Practice Free CT-GenAI Exam Online Questions
Question #1
A tester uploads crafted images that steer the LLM into validating non-existent acceptance criteria.
Which attack vector is this?
- A . Data poisoning
- B . Data exfiltration
- C . Request manipulation
- D . Malicious code generation
Correct Answer: C
C
Explanation
This scenario describes a form of Request Manipulation, specifically a type of "Prompt Injection" or "Adversarial Prompting." In this attack vector, the user (or an external attacker) provides malicious or deceptive input―in this case, via an image in a multimodal LLM―to bypass the model’s intended constraints or to steer its logic toward an unintended outcome. By crafting an image that tricks the LLM into seeing "acceptance criteria" that aren’t actually there, the attacker manipulates the model’s request processing to generate false validation results. This is different from Data Poisoning (Option A), which involves corrupting the training data before the model is even built. It is also distinct from Data Exfiltration (Option B), which aims to steal data from the model. In a testing environment, request manipulation is a significant risk because it can lead to "Silent Failures," where the AI reports that tests have passed or requirements are met based on deceptive input, thereby compromising the integrity of the entire Quality Assurance process.
C
Explanation
This scenario describes a form of Request Manipulation, specifically a type of "Prompt Injection" or "Adversarial Prompting." In this attack vector, the user (or an external attacker) provides malicious or deceptive input―in this case, via an image in a multimodal LLM―to bypass the model’s intended constraints or to steer its logic toward an unintended outcome. By crafting an image that tricks the LLM into seeing "acceptance criteria" that aren’t actually there, the attacker manipulates the model’s request processing to generate false validation results. This is different from Data Poisoning (Option A), which involves corrupting the training data before the model is even built. It is also distinct from Data Exfiltration (Option B), which aims to steal data from the model. In a testing environment, request manipulation is a significant risk because it can lead to "Silent Failures," where the AI reports that tests have passed or requirements are met based on deceptive input, thereby compromising the integrity of the entire Quality Assurance process.
Question #2
What distinguishes an LLM-powered agent from a basic AI chatbot in test processes?
- A . Reliance on predefined templates to generate short, factual answers
- B . Ability to respond to prompts without explicit user instructions
- C . Ability to trigger automated actions beyond conversation
- D . Use of a conversational tone and improved response personalization
Correct Answer: C
C
Explanation
While a basic chatbot is primarily designed for textual interaction and information retrieval, an LLM-powered agent (or AI Agent) is characterized by its agency―the ability to use tools and trigger actions in the external world. In a software testing context, an agent does not just "talk" about testing; it can actually perform testing tasks. For example, an agent could be given the goal to "verify the login module," and it would independently decide to call an API, generate a test script, execute it against a test environment, and then analyze the results to report a bug in Jira. This ability to trigger automated actions (Option C) through "function calling" or tool integration is what makes agents far more powerful than simple conversational interfaces (Option D). Agents can reason about "how" to achieve a goal, selecting the appropriate tools (like Selenium, Postman, or specialized internal utilities) to complete the task. This moves the AI from being a passive advisor to an active participant in the test automation ecosystem, requiring testers to focus more on goal definition and result validation.
C
Explanation
While a basic chatbot is primarily designed for textual interaction and information retrieval, an LLM-powered agent (or AI Agent) is characterized by its agency―the ability to use tools and trigger actions in the external world. In a software testing context, an agent does not just "talk" about testing; it can actually perform testing tasks. For example, an agent could be given the goal to "verify the login module," and it would independently decide to call an API, generate a test script, execute it against a test environment, and then analyze the results to report a bug in Jira. This ability to trigger automated actions (Option C) through "function calling" or tool integration is what makes agents far more powerful than simple conversational interfaces (Option D). Agents can reason about "how" to achieve a goal, selecting the appropriate tools (like Selenium, Postman, or specialized internal utilities) to complete the task. This moves the AI from being a passive advisor to an active participant in the test automation ecosystem, requiring testers to focus more on goal definition and result validation.
Question #3
Which standard specifies requirements for managing AI systems within an organization, supporting consistent GenAI use in testing?
