ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified AI Practitioner AIF-C01 All Questions

View all questions & answers for the AWS Certified AI Practitioner AIF-C01 exam
Go to Exam

Exam AWS Certified AI Practitioner AIF-C01 topic 1 question 9 discussion

Exam question from Amazon's AWS Certified AI Practitioner AIF-C01
Question #: 9
Topic #: 1
[All AWS Certified AI Practitioner AIF-C01 Questions]

A company wants to create a chatbot by using a foundation model (FM) on Amazon Bedrock. The FM needs to access encrypted data that is stored in an Amazon S3 bucket. The data is encrypted with Amazon S3 managed keys (SSE-S3).
The FM encounters a failure when attempting to access the S3 bucket data.
Which solution will meet these requirements?

  • A. Ensure that the role that Amazon Bedrock assumes has permission to decrypt data with the correct encryption key.
  • B. Set the access permissions for the S3 buckets to allow public access to enable access over the internet.
  • C. Use prompt engineering techniques to tell the model to look for information in Amazon S3.
  • D. Ensure that the S3 data does not contain sensitive information.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by tccusa at Nov. 3, 2024, 11:26 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jessiii
2 weeks, 6 days ago
Selected Answer: A
Amazon S3 managed keys (SSE-S3) encrypt your data using an Amazon-managed key, and to access this encrypted data, the IAM role that the service (in this case, Amazon Bedrock) assumes must have the appropriate permissions to decrypt the data. This includes permissions to read the object from the S3 bucket and decrypt it using the SSE-S3 encryption key.
upvoted 1 times
...
Moon
2 months ago
Selected Answer: A
A: Ensure that the role that Amazon Bedrock assumes has permission to decrypt data with the correct encryption key. Explanation: When data in an Amazon S3 bucket is encrypted using SSE-S3 (Server-Side Encryption with Amazon S3 managed keys), the IAM role used by the application (in this case, Amazon Bedrock) must have permissions to access and decrypt the data. Assigning the correct permissions to the role ensures that the Foundation Model (FM) can access the encrypted data.
upvoted 2 times
...
kyo
2 months, 3 weeks ago
Selected Answer: A
>Permissions to decrypt your AWS KMS key for your data sources in Amazon S3 https://docs.aws.amazon.com/ja_jp/bedrock/latest/userguide/encryption-kb.html
upvoted 2 times
...
87ebc7d
3 months ago
Selected Answer: A
None of the options are correct. To retrieve an object encrypted via SSE-S3, you just need GetObject permission. If I had this question on the exam, I'd be ticked.
upvoted 2 times
djeong95
1 month, 1 week ago
You are correct. This is a bad question. Anyone with AWS would know what you don't need to do Answer A for SSE-S3. You need to do this for SSE-KMS. Read the fine print below. Bad. Bad. https://docs.aws.amazon.com/bedrock/latest/userguide/encryption-kb.html https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingServerSideEncryption.html
upvoted 1 times
...
...
elf78
3 months, 1 week ago
A) The correct Answer! B) Not a security best practice. never open the access to public! C) Has nothing to do with security D) Doesn't solve the access permission issue
upvoted 1 times
...
tgv
3 months, 2 weeks ago
Selected Answer: A
A - all the way.
upvoted 1 times
...
jove
3 months, 4 weeks ago
Selected Answer: A
A for sure
upvoted 2 times
...
tccusa
4 months ago
Selected Answer: A
Permissions issue
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago