CompTIA AI Essentials — Preparing for the SecAI+ Path

This lab supports the CompTIA AI Essentials certification objectives and prepares students for the SecAI+ career path. The table below maps each task to the corresponding learning domains.

Task/Major ConceptDescriptionAI Essentials DomainSecAI+ Relevance
Task 1: AI FundamentalsDefine AI, ML, DL, and generative AI; understand AI types and capabilitiesAI Concepts & Terminology1.1 Compare and contrast types of AI
Task 2: How AI Models WorkExplore training data, parameters, inference, and model architecturesAI Concepts & Terminology

1.1 Compare and contrast types of AI

1.3 AI system life cycle

Task 3: Prompt Engineering BasicsMaster purpose, context, persona, and constraint-based promptingGenerative AI & Prompt Engineering2.1 Secure AI development
Task 4: Advanced Prompt TechniquesImplement few-shot, chain-of-thought, and system prompt strategiesGenerative AI & Prompt Engineering

2.1 Secure AI development

3.1 Prompt injection awareness

Task 5: Output VerificationDetect hallucinations, verify factual accuracy, cross-reference outputsAI Output Evaluation2.5 Monitoring AI systems
Task 6: Conversational AIBuild multi-turn conversations, manage context, implement chat loopsPractical AI Applications2.1 AI application security
Task 7: Responsible AI & EthicsExplore bias, fairness, transparency, and ethical AI principlesResponsible AI Use4.1 AI governance structures
Task 8: Data Privacy & SecurityHandle PII, implement data governance, understand AI data risksBalancing Innovation & Privacy

1.2 Data security

4.2 AI risks

Task 9: Practical AI Use CasesApply AI to business, productivity, and real-world scenariosPractical AI ApplicationsCross-domain application
Task 10: AI in CybersecurityUse AI for threat detection, security analysis, and the SecAI+ pathFuture Trends & Cybersecurity

3.1 Attack vectors

4.1 Governance

Overview

Artificial intelligence (AI) is transforming every aspect of technology, business, and cybersecurity. The CompTIA AI Essentials certification validates foundational AI knowledge that is critical for anyone entering the AI-enhanced cybersecurity field. This lab provides a comprehensive, hands-on learning experience using local large language models (LLMs) via Ollama, giving you practical experience with the same types of AI systems you will encounter in production environments. By completing this lab, you will build the foundational knowledge required to pursue the CompTIA SecAI+ (CY0-001) certification, which focuses on securing and defending AI systems.

The lab is organized into ten progressive tasks that mirror the CompTIA AI Essentials exam domains. You will begin with foundational AI concepts and model mechanics, progress through prompt engineering and output verification, explore responsible AI and data privacy, and conclude with a capstone task that applies AI to real cybersecurity scenarios. Each task uses the qwen2.5:1.5b and SmolLM2 family of models running locally on Ubuntu via Ollama, ensuring all data stays on your machine—a key principle in AI security.

VM Credentials

Username: student

Password: student

Courses

Key terms and descriptions

Artificial Intelligence (AI)
The broad field of computer science focused on creating systems capable of performing tasks that typically require human intelligence, such as reasoning, learning, and problem-solving
Machine Learning (ML)
A subset of AI where systems learn patterns from data to make predictions or decisions without being explicitly programmed for each scenario
Deep Learning (DL)
A subset of ML that uses artificial neural networks with multiple layers to model complex patterns in large datasets (e.g., image recognition, language understanding)
Generative AI (GenAI)
AI systems that create new content (text, images, code, audio) based on patterns learned from training data, rather than simply classifying or predicting
Large Language Model (LLM)
A type of generative AI model trained on massive text datasets that can understand and generate human language (e.g., GPT, LLaMA, Qwen)
Prompt
The input text or instruction given to an AI model to generate a response. The quality of the prompt directly affects the quality of the output.
Prompt Engineering
The practice of crafting effective prompts to elicit accurate, relevant, and useful responses from AI models through techniques like context setting, persona assignment, and constraint specification
Hallucination
A phenomenon where an AI model generates plausible-sounding but factually incorrect, fabricated, or nonsensical information with apparent confidence
Inference
The process of running a trained AI model to generate predictions or outputs from new input data (as opposed to training)
Training Data
The dataset used to teach an AI model patterns, relationships, and knowledge during the training phase
Parameters
The internal variables of an AI model that are learned during training and determine the model's behavior (e.g., 1.5 billion parameters in qwen2.5:1.5b)
Token
The basic unit of text processing for LLMs—typically a word, subword, or character that the model reads and generates
Context Window
The maximum amount of text (measured in tokens) that an AI model can process in a single interaction, including both input and output
Temperature
A parameter controlling the randomness of AI output: lower values (0.1) produce more deterministic responses, higher values (1.0) produce more creative/varied responses
Few-Shot Learning
A prompting technique where examples are provided within the prompt to guide the model's behavior without retraining
Chain-of-Thought (CoT)
A prompting technique that instructs the model to show its reasoning process step-by-step, improving accuracy on complex tasks
System Prompt
A special instruction that sets the model's role, behavior, and constraints for an entire conversation, typically hidden from the end user
Shadow AI
The unauthorized use of AI tools by employees without organizational approval, creating uncontrolled data exposure and compliance risks
AI Governance
The frameworks, policies, and practices that guide the responsible development, deployment, and use of AI systems within an organization
Responsible AI
The practice of designing, developing, and deploying AI systems in an ethical, fair, transparent, and accountable manner