Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25

- Free Preparation Discussions

Amazon Exam AIF-C01 Topic 1 Question 14 Discussion

Actual exam question for Amazon's AIF-C01 exam

Question #: 14
Topic #: 1

[All AIF-C01 Questions]

A company wants to develop a large language model (LLM) application by using Amazon Bedrock and customer data that is uploaded to Amazon S3. The company's security policy states that each team can access data for only the team's own customers.

Which solution will meet these requirements?

ACreate an Amazon Bedrock custom service role for each team that has access to only the team's customer data.

BCreate a custom service role that has Amazon S3 access. Ask teams to specify the customer name on each Amazon Bedrock request.

CRedact personal data in Amazon S3. Update the S3 bucket policy to allow team access to customer data.

DCreate one Amazon Bedrock role that has full Amazon S3 access. Create IAM roles for each team that have access to only each team's customer folders.

Show Suggested Answer

Suggested Answer: A

by Nour Abdelhalim at Oct 28, 2024, 03:52 PM

Limited Time Offer

25%

Off

Get Premium AIF-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Alpha

1 months ago

As an AI language model, I'm a little biased towards Option A. It just seems like the most straightforward way to ensure that each team only has access to their own customer data.

upvoted 0 times

...

Veronique

1 months ago

I think option C could work if we are careful with data redaction.

upvoted 0 times

...

Edwin

1 months ago

Haha, I bet the person who came up with Option B has never actually worked with real customer data. Might as well just put it all on a public website while they're at it!

upvoted 0 times

Lorriane

7 days ago

Yeah, it's better to have strict access control to protect customer data.

upvoted 0 times

...

Sol

8 days ago

Option B does seem a bit risky, specifying customer names on each request could lead to mistakes.

upvoted 0 times

...

Ruth

12 days ago

I agree, giving each team their own custom service role makes sense.

upvoted 0 times

...

Odelia

21 days ago

Option A sounds like the most secure choice.

upvoted 0 times

...

...

Millie

2 months ago

I'm leaning towards option B, it seems more practical.

upvoted 0 times

...

Johana

2 months ago

Redacting personal data? Sounds like a lot of unnecessary work. Why not just give each team the access they need? Option D is the clear winner here.

upvoted 0 times

...

Blondell

2 months ago

I disagree, I believe option D is more secure.

upvoted 0 times

...

Hoa

2 months ago

I like the idea of specifying the customer name in each request - that way, we can keep the roles simple and still maintain the security policy. Option B gets my vote.

upvoted 0 times

...

Martin

2 months ago

Option A seems like the most secure approach. Why would we want to expose customer data to multiple teams? That's just an accident waiting to happen.

upvoted 0 times

Tesha

15 days ago

Let's go with option A to keep customer data safe and secure.

upvoted 0 times

...

Ivette

19 days ago

Having separate roles for each team ensures data privacy and security.

upvoted 0 times

...

Nenita

22 days ago

It's important to limit access to customer data to avoid any potential breaches.

upvoted 0 times

...

Erasmo

26 days ago

I agree, option A is the best choice for security.

upvoted 0 times

...

...

Sylvia

2 months ago

I think option A is the best choice.

upvoted 0 times

...

az-700 pass4success az-104 200-301 200-201 cissp 350-401 350-201 350-501 350-601 350-801 350-901 az-720 az-305 pl-300

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77