AI Defense Strategies Assessment

📋 Assessment Instructions

This assessment covers all four lessons from Module 3: AI Defense Strategies
Questions include multiple choice, true/false, and practical scenarios
You have unlimited time to complete the assessment
A passing score of 70% is required to proceed to Module 4
Review the lessons if you need to refresh your knowledge

🎯 Part 1: Adversarial Training (Questions 1-6)

Question 1

What is the primary goal of adversarial training?

To reduce model size To improve model robustness against adversarial attacks To increase training speed To reduce computational requirements

Question 2

In Projected Gradient Descent (PGD), what does the projection step accomplish?

It reduces the learning rate It ensures perturbations stay within the allowed epsilon ball It normalizes the gradients It increases the perturbation magnitude

Question 3

Which of the following is a common challenge with adversarial training?

It always improves clean accuracy It can lead to a trade-off between clean and adversarial accuracy It requires no additional computational resources It eliminates all adversarial vulnerabilities

Question 4

What is the purpose of using multiple attack steps in PGD?

To reduce training time To find stronger adversarial examples for training To decrease model complexity To improve gradient stability

Question 5

Which technique is commonly used to improve adversarial training efficiency?

Random initialization Curriculum learning Batch normalization Dropout regularization

Question 6

True or False: Adversarial training guarantees protection against all types of adversarial attacks.

True False

🛡️ Part 2: Robust Optimization (Questions 7-12)

Question 7

What is the mathematical formulation of robust optimization?

min_θ L(θ, x, y) min_θ max_δ∈Δ L(θ, x + δ, y) max_θ L(θ, x, y) min_θ min_δ∈Δ L(θ, x + δ, y)

Question 8

What does randomized smoothing provide?

Faster inference Certified robustness guarantees Smaller model size Better generalization

Question 9

Which of the following is a key property of Lipschitz-constrained networks?

They have unbounded gradients They provide certified robustness within a radius They require no training They always achieve perfect accuracy

Question 10

What is the main advantage of certified defenses over empirical defenses?

They are faster to compute They provide mathematical guarantees about robustness They require less memory They work with any model architecture

Question 11

In CROWN-IBP training, what does IBP stand for?

Interval Bound Propagation Iterative Bound Propagation Integrated Bound Propagation Independent Bound Propagation

Question 12

True or False: Randomized smoothing can only be applied to image classification tasks.

True False

🔍 Part 3: AI Monitoring & Detection (Questions 13-18)

Question 13

What is the primary purpose of AI security monitoring?

To reduce model size To detect adversarial attacks and anomalies in real-time To increase training speed To improve model accuracy

Question 14

Which statistical method is commonly used for data drift detection?

Linear regression Kolmogorov-Smirnov test Principal component analysis Support vector machines

Question 15

What does PSI stand for in the context of data drift detection?

Population Stability Index Probability Stability Index Performance Stability Index Predictive Stability Index

Question 16

Which of the following is a key metric for adversarial detection systems?

Model size False positive rate Training time Memory usage

Question 17

What is the main advantage of ensemble detection methods?

They are faster to compute They combine multiple detection approaches for better accuracy They require less memory They work without training

Question 18

True or False: Concept drift and data drift are the same phenomenon.

True False

🧪 Part 4: Defensive Distillation (Questions 19-25)

Question 19

What is the main purpose of defensive distillation?

To reduce model size To create more robust models by transferring knowledge from a teacher model To increase training speed To improve model accuracy

Question 20

What effect does high temperature scaling have on model predictions?

It makes predictions more confident It smooths the probability distribution It reduces model complexity It increases training time

Question 21

In defensive distillation, what is the typical range for temperature values?

0.1 to 1.0 1.0 to 2.0 5.0 to 20.0 50.0 to 100.0

Question 22

Which of the following is a limitation of defensive distillation?

It always improves model performance It can mask gradients, making attacks appear ineffective It requires no additional training It works with any model architecture

Question 23

What is the advantage of multi-teacher distillation?

It reduces computational requirements It combines knowledge from multiple robust models It eliminates the need for temperature scaling It works without training

Question 24

In progressive distillation, what happens to the temperature over time?

It remains constant It gradually increases It gradually decreases It oscillates randomly

Question 25

True or False: Defensive distillation always produces models that are more robust than standard training.

True False

📝 AI Defense Strategies Assessment

📋 Assessment Instructions

🎯 Part 1: Adversarial Training (Questions 1-6)

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

🛡️ Part 2: Robust Optimization (Questions 7-12)

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

🔍 Part 3: AI Monitoring & Detection (Questions 13-18)

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

🧪 Part 4: Defensive Distillation (Questions 19-25)

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25

📊 Assessment Results

Assessment Complete

Performance by Section

Adversarial Training

Robust Optimization

AI Monitoring & Detection

Defensive Distillation

Next Steps