AWS Certified Cloud Practitioner

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

A company wants to use a large language model (LLM) to develop a conversational agent. The company needs to prevent the LLM from being manipulated with common prompt engineering techniques to perform undesirable actions or expose sensitive information. Which action will reduce these risks?

Exam-Like

Community

RRitesh

Last updated: December 8, 2025 at 19:13

Create a prompt template that teaches the LLM to detect attack patterns.

Increase the temperature parameter on invocation requests to the LLM.

Avoid using LLMs that are not listed in Amazon SageMaker.

Decrease the number of input tokens on invocations of the LLM.

Explanation:

Explanation

Correct Answer: A

Creating a prompt template that teaches the LLM to detect attack patterns is the most effective approach to mitigate prompt injection attacks and manipulation attempts.

Why Option A is Correct:

Prompt Engineering Defense: A well-designed prompt template can include instructions that help the LLM recognize and reject malicious inputs, such as prompt injection attempts, jailbreak attempts, or attempts to extract sensitive information.
Proactive Security: This approach addresses the root cause by training the LLM to identify attack patterns rather than just limiting functionality.
Industry Best Practice: Many organizations implement prompt templates with security guardrails to prevent LLM manipulation.

Why Other Options Are Incorrect:

Option B: Increase the temperature parameter

Temperature controls randomness in LLM responses (higher = more random, lower = more deterministic)
Increasing temperature makes responses more varied but doesn't prevent prompt injection attacks
May actually increase risk by making the LLM more unpredictable

Option C: Avoid using LLMs not listed in Amazon SageMaker

Amazon SageMaker is an AWS machine learning service, but using SageMaker-listed models doesn't inherently protect against prompt engineering attacks
The security issue is in how the LLM is used, not which platform hosts it
Many secure and insecure LLMs can be deployed on various platforms

Option D: Decrease the number of input tokens

Limiting input tokens may restrict some complex attacks but doesn't address fundamental prompt injection vulnerabilities
Attackers can craft effective prompt injections within token limits
This approach reduces functionality without providing meaningful security

Additional Security Recommendations:

Input Validation: Implement robust input validation and sanitization
Output Filtering: Filter and monitor LLM outputs for sensitive information
Rate Limiting: Implement rate limiting to prevent automated attacks
Monitoring: Continuously monitor for unusual patterns in LLM interactions
Regular Updates: Keep prompt templates updated as new attack techniques emerge

Powered ByGPT-5.2

Comments

Loading comments...