- A . ISO/IEC 42001:2023
- B . NIST AI RMF 1.0
- C . ISO/IEC 23053:2022
- D . EU AI Act
Correct Answer: A
A
Explanation
ISO/IEC 42001:2023is the international standard for an AI Management System (AIMS). It is designed to help organizations develop, provide, or use AI systems responsibly by providing a certifiable framework of requirements and controls. In a software testing context, this standard is vital for establishing governance, ensuring that GenAI tools are used consistently and ethically across the lifecycle. NIST AI RMF 1.0 (Option B) is a highly respected framework, but it is a set of voluntary guidelines for managing risk, not a "requirement standard" for a management system. ISO/IEC 23053:2022 (Option C) provides a general framework for AI using machine learning but lacks the comprehensive "management system" scope found in 42001. Finally, the EU AI Act (Option D) is a regulation (law), not a technical standard. For a test organization looking to align its GenAI strategy with international best practices and achieve formal certification, ISO/IEC 42001 is the definitive standard to follow, as it covers the organizational processes, data handling, and risk management necessary for high-quality AI operations.
A
Explanation
ISO/IEC 42001:2023is the international standard for an AI Management System (AIMS). It is designed to help organizations develop, provide, or use AI systems responsibly by providing a certifiable framework of requirements and controls. In a software testing context, this standard is vital for establishing governance, ensuring that GenAI tools are used consistently and ethically across the lifecycle. NIST AI RMF 1.0 (Option B) is a highly respected framework, but it is a set of voluntary guidelines for managing risk, not a "requirement standard" for a management system. ISO/IEC 23053:2022 (Option C) provides a general framework for AI using machine learning but lacks the comprehensive "management system" scope found in 42001. Finally, the EU AI Act (Option D) is a regulation (law), not a technical standard. For a test organization looking to align its GenAI strategy with international best practices and achieve formal certification, ISO/IEC 42001 is the definitive standard to follow, as it covers the organizational processes, data handling, and risk management necessary for high-quality AI operations.
Question #4
A prompt begins: “You are a senior test manager responsible for risk-based test planning on a payments platform.” Which component is this?
- A . Instruction
- B . Context
- C . Role
- D . Constraints
Correct Answer: C
C
Explanation
In structured prompt engineering, the Role component (also known as a Persona) is used to set the perspective, expertise, and tone of the LLM’s response. By assigning the role of a "senior test manager," the tester instructs the model to adopt the specific domain knowledge, vocabulary, and professional standards associated with that position. This technique is highly effective because LLMs are trained on vast datasets containing diverse professional documents; invoking a specific persona helps the model narrow its "latent space" to retrieve information relevant to that specific field. For instance, a senior test manager persona will prioritize risk management, resource allocation, and high-level strategy, whereas a "junior developer" persona might focus more on syntax and local unit tests. While Context (Option B) provides the background of the project and Instruction (Option A) defines the specific task to be performed, the Roleserves as the foundation for how those instructions are interpreted. This ensures the generated testware aligns with the expected professional seniority and organizational maturity required for high-stakes environments like a payments platform.
C
Explanation
In structured prompt engineering, the Role component (also known as a Persona) is used to set the perspective, expertise, and tone of the LLM’s response. By assigning the role of a "senior test manager," the tester instructs the model to adopt the specific domain knowledge, vocabulary, and professional standards associated with that position. This technique is highly effective because LLMs are trained on vast datasets containing diverse professional documents; invoking a specific persona helps the model narrow its "latent space" to retrieve information relevant to that specific field. For instance, a senior test manager persona will prioritize risk management, resource allocation, and high-level strategy, whereas a "junior developer" persona might focus more on syntax and local unit tests. While Context (Option B) provides the background of the project and Instruction (Option A) defines the specific task to be performed, the Roleserves as the foundation for how those instructions are interpreted. This ensures the generated testware aligns with the expected professional seniority and organizational maturity required for high-stakes environments like a payments platform.
Question #5
What does an embedding represent in an LLM?
- A . Tokens grouped into context windows
- B . Numerical vectors capturing semantic relationships
- C . Logical rules for reasoning
- D . A set of test cases for validation
Correct Answer: B
B
Explanation
Embeddings are a fundamental concept in modern Natural Language Processing (NLP) and LLMs. They are high-dimensional numerical vectors―essentially lists of numbers―that represent the meaning (semantics) of a piece of text (a word, sentence, or document). Unlike traditional keyword matching, which looks for identical strings of characters, embeddings allow the model to understand the "closeness" of concepts. For example, in a vector space, the word "bug" would be mathematically closer to "defect" or "error" than to "feature" or "requirement." This captures the semantic relationship between terms. This technology is the backbone of Retrieval-Augmented Generation (RAG) used in testing: when a tester queries a documentation set, the system converts the query into an embedding and looks for other chunks of text with similar vector values. This allows the AI to retrieve relevant context even if the exact keywords do not match. It is not about logical rules (Option C) or groups of tokens (Option A), but rather a mathematical representation of language that enables machines to process human meaning.
