ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Machine Learning - Specialty All Questions

View all questions & answers for the AWS Certified Machine Learning - Specialty exam
Go to Exam

Exam AWS Certified Machine Learning - Specialty topic 1 question 136 discussion

Exam question from Amazon's AWS Certified Machine Learning - Specialty
Question #: 136
Topic #: 1
[All AWS Certified Machine Learning - Specialty Questions]

A library is developing an automatic book-borrowing system that uses Amazon Rekognition. Images of library members' faces are stored in an Amazon S3 bucket.
When members borrow books, the Amazon Rekognition CompareFaces API operation compares real faces against the stored faces in Amazon S3.
The library needs to improve security by making sure that images are encrypted at rest. Also, when the images are used with Amazon Rekognition. they need to be encrypted in transit. The library also must ensure that the images are not used to improve Amazon Rekognition as a service.
How should a machine learning specialist architect the solution to satisfy these requirements?

  • A. Enable server-side encryption on the S3 bucket. Submit an AWS Support ticket to opt out of allowing images to be used for improving the service, and follow the process provided by AWS Support.
  • B. Switch to using an Amazon Rekognition collection to store the images. Use the IndexFaces and SearchFacesByImage API operations instead of the CompareFaces API operation.
  • C. Switch to using the AWS GovCloud (US) Region for Amazon S3 to store images and for Amazon Rekognition to compare faces. Set up a VPN connection and only call the Amazon Rekognition API operations through the VPN.
  • D. Enable client-side encryption on the S3 bucket. Set up a VPN connection and only call the Amazon Rekognition API operations through the VPN.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by knightknt at April 22, 2022, 1:15 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
knightknt
Highly Voted 2 years, 11 months ago
A Images passed to Amazon Rekognition API operations may be stored and used to improve the service unless you unless you have opted out by visiting the AI services opt-out policy page and following the process explained there https://docs.aws.amazon.com/rekognition/latest/dg/security-data-encryption.html
upvoted 9 times
tgaos
2 years, 9 months ago
So the answer is A
upvoted 1 times
...
BoroJohn
2 years, 2 months ago
https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
upvoted 2 times
...
mirik
1 year, 8 months ago
Yes, but server-side encryption doesn't protect at transit. Only client-side encryption can do it.
upvoted 2 times
mirik
1 year, 8 months ago
Ok, I see "encryption in transit" mean HTTPS: Amazon Rekognition API endpoints only support secure connections over HTTPS. All communication is encrypted with Transport Layer Security (TLS).
upvoted 4 times
...
...
...
ovokpus
Highly Voted 2 years, 8 months ago
Selected Answer: A
Absolutely A. Rekognition API endpoints only support secure connections over HTTPS and all communication is encrypted in transit with TLS
upvoted 6 times
...
ef12052
Most Recent 3 days, 3 hours ago
Selected Answer: A
https://aws.amazon.com/rekognition/faqs/?nc1=h_ls
upvoted 1 times
...
72cc81d
7 months ago
Selected Answer: B
B is correct one
upvoted 1 times
...
AIWave
1 year ago
Selected Answer: A
client-side encryption requires you to manage the encryption and decryption of your data yourself and is an overkill. Will go with Server side encryption. Recognition already encrypts data in transit
upvoted 2 times
...
kpr2022
1 year, 1 month ago
Selected Answer: B
B https://docs.aws.amazon.com/rekognition/latest/dg/collections.html You can opt-out of AI data usage of aws through organizations settings.
upvoted 1 times
...
Mickey321
1 year, 6 months ago
Selected Answer: A
Option A is correct
upvoted 1 times
...
mirik
1 year, 8 months ago
Selected Answer: D
Also, when the images are used with Amazon Rekognition. they need to be encrypted in transit A server-site encryption doesn't encrypt images in transit. onyly when they are already uploaded to the S3. Only client-side encryption can encrypt the images before they are moving to AWS cloud.
upvoted 2 times
kaike_reis
1 year, 7 months ago
You forgot about removing the possibility of Rekognition training.
upvoted 1 times
rav009
1 year, 2 months ago
client side encryption means the key is stored on the client side. AWS has no key, how can they train?
upvoted 1 times
...
...
...
blanco750
1 year, 12 months ago
According to Rekognition FAQs, You may opt out of having your image and video inputs used to improve or develop the quality of Amazon Rekognition and other Amazon machine-learning/artificial-intelligence technologies by using an AWS Organizations opt-out policy. https://aws.amazon.com/rekognition/faqs/
upvoted 1 times
...
mlcert1
2 years, 3 months ago
how is it A???
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago