Scoping Blast Radius When You Give Agents Write Access

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-agentic-agent-blast-radius-scoping-creators

1. What does 'blast radius' refer to when configuring an agent's write access?

   1. The time window before an agent's session expires
   2. The potential scope of damage or unintended changes an agent could cause
   3. The maximum amount of computational resources the agent can consume
   4. The physical distance between the agent server and the resources it manages

2. According to the principle of least privilege, what level of access should an agent receive?

   1. The minimum access required to perform its specific intended function
   2. Access that can be escalated as needed during execution
   3. Access equal to the user who created the agent
   4. Full administrative access to ensure the agent can complete any task

3. What is the primary security benefit of using scoped credentials for agents?

   1. They limit what resources the agent can access to a specific subset
   2. They provide encrypted communication channels
   3. They generate detailed audit logs of all actions
   4. They automatically rotate passwords every 24 hours

4. What is the purpose of a 'dry-run' mode for agent tools?

   1. To train the agent on a smaller dataset before production use
   2. To test the network connectivity between the agent and target systems
   3. To execute actions without making permanent changes and show what would happen
   4. To measure how long an action will take before executing it for real

5. Which task can an AI system reliably perform when setting up agent permissions?

   1. Enforcing the configured permission boundaries at runtime
   2. Deciding the organization's access control policy
   3. Auditing whether the provisioned principal matches the intended scope
   4. Automatically generating appropriate scoped credentials

6. When evaluating whether to enable a new tool for an agent, what question should you ask FIRST?

   1. Does the tool have good documentation?
   2. Can the tool's effects be reversed if something goes wrong?
   3. What programming language is the tool written in?
   4. How many other agents are already using this tool?

7. Why are short-lived credentials preferred over long-lived API keys for agent access?

   1. They provide faster authentication response times
   2. They reduce the window of exposure if credentials are compromised
   3. They require less memory to store and manage
   4. They automatically encrypt all data in transit

8. What security risk does 'privilege escalation through chained tools' describe?

   1. An agent that runs faster when given more computational resources
   2. An agent that automatically retries failed operations with increasing permissions
   3. Multiple agents coordinating to complete a task faster than a single agent
   4. A sequence of tools where each individually has limited access but combined can reach protected resources

9. Why can't an AI system replace a real Identity and Access Management (IAM) model?

   1. IAM requires integration with actual identity providers and enforcement points
   2. IAM models are not compatible with agent architectures
   3. AI systems cannot handle user authentication
   4. AI is too slow to make access decisions in real-time

10. What is the 'blast radius' of an agent running with an administrator's full access token?

    1. Equal to everything the administrator can modify
    2. Only affects resources the agent explicitly touches
    3. Limited to read-only operations
    4. Zero, because admins are trusted

11. When adding a new tool to an agent, you must determine which of the following BEFORE enabling it:

    1. The geographical location of the tool's servers
    2. What resources the tool can modify and whether changes are reversible
    3. The tool's user interface design
    4. The number of lines of code in the tool

12. Can an agent's credential scope be limited to a single tenant or project?

    1. Only if the agent uses OAuth authentication
    2. No, credentials always apply to the entire organization
    3. Yes, scoped credentials can be limited to specific tenants or projects
    4. Only for read operations, not writes

13. What does it mean to 'log the resource set the agent touched'?

    1. Tracking which specific resources were modified by the agent's actions
    2. Measuring how much data the agent transmitted during its session
    3. Documenting which developers wrote the code for the agent's tools
    4. Recording which users accessed the agent's output

14. Why is provisioning a separate, narrower principal better than using an existing admin account for an agent?

    1. It automatically backs up all changes the agent makes
    2. It follows least privilege by giving only necessary permissions
    3. It makes the agent immune to security audits
    4. It allows the agent to run faster

15. Which statement accurately describes what AI CANNOT do regarding agent security policy?

    1. AI cannot decide access control policy for your organization
    2. AI cannot authenticate users to the system
    3. AI cannot process natural language queries
    4. AI cannot generate any code for agent tools