B
Explanation
Embeddings are a fundamental concept in modern Natural Language Processing (NLP) and LLMs. They are high-dimensional numerical vectors―essentially lists of numbers―that represent the meaning (semantics) of a piece of text (a word, sentence, or document). Unlike traditional keyword matching, which looks for identical strings of characters, embeddings allow the model to understand the "closeness" of concepts. For example, in a vector space, the word "bug" would be mathematically closer to "defect" or "error" than to "feature" or "requirement." This captures the semantic relationship between terms. This technology is the backbone of Retrieval-Augmented Generation (RAG) used in testing: when a tester queries a documentation set, the system converts the query into an embedding and looks for other chunks of text with similar vector values. This allows the AI to retrieve relevant context even if the exact keywords do not match. It is not about logical rules (Option C) or groups of tokens (Option A), but rather a mathematical representation of language that enables machines to process human meaning.
Question #6
What defines a prompt pattern in the context of structured GenAI capability building?
- A . Treating prompts as access credentials or compliance records rather than functional templates
- B . Maintaining static documentation repositories without real-time prompt standardization processes
- C . Applying a reusable and structured template that guides GenAI models toward consistent outputs
- D . Using ad hoc prompts without reference to previously proven structures or examples
Correct Answer: C
C
Explanation
In the context of structured Generative AI capability building, a prompt pattern is a formalized method of interaction that ensures repeatability and reliability. Much like software design patterns, prompt patterns provide a reusable and structured template designed to guide Large Language Models (LLMs) toward producing specific, high-quality, and consistent outputs. Without these patterns, testers often rely on "zero-shot" or ad hoc prompting, which frequently leads to non-deterministic results that are difficult to validate in a professional testing lifecycle. By adopting prompt patterns, organizations can standardize how requirements are translated into test cases or how code is analyzed for defects. This standardization is critical for scaling GenAI across a team, as it allows for the creation of a "prompt library" where successful structures―such as Persona-based, Few-shot, or Chain-of-Thought patterns―are documented and reused. This approach moves the use of GenAI from a trial-and-error activity to a disciplined engineering practice, ensuring that the model understands the specific context, constraints, and expected output formats required for rigorous software testing tasks.
C
Explanation
In the context of structured Generative AI capability building, a prompt pattern is a formalized method of interaction that ensures repeatability and reliability. Much like software design patterns, prompt patterns provide a reusable and structured template designed to guide Large Language Models (LLMs) toward producing specific, high-quality, and consistent outputs. Without these patterns, testers often rely on "zero-shot" or ad hoc prompting, which frequently leads to non-deterministic results that are difficult to validate in a professional testing lifecycle. By adopting prompt patterns, organizations can standardize how requirements are translated into test cases or how code is analyzed for defects. This standardization is critical for scaling GenAI across a team, as it allows for the creation of a "prompt library" where successful structures―such as Persona-based, Few-shot, or Chain-of-Thought patterns―are documented and reused. This approach moves the use of GenAI from a trial-and-error activity to a disciplined engineering practice, ensuring that the model understands the specific context, constraints, and expected output formats required for rigorous software testing tasks.
Question #7
Which competency MOST helps testers steer LLMs to produce useful, on-policy testware?
- A . Mastering prompt engineering
- B . Configuring network routers
- C . Writing low-level device drivers
- D . Designing custom CPU instructions
Correct Answer: A
A
Explanation
As Generative AI becomes integrated into the software testing lifecycle, the role of the tester shifts from manual authoring to the "orchestration" of AI models. Mastering prompt engineering is the primary competency required to effectively steer LLMs. Prompt engineering involves the deliberate design of inputs― incorporating roles, context, instructions, and constraints―to elicit the most accurate and "on-policy" outputs from the model. In a testing context, "on-policy" refers to testware that adheres to organizational standards, security protocols, and specific project requirements. While technical skills like network configuration or low-level programming (Options B, C, and D) are valuable in specific engineering domains, they do not directly influence the communicative interface between the human and the AI. A tester proficient in prompt engineering can utilize techniques like "Chain-of-Thought" or "Few-shot prompting" to ensure the LLM understands the nuances of a test plan, thereby reducing hallucinations and ensuring the generated test cases are actionable, relevant, and compliant with the project’s quality gates.
