I passed CompTIA SecAI+ (Section 1 Explanations)

Added: 2026-05-25

[00:00:02]Hello, my name is Ibuka and I'm making this video to actually share my first exciting journey with the Comtia SE AI Plus. So, I wrote this exam today and I passed the CompTIA SE AI plus exam. This exam has like um 54 questions and I wrote um in a center in 60 minutes. So um I know people might ask what is the difficulty of this exam? This exam is fairly um this exam is fairly uh medium difficulty and especially for me in the domain of um LLM or AI enabled security. First of all, I'm a PhD student and my focus is in large language model security and also the use of LLMs for um network security. So I found this um D certification journey to be very relevant for me to see how the industry appreciates AI security and as well um um the the governance aspect to AI security. So um who is this exam for?

[00:01:21]This exam is essentially for people who are solution architects, those that are um developers, softwares and security engineers. This exam is for you or this journey is for you to experience. And um what is inside the exam? So the first thing here is uh the exam has 17% for AI related cyber security AI basic AI concepts in cyber security and the exam also covers um security of AI systems that's about 40% and then AI assisted security 24% and then AI governance risks and compliance having 19%. So um I'm essentially going to be um sharing um my little knowledge in this domain and also sharing um the foundational um classes and also the exam prep um classes that can help anyone who wants to get the CompTIA security um certificate or knowledge. So this is what the subcomi and exam objective covers. So just like I said it has those uh four casers in 17 14 24 and 19% respectively and um it has um a very um granular coverage of um each uh each of the four topics. So for example um uh for the basic AI concept related to cyber security the the the course or the certification uh explains or expect candidates to understand types of AI model training techniques uh that's this one and then prompt engineering techniques as well. So these questions I saw some of these questions in the exam today not just these ones I also saw the importance of data security when it comes to AI all of these questions some of them like you know um questions that actually you know um lead to another question and you know like the situation where you answer question one and then question four snitches the the answer so you find the answer of question one from four so that's an interesting thing that I saw today I saw during in the exam and also um there's another aspect to the course as well the the governance and life cycle aspect of the exam. So um the exam also expects candidates to have the knowledge or be able to explain or profess solutions to a importance of security throughout the life cycle of AI. AI is a very hot topic to ignore without talking about security. So we use chachipity in workplaces, in medical situations, in transportation systems, in even cyber security domains. But this the security and the security aspect of the data ingested and the deployment of the model itself, there are so many components that necessitates uh this computer security exams. So having explained this, I wouldn't just um stop here. I would also like to share um a few concepts about um these basic AI concept related to cyber security.

[00:04:57]So let's go to the first class. So um let's start with the the the concept of AI.

[00:05:06]The hottest topic right now is this agentic AI. Everybody's talking about agentic AI. You know, agentic AI is the biggest umbrella that we have right now.

[00:05:18]So, agentic AI talks about multiple agents, one or two or more agents. Since one agent is not enough to do everything within the domain of cyber security, multiple agents can fuse together to proactively decide and execute um um tax within the cyber security domain autonomously. So this covers the hottest stem right now of aentic AI. And then when it comes to artificial intelligence, this is the goal. AI is the broad field and the big goal. Right?

[00:05:52]So AI here is the ability of um of of intelligent systems to mimic human understanding, you know, to make human nature and then and have that intelligence that can learn from data and then you know um assume the same intelligence or the similar intelligence you know related to to humans. So AI is the big goal and many people are confused what is the difference between AI and machine learning and deep learning and agentic AI that's why I have this chart. So this chart tries to explain you know those uh those distinctions even in the exam you know those u those distinctions will be required you know. So here we have um AI which I have explained then machine learning. So machine learning is is a subset of AI. Machine learning uses algorithms both nature inspired algorithms um from nature both um traditional classifiers and you know um regressors and other kinds of classifiers to you know predict the future of um based on the imped that is fed. So I will explain more in in this in this video as well. And then we have deep learning. So deep learning is essentially trying to you know learn um um um deep features from impute data and then have a deep layer and then the final output which you know which will help to predict or classify any cyber security tax or any kind of tax. And then we have natural language processing. Natural language processing essentially learns from um or interprets uh um data from natural language. So if I said um the a uh a dog right it reads both each character or each letter and then processes it you know to solve the main problems. So when we give all these large language models or all these AI algorithms you know information NLP is also involved and each component you don't need to actually know a lot of a lot of these um um big domain but you actually need to know the distinction for the exams and then SEC AI here is aimed towards using bridging the cyber security goals with AI goals. So the intersection of cyber security with AI is what SE AI or what I assume SE AI wants to cover or intends to cover. So like I said AI is the broad field and the big goal and machine learning is a subset of AI. What are some types of u machine learning? So let's look at some types of machine learning. The first one is supervised um machine learning um techniques or supervised machine learning. Supervised machine learning here even in the exam will be asked is just like a supervisor, a school supervisor, a class supervisor, a work supervisor, you know, it's already learned from label data. So you don't need to do too much. The data is already labelled. For example, um medical data, you know, you have cancer cancer images and they label it cancer in malware or cyber security core domain, right? If you have like malware samples, they label the data and that's explains supervised techniques. The supervised techniques are machine learning techniques that work or that integrated with label data. The next one is the unsupervised methods. So unsupervised methods use on label data.

