🔥 3-day streak
CompTIA SecurityX (CAS-005)55 / 120
Question 55 of 120

A company deploys an internal customer-support chatbot built on a large language model (LLM) with a retrieval-augmented generation (RAG) pipeline that pulls from an indexed knowledge base of uploaded documents. During testing, a security engineer discovers that a document uploaded by an untrusted third party contained hidden instructions that, when retrieved and passed into the model context, caused the assistant to reveal system prompt contents and ignore its content-filtering rules. Which mitigation MOST directly addresses this indirect prompt injection risk?

Reviewed for accuracy · Report an issueNext question