A
Explanation
As Generative AI becomes integrated into the software testing lifecycle, the role of the tester shifts from manual authoring to the "orchestration" of AI models. Mastering prompt engineering is the primary competency required to effectively steer LLMs. Prompt engineering involves the deliberate design of inputs― incorporating roles, context, instructions, and constraints―to elicit the most accurate and "on-policy" outputs from the model. In a testing context, "on-policy" refers to testware that adheres to organizational standards, security protocols, and specific project requirements. While technical skills like network configuration or low-level programming (Options B, C, and D) are valuable in specific engineering domains, they do not directly influence the communicative interface between the human and the AI. A tester proficient in prompt engineering can utilize techniques like "Chain-of-Thought" or "Few-shot prompting" to ensure the LLM understands the nuances of a test plan, thereby reducing hallucinations and ensuring the generated test cases are actionable, relevant, and compliant with the project’s quality gates.
Question #8
Consider applying the meta-prompting technique to generate automated test scripts for API testing. You need to test a REST API endpoint that processes user registration with validation rules.
Which one of the following prompts is BEST suited to this task?
- A . Role: Act as a test automation engineer with API testing experience. | Context: You are verifying user
registration that enforces field and format validation. | Instruction: Generate pytest scripts using requests for both positive (valid) and negative (invalid email, weak password, missing fields) cases. | Input Data: POST /api/register with validation rules for email and password length. | Constraints: Include fixtures, clear assertions, and naming consistent with pytest. | Output Format: Return complete Python test files. - B . Role: Act as a test automation engineer. | Context: You are creating tests for a registration endpoint. |
Instruction: Generate Python test scripts using pytest covering both valid and invalid inputs. | Input
Data: POST /api/register with email and password. | Constraints: Follow pytest structure. | Output
Format: Provide scripts. - C . Role: Act as an automation tester. | Context: You are validating an API endpoint. | Instruction: Generate
Python test scripts that send POST requests and validate responses. | Input Data: User credentials. |
Constraints: Include basic scenarios with asserts. | Output Format: Provide organized scripts. - D . Role: Act as a software engineer. | Context: You are testing registration logic. | Instruction: Create
Python scripts to verify endpoint behavior. | Input Data: POST /api/register with test users. |
Constraints: Add checks for status codes. | Output Format: Deliver functional scripts.
Correct Answer: A
A
Explanation
Option A is the superior choice because it strictly adheres to the structured prompting pattern recommended in the CT-GenAI syllabus. This pattern divides the prompt into six distinct components: Role, Context, Instruction, Input Data, Constraints, and Output Format. By specifying the Role (Senior Test Automation Engineer), the model accesses relevant technical knowledge. The Instructionis specific about using pytest and the requests library, and it explicitly lists both positive and negative scenarios. Most importantly, the Constraints section provides the necessary "guardrails" for the code structure, such as the use of fixtures and clear assertions. Options B, C, and D are increasingly vague and fail to provide the model with the necessary technical boundaries to produce "production-ready" testware. Structured prompting reduces the "probabilistic drift" of the model, ensuring the output is not just functional code, but a script that follows industry-standard testing patterns (like modularity and clean naming conventions), making it directly usable within a CI/CD pipeline.
A
Explanation
Option A is the superior choice because it strictly adheres to the structured prompting pattern recommended in the CT-GenAI syllabus. This pattern divides the prompt into six distinct components: Role, Context, Instruction, Input Data, Constraints, and Output Format. By specifying the Role (Senior Test Automation Engineer), the model accesses relevant technical knowledge. The Instructionis specific about using pytest and the requests library, and it explicitly lists both positive and negative scenarios. Most importantly, the Constraints section provides the necessary "guardrails" for the code structure, such as the use of fixtures and clear assertions. Options B, C, and D are increasingly vague and fail to provide the model with the necessary technical boundaries to produce "production-ready" testware. Structured prompting reduces the "probabilistic drift" of the model, ensuring the output is not just functional code, but a script that follows industry-standard testing patterns (like modularity and clean naming conventions), making it directly usable within a CI/CD pipeline.
Question #9
Which statement BEST contrasts interaction style and scope?
