Security, Compliance, and Governance for AI Solutions Flashcards

Create an Amazon Bedrock knowledge base is correct because creating a knowledge base in Amazon Bedrock allows the model to integrate private data sources. The knowledge base enables the foundation model to access relevant internal data during inference, which can improve the quality and relevance of the model’s responses.

• Use a different foundation model is incorrect because the need here is to incorporate private data, not to switch models. Using a different foundation model will not address the requirement to supplement the model with the company’s internal data.
• Choose a lower temperature value is incorrect because the temperature parameter affects the randomness of the model’s output, not its data sources. Lowering the temperature can make responses more focused, but it does not enable the use of private data in the model’s processing.
• Enable model invocation logging is incorrect because model invocation logging helps in tracking and auditing model usage, but it does not help incorporate private data into the model’s output. Logging does not address the requirement for using internal data sources during inference.

Reference:
Amazon Bedrock

Generative AI models excel at creating new content, such as images, text, or audio. One of the primary applications of these models is generating visual content from text prompts, which is highly valuable in fields like digital marketing for producing creative, unique visuals.

• Improving network security by using intrusion detection systems is incorrect because intrusion detection systems rely on monitoring patterns and anomalies, which is more suited for traditional machine learning models, not generative AI. Generative AI is typically not used for security applications like detecting network intrusions.
• Enhancing database performance by using optimized indexing is incorrect because improving database performance involves algorithms and techniques focused on query optimization and indexing, which are not tasks suited for generative AI models. Generative AI is used for creating new data, not for database optimization.
• Analyzing financial data to forecast stock market trends is incorrect because predicting stock market trends typically involves statistical models or machine learning algorithms that analyze historical data patterns. Generative AI models are not designed for this kind of data forecasting, but for creating new content like images, text, or even audio.

Reference:
Transform your business with generative AI

The EC2 Trn series (using AWS Trainium processors) is designed to optimize the energy efficiency of large-scale machine learning training tasks. It consumes less power while delivering high-performance training for LLMs, reducing the environmental impact.

• Amazon EC2 M series is incorrect because the M series is a general-purpose instance type and is not optimized for energy efficiency or machine learning model training, making it less suitable for minimizing environmental impact.
• Amazon EC2 Inf series is incorrect because the Inf series is optimized for inference tasks rather than training. While it can provide efficient inference, it is not designed for the training phase, especially for LLMs.
• Amazon EC2 P series is incorrect because the P series is optimized for high-performance GPU workloads, but it is less efficient in terms of energy consumption compared to the Trn series, which is built specifically for efficient ML training.

Reference:
AWS Trainium

Guardrails can help filter out sensitive data from being used or included in the system’s responses. Combined with CloudWatch alarms, the company can receive alerts whenever violations occur.

• Use Amazon Macie to scan the recommendation system’s output for sensitive data and configure alerts for policy violations is incorrect because Amazon Macie is primarily used for scanning data in S3 buckets for sensitive information, not for monitoring model outputs in real-time.
• Set up AWS CloudTrail to monitor the system’s output and notify the company when sensitive data is detected is incorrect because CloudTrail is used for logging API calls and activities in AWS, not for detecting sensitive data in real-time model outputs.
• Enable Amazon SageMaker Model Monitor to track data quality and notify the company if sensitive data is found in the training data is incorrect because SageMaker Model Monitor is designed to track model performance and data drift, not for filtering sensitive information in real-time outputs or ensuring compliance.

Reference:
Amazon Bedrock Guardrails

Once a model is trained on sensitive data, the only way to ensure it doesn’t generate responses based on that data is to remove the sensitive data from the training set and retrain the model. This guarantees the model won’t use confidential information in its responses.

• Apply dynamic data masking to hide sensitive data in inference responses is incorrect because masking hides specific fields in outputs but doesn’t prevent the model from generating content influenced by the sensitive data.
• Encrypt the sensitive data in inference outputs using Amazon SageMaker is incorrect because encryption protects data in transit or at rest but doesn’t stop the model from referencing the sensitive data during inference.
• Use AWS Key Management Service (AWS KMS) to encrypt the sensitive data within the model is incorrect because encryption ensures data protection but doesn’t prevent the model from generating outputs that may still be influenced by the sensitive data.

Reference:
Data Protection

Amazon Bedrock provides native invocation logging, which allows users to store input and output data for each invocation. This logging is essential for tracking model performance and ensuring data integrity during operations.

• Configure AWS CloudTrail to log the model’s input and output data is incorrect because AWS CloudTrail logs API activity and service-level actions, but it doesn’t log the specific inputs and outputs of model invocations.
• Use AWS Audit Manager to log the input and output data of the model is incorrect because AWS Audit Manager is used for auditing and compliance checks, not for capturing real-time invocation logs of AI models.
• Set up logging through Amazon EventBridge for capturing model responses is incorrect because Amazon EventBridge routes events between AWS services but is not intended for storing or managing detailed model invocation logs.

Reference:
Monitor model invocation using CloudWatch Logs and Amazon S3

Creating a separate custom service role for each team ensures that access to customer data is restricted in accordance with the company’s security policies. By using custom roles, each team only has permissions to access the specific data associated with their customers in Amazon S3.

This strategy aligns with the principle of least privilege, providing granular control over data access and ensuring that teams do not have unauthorized access to another team’s data. It also simplifies management, as each team can only perform operations within the bounds of their assigned role, preventing accidental or malicious access to restricted information.

• Assign one service role to all teams and use Amazon S3 event triggers to restrict data access based on customer information is incorrect because event triggers are not designed to control real-time access to specific data. A single role for all teams does not provide the necessary access control, and event triggers are more suited for initiating workflows, not for restricting data access dynamically.
• Use AWS Secrets Manager to encrypt customer data and allow each team to decrypt only their specific customer information is incorrect because AWS Secrets Manager is used for managing secrets, such as API keys or database credentials, rather than controlling access to large datasets. While encryption ensures data protection, it does not solve the problem of restricting access to customer-specific data in S3.
• Set up a shared Bedrock role and log data access with Amazon CloudWatch to monitor unauthorized access attempts is incorrect because logging access with CloudWatch provides visibility into unauthorized actions but does not prevent unauthorized access from happening in the first place. A shared role would still allow teams to access data they shouldn’t, violating the security policy.

Reference:
Policies and Permissions in AWS Identity and Access Management

Intrusion detection and monitoring is correct because compliance in the financial sector often requires monitoring for suspicious or unauthorized activity, ensuring the system is protected from potential breaches.

Encryption of sensitive data is correct because encrypting customer and financial data is critical