[00:09:52]Right? And then the third part is reinforcement techniques or reinforcement learning. Right? So we have the supervised unsupervised and reinforcement learning. Right?

[00:10:02]Unsupervised use on labor data while reinforcement learning uses a rewardbased method such that the agent learns from a reward just like a chicken. If you keep three grains of chicken, right, it comes and then you know you can keep another grain and then he learns that you always keep this grain at this time of the day or maybe 7:00 a.m. every morning you drop some grains. So, he learns that, oh, um, this guy is about dropping another grain by 7:00 a.m. tomorrow. And then you see the chicken comes, um, by 7:00 a.m. every day for the next or for however long it may leave. So, that's reinforcement learning, teaching the model to learn based on reward. Oh, if you do well, I'm going to I'm going to I'm going to give you a good grade. So, the reward there is um the good grade, right? And the same with um any kind of data that is being fed to a machine learning model.

[00:11:04]What type of model should I choose? So based on this understanding if your organization is positioned or or has the option to use labelled, unlabelled or reward based situations. you can now decide and discuss and you know accept a a a model technique based on the data availability that is usually available for the for the company in the exam they also ask about some very important things who is responsible who is responsible for um the data that is fed to the model.

[00:11:51]So the one that is responsible for the data fed to the model is the data engineer. The data engineer is responsible for pre-processing the data before it gets into the AI or the machine learning model. So that aside you know the the the data will be processed and then you know maybe for example you have like some and n values or you have some decimal points you don't need or you have some images you need to crop out or you have some noisy imisy data. So the data engineer within the machine learning um process or within the ML M oh let me write this M L O PS um phase is responsible you know you know for for pre-processing making sure that the data is clean before it's fed to the model.

[00:12:50]So what's maximizations go like we already said and then we we can now say that what algorithms are needed. So we can choose our algorithms based on the type of machine learning technique. So here if it is unsupervised right if the if the data is labelled no so you use an unsupervised algorithm but if the data is labelled you use a supervised algorithm. So this explains what algorithm may be needed you know for what ML algorithm right what machine learning algorithm is needed right is based on the nature of the data so let's go into the core um discussion of um the sec AI exam which also tries to talk about uh ML ops MLOps. So MLOps is essentially machine learning development and the operational systems that follow or the operational you know activities that follow the the DevOps life cycle. So is the is where the ML engineer is integrated is incorporated his skills his relevance and his his um his um experience is integrated into the um into integrating a machine learning or an AI system into an organization. So this is this is this is what it is you know this explains an ML ops right. So what are the phases here? We use um the first phase which is a design phase. First we need to find out the requirements. What are the requirements of the of the what is the requirement for let's pick an example of you know cancer detection.

[00:14:51]A healthcare company wants to collect images and then you know predict cancer or classify cancer images. So we have to find out the requirements of such engineering processes. What is the ML use case? Right? And then what is the data that is available? So this is the design phase. So this helps you know in actualizing or finalizing the design phase. The next is the model development because now we have the data. We can now you know go into the um model development phase. During the model development phase is where I mention that the data engineer will make sure that the data is clean before it's fed into the model. And then the ML model engineering involves the choice of model the choice of the algorithm or the model that you use. So and then after engineering the model we go to the next phase which is called model testing and validation. Before we deploy your model publicly or before your model is being used you know publicly you have to test for example is what we call overfeitting. So the model can perform locally on um the data that you've used in your organization or your organization's data. But when you send the model to to the public or when the model has seen a lot of um a lot of lot of integration and interaction, it now overfits. The model only learned based on your data of the organization, but it did not learn well, you know, for for public or general use. So that's um why we need this phase which is called model testing and validation. For the operations, we also have the ML model deployment. When we deploy the model, we have a continuous integration and continuous development CI/CD pipeline that ensures that the model is being um adaptable to the current situation or against model drift. So um it's also in the exam.

