48s
  • (Locked)
    Organizing for AI

    2m 52s
  • (Locked)
    AI policies and procedures

    5m 46s
  • (Locked)
    AI-related roles

    5m 16s
• 27. AI Risks 27. AI Risks

  • (Locked)
    Responsible AI

    5m 29s
  • (Locked)
    AI risks

    2m 23s
  • (Locked)
    Introduction of bias

    2m 37s
  • (Locked)
    Accidental data leakage

    2m 53s
  • (Locked)
    Reputational loss

    2m 11s
  • (Locked)
    Accuracy and performance of the model

    2m 22s
  • (Locked)
    Intellectual property risks

    3m 31s
  • (Locked)
    Autonomous systems

    2m 27s
  • (Locked)
    Shadow IT and shadow AI

    1m 48s
  • (Locked)
    Awareness training

    2m 21s
• 28. AI Compliance 28. AI Compliance

  • (Locked)
    AI compliance

    1m 17s
  • (Locked)
    EU AI Act

    3m 15s
  • (Locked)
    OECD standards

    1m 46s
  • (Locked)
    ISO AI standards

    1m 28s
  • (Locked)
    NIST AI Risk Management Framework

    2m 1s
  • (Locked)
    Corporate AI policies

    2m 46s
  • (Locked)
    Third-party compliance evaluations

    1m 58s
  • (Locked)
    Data sovereignty

    2m 41s
• What's Next? What's Next?

  • (Locked)
    Preparing for the exam

    49s