Q22 — AWS AIF-C01 Ch.3
Question 22 of 100 | ← Chapter 3
A company has designed a public chatbot powered by a large language model (LLM). The company is concerned about prompt injection attacks and wants to implement defenses against them. Which strategy most effectively prevents various types of prompt injection attacks?
- A. Write a system prompt describing topics users may ask about
- B. Use content filters to block inappropriate behavior and avoid criminal activity
- C. Use word filters to block keywords commonly associated with prompt injection attacks
- D. Use salted sequence tags to wrap instructions, such as (tag123) ✓
Correct Answer: D. Use salted sequence tags to wrap instructions, such as (tag123)
Explanation
Preventing prompt injection attacks requires ensuring malicious users cannot easily predict or construct inputs that trigger system vulnerabilities. Option A restricts user topics but does not prevent bypasses via crafted inputs. Option B is a general content-level filter, not designed for instruction-level protection. Option C blocks known attack keywords but is easily evaded via synonym substitution or obfuscation. Option D—using salted sequence tags—adds unpredictability and makes it significantly harder for attackers to reconstruct or manipulate instructions, offering stronger defense against diverse prompt injection techniques.