[00:16:56]So model drift uh is a situation that captures the fact that the model would change its performance over time. So as people use the model the model will drift you know with with with time. So that's why the CI/CD is very important to handling you know model drift and situations. And then finally we have monitoring trigling and eval evals like evaluating the model that has been deployed for example use an AI agent you know and a human in the loop is needed humans right can be needed to ensure that the model's output was actually what was desired for example um I give um I I I I build an agent and this agent is responsible for cancer or medical or spam detection. And then the essence of an eval or monitoring is to observe as a human what came into the model and judge right both you can also judge with another model or another AI system or another LLM right and judge if what came in and what was you know was was was was what what what was the model's output was what you desire or what is the desire of the of the organization or of the deployment.

[00:18:41]So um based on this I will just um highlight a little bit about feature engineering. So model sorry data comes with uh unstructured or structured format. So we have the unstructured images and data here and then we have the structured format. These are the data uh sources. So we extract the features you know into structured data and then the feature can be improved right. For example, if you have um images that are not um very very clean or you can optimize or you can enhance the feature, right? And then construct or reconstruct the the the image and then extract and select the images that you want and then you know have your final data set and then feed into your model. feature engineering within the envelopes um cycle is very very important and so as well in the in the the SEI plus exam you would have some questions that try to cover feature engineering feature essentially talks about the characteristics of the data that you're putting into the model. So features really really matter. Now that we've talked about the features, we'll talk about some um basic methods of uh or basic things such as like classification, clustering and regression. So classification essentially distincts itself from two from two types or from two two um classes, right? So you have like um a binary class, a class that um either maybe this this can be malware, the ones in red might be malware and then the the ones here might be um benign or normal samples, right? So the a classification tax wants to distinguish or distinct itself, you know, from two samples. And then we have the binary class and the multiclass. Binary class talks about just two classes X and Y class or Y and X class or malware or non classes or cancer or non cancer classes. So this is this is what classification talks about. Some of the um classification techniques will require classification algorithms such as logistic regression, support vector machines, K nearest neighbors, decision trees, random forest and even deep learning organism or deep learning algorithms, right? Or deep learning techniques can be used for classification um um goals. So when we classify we we have to check the metrics. How well did the classification um journey or process do? So um we can use accuracy record F1 score. So let me write them down. accuracy, record, F1 score, precision and so many other kinds of uh u metrics that can be used you know to measure you know the performance or the goodness of the classification uh um algorithm. And then we have examples like I mentioned in cancer right in you have in cancer detection we have examples such as uh uh spam detection network traffic classification for example you might have a network traffic of deny of service attacks from you know normal uh network traffic right and then you can measure how well the model did within classification tax.

[00:22:28]So we have clustering. Clustering is also another machine learning technique that distinguishes itself from two or more classes. So here we see that the clustering algorithm separates um within three classes and we use another of each separate clustering um um uh algorithm to distinguish between each class and then we have regression. So regression essentially you know predicts itself sorry predicts the future just talk think about predicting the future you know and then you think about regression. So regression uses continuous value, right? Just like a stock market. Think of a stock market, right? You want to predict what would be, you know, the the price of gold in the next 2 hours, right? So that's a regression tax.

[00:23:22]In a network security domain, you want to predict based on the last hour of network traffic that has come, what would be the nature of the network in the next 1 hour. So this is the goal of regression and it we can now easily go into that exam or go into the SEC AI plus exam with understanding the difference between regression and clustering and classification.

[00:23:52]So um let's talk let's use more use case studies. So this case study was one from my publication during my master's degree where we use an AI an explainable AI technique for network traffic classification. So I'll walk you through the whole pipeline. We assume that an attacker or an attacker will want to compromise the the network and then it will have maybe an attack network traffic and also we can have a VR campus right maybe students using VR network right 1 2 3 and then we can have a a a combination or a clean or unstructured combination of normal which is this one versus um abnormal traffic fed into the the network and then when we have the network right this is before deployment we preprocess the features right of the network after doing that we use a model based on the kind of data that we have here in this kind of data we had a a label data right and then I I'll show at the end of the video example of um a situation where we use uh um a label network traffic data for flation. So we use a a label data you know with an equal or accompanying um um model right. So here we use a deep neural network right and then we can classify the model decision whether the network traffic right or an incoming network traffic is anomaly or a benign network after the model's decision right there's what we call X AI X AI means explainable AI explainable AI essentially uses these um quantitative and qualitative um techniques to interpret the decision of the model. So we want to know how or why should we trust the model's decision. So explainable AI provides confidence and reliability into or for a model's um prediction or how well a model predicted. So that's why we have like X AI here you know to judge the human sorry to judge the model's um decision or the model's classification.