- A . Chatbots enable conversational interactions; LLM apps provide capabilities for defined test tasks.
- B . Chatbots enforce fixed workflows; LLM apps support free-form exploration beneficial for software testing
- C . Chatbots require API integration; LLM apps do not.
- D . Both are identical aside from UI theme.
Correct Answer: A
A
Explanation
It is important to distinguish between a general-purpose Chatbot and a specialized LLM application within a testing framework. A chatbot is primarily designed for multi-turn, conversational interactions where the user can ask questions and receive answers in a natural language format. While useful for general queries, it often lacks the specialized workflow integration needed for rigorous testing. Conversely, LLM applications (or "LLM-powered tools") are built with a specific "scope" in mind, such as automated test generation, code analysis, or requirement mapping. These applications often use the LLM as an underlying engine but surround it with specific UI components, data connectors (like RAG), and fixed task-oriented prompts to achieve a defined testing outcome. While chatbots are "free-form," LLM apps are "capability-driven." This distinction is key for organizations defining a GenAI strategy; simply providing a chatbot to testers is rarely sufficient. Instead, organizations should develop or adopt LLM applications that integrate directly into the CI/CD pipeline and provide structured, actionable test artifacts that support defined quality engineering tasks.
A
Explanation
It is important to distinguish between a general-purpose Chatbot and a specialized LLM application within a testing framework. A chatbot is primarily designed for multi-turn, conversational interactions where the user can ask questions and receive answers in a natural language format. While useful for general queries, it often lacks the specialized workflow integration needed for rigorous testing. Conversely, LLM applications (or "LLM-powered tools") are built with a specific "scope" in mind, such as automated test generation, code analysis, or requirement mapping. These applications often use the LLM as an underlying engine but surround it with specific UI components, data connectors (like RAG), and fixed task-oriented prompts to achieve a defined testing outcome. While chatbots are "free-form," LLM apps are "capability-driven." This distinction is key for organizations defining a GenAI strategy; simply providing a chatbot to testers is rarely sufficient. Instead, organizations should develop or adopt LLM applications that integrate directly into the CI/CD pipeline and provide structured, actionable test artifacts that support defined quality engineering tasks.
Question #10
Which factor MOST influences the overall energy consumption of a Generative AI model used in software testing tasks?
- A . The number of tokens processed directly determines the carbon intensity of each query
- B . The location of the data center determines model bias and accuracy levels
- C . The duration of user sessions primarily affects latency but not power efficiency
- D . The type of cloud platform affects processing speed but not total energy draw
Correct Answer: A
A
Explanation
The environmental impact and sustainability of AI are increasingly important considerations in software engineering. The overall energy consumption of an LLM during inference (when the model is actually being used by a tester) is most directly influenced by the number of tokens processed. Every token generated or analyzed requires a massive amount of floating-point operations within the GPU clusters of a data center. Therefore, the "length" of the input prompt and the "length" of the AI’s response are the primary drivers of the power draw and, consequently, the carbon intensity of the query. This is a crucial concept for "Green AI" initiatives in testing; more efficient prompting―such as avoiding unnecessarily verbose context or limiting output lengths―can lead to more sustainable testing practices. While data center location (Option B) affects the type of energy used (renewable vs. fossil fuel), it does not determine the model’s accuracy. Similarly, while cloud platforms (Option D) and session durations (Option C) play roles in operational logistics, the mathematical workload tied to token count remains the fundamental unit of energy expenditure in Generative AI.
A
Explanation
The environmental impact and sustainability of AI are increasingly important considerations in software engineering. The overall energy consumption of an LLM during inference (when the model is actually being used by a tester) is most directly influenced by the number of tokens processed. Every token generated or analyzed requires a massive amount of floating-point operations within the GPU clusters of a data center. Therefore, the "length" of the input prompt and the "length" of the AI’s response are the primary drivers of the power draw and, consequently, the carbon intensity of the query. This is a crucial concept for "Green AI" initiatives in testing; more efficient prompting―such as avoiding unnecessarily verbose context or limiting output lengths―can lead to more sustainable testing practices. While data center location (Option B) affects the type of energy used (renewable vs. fossil fuel), it does not determine the model’s accuracy. Similarly, while cloud platforms (Option D) and session durations (Option C) play roles in operational logistics, the mathematical workload tied to token count remains the fundamental unit of energy expenditure in Generative AI.
1 2