CT-GenAI Exam Dumps - ISTQB Certified Tester Testing with Generative AI (CT-GenAI) v1.0

Prompt Chainingis a technique where a complex task is decomposed into several smaller, sequential steps, where the output of one step serves as the context or input for the next. This is far more reliable than a "one-shot" approach (Option A) because it reduces the cognitive load on the LLM and allows for intermediate verification. In the scenario of test analysis, the most logical and effective chain begins by extracting discretetest conditionsfrom the raw requirements. Once these conditions are established, the next "link" in the chain is toprioritize them based on risk(impact and likelihood), which requires the model to reason specifically about the importance of each condition. The final step is tomap these prioritized conditions back to the original requirementsto identify any "coverage gaps." This systematic flow (Option B) mirrors the professional test analysis process defined in the ISTQB/CT-GenAI standards. By following this sequence, the tester ensures that the AI-generated output is logically derived and thorough, providing a clear "audit trail" from the initial requirement to the final prioritized test suite.

Tokenizationis the foundational process by which an LLM breaks down raw text into smaller, manageable units called "tokens." These tokens can represent individual words, parts of words (sub-words), or even punctuation marks. This is a critical step because LLMs do not "read" words like humans do; they process numerical representations of these tokens. The way text is tokenized directly impacts the model's efficiency and its ability to understand complex technical terminology used in software testing. For example, a rare technical term might be broken into several sub-word tokens. This process is closely linked to theContext Window(Option C), which is the maximum number of tokens a model can "remember" or process at one time. WhileEmbeddings(Option B) are the numerical vectors that represent the meaning of these tokens, and theTransformer(Option A) is the underlying architecture that processes them, tokenization is the specific mechanism for initial text decomposition. Understanding tokenization is vital for testers when managing long requirement documents to ensure they do not exceed the model's limits.

Hallucinations—where an LLM generates factually incorrect or nonsensical information—occur primarily when the model lacks sufficient specific information and "fills in the gaps" using probabilistic patterns from its training data. The most effective mitigation strategy is "grounding," which involves providing the model with detailed, project-specific context. By including technical specifications, existing API schemas, business rules, and identified constraints within the prompt, the tester restricts the model’s operational space to the "project realities." This ensures the model does not have to guess or improvise details about the System Under Test (SUT). In contrast, randomizing prompts (Option B) or relying on generic examples (Option C) increases the likelihood of inconsistent and inaccurate outputs. Furthermore, using "longer" or higher temperature settings (Option D) actually encourages creativity and randomness, which is the opposite of the precision required for testing and significantly increases the risk of hallucinations. Therefore, rich contextual grounding is the technical foundation for reliable AI-assisted test analysis.

In professional Generative AI applications, thesystem prompt(sometimes called the system message) is the foundational set of instructions that defines the AI's persona, boundaries, and overall behavior. In a testing workflow, this is typically defined by atester or test engineerwho is configuring the AI assistant for a specific project. Unlike the user prompt, which changes with every interaction, the system prompt remains relatively static and acts as a "guardrail" to ensure the model stays in its role (e.g., "You are an expert in ISO 26262 automotive testing standards"). By defining the system prompt, the tester ensures that the model consistently uses specific terminology, adheres to data privacy constraints, and formats its output according to the team's requirements. While end users (Option B) provide the task-specific input, they do not usually have the permissions or technical need to alter the underlying system-level instructions. Similarly, while CI servers (Option C) might trigger the prompt, they do not "define" the human-centric logic contained within it. Properly crafting the system prompt is a core part of setting up an AI-augmented test environment.

This scenario describes a specialized form ofData Exfiltration(specifically targeting the model's internal "weights" or training memory). While data exfiltration usually refers to stealing data from a database, in the context of LLMs, it can also refer to techniques that force the model to "reveal" sensitive information it was trained on or data that exists within its current context window. By using long, repetitive, or specifically "crafted" prompts to overwhelm the model's normal attention mechanisms or safety filters, an attacker may cause the model to output verbatim snippets of proprietary information, PII, or internal documentation that should have remained confidential. This is different fromRequest Manipulation(Option D), which aims to change the model's behavior, orData Poisoning(Option A), which happens during training. In testing, this risk is high when models are fine-tuned on private company repositories. Testers must be aware that if a model is accessible to unauthorized users, those users might use adversarial prompting techniques to extract sensitive code or business logic through these types of data leakage attacks.