[00:26:33]I hope that this is clear with this brief case study. So this case study you know envelopes or tries to explain you know each component of a typical um use of AI for cyber security or ML for cyber security. In the coming videos that I will be sharing we'll also look at how AI can be used for offensive security because it's also a fundamental component of the second AI plus exam.

[00:27:06]Um before we wrap this side, we'll also talk about um um the anatomy of a deep learning model. I I I was actually surprised for them to ask this question, you know, because we'd be expecting like um maybe fundamental questions about security AI, but one of the questions that that that can come up would be, you know, the impute layer of the model.

[00:27:32]Right? During the course of my study, I saw some of these questions, right? I saw some questions, you know, online and YouTube resources that asks, you know, what is the what is the impute called, right? Or what is the comp after the impute? What do we what do we seeness of of a deep learning model? This anatomy is very important, you know, to understand or to ace the second plus exam. And so let me just explain what is going on here. So we have imputes. A network traffic for example a malware will have imputes and each sample right we have its own weight w1 w2 wn. So these weights are fed into um are combined with a bias right this is the weight plus bias right is fed into the activation layer. We have the input layer. This is the hidden layer. And then we have the output layer.

[00:28:38]Right? The input layer, the hidden layer and then the output layer. That's why deep learning models are kind of referred to as black boxes in sometimes.

[00:28:49]So we have the input, the weights, the bias, the activation and then the output.

[00:28:56]So this is the anatomy of a deep learning model that can come up as well in the exam. Um finally we'll talk about generative AI versus predictive AI versus agentic AI. So generative AI talks about can you create something generative AI in the the domain of offensive security might want to you know can you create a malware? Can you generate a polymorphic malware? A malware that adapts to, you know, any kind of changes or any kind of defense methods. So that's what a generative AI will do to generate, right? And then an agentic AI can agent proactively handle you know a tax without um without um without um supervision. So can agents execute think and plan acts or plan uh cyber security tax you know by themselves and autonomously. So this is the goal of agentic AI and predictive AI talks about what likely is to happen what will happen in the next hour of the network you know so based on this we can think of use cases that fit the nature of um um predictive generative energetic AI. I know that this summary might not be complete for the first part of the course but it gives us an understanding of what what is needed right we need to essentially understand the fundamentals of AI you know if you're into research it might be very very much easier for you if you're into AI research per se but if you're not this is like the fundamentals that will help you or that will help anyone you know to try and you understand what is going on when it comes to AI you know um sec AI plus finally um let's look at uh a typical example of network traffic classification using a neuronet network so this is like a public uh um GitHub repository you know here is where we import uh import the the libraries used for the training you know pandas and all of those uh libraries right and then we have the data set so this data set comprises of network traffic features so we see feeds importance are the traffic features of the network itself and then we now have you know the target um class what we want to target right and then I'll just go over to the model definition itself you know this is where they they they load the model. This model this is the model that they use right and then uh we can see that when the model is fitted they use the cross entropy they use the Adam optimizer and their metrics is the accuracy and then we can see the number of epochs that is trained. Epoch means how long or what is what is the train time you know sorry how long was the model run you know for before final deployment so it was trained for you know 10 epochs these kind of questions also show up in the exam and then we we have to measure the model's performance based on accuracy precision recall and F1 score so this is an example of um um of how AI and network traffic, you know, can be used for um security. So, I've covered like the the basics of the the excuse me of the of the of the chapter one. I can also um my next video I'll also try to explain more concepts within you know this uh domain of of AI um related cyber security. So here we talked about generative AI, excuse me. Yeah, generative AI. We talked about GI. We talked machine learning. We talked about uh deep learning. We didn't talk about transformers. We'll come we'll come back to this.

[00:33:34]We also didn't talk about this. We didn't talk about large language models and small language models. We didn't talk about these ones, right? They will be the focus for for our next class. But we talked about model validation, supervised learning, unsupervised learning, reinforcement learning, right?

[00:33:51]And then um I forgot to mention fine-tuning but um this fine-tuning method comes with its own um batch. So I will talk about fine-tuning and NLP and um in my next video and also talk about prompt engineering to cover the basic AI concept related to cyber security. Thank you for watching and if you have any questions about the SE AI exams, please feel free to reach out or leave a comment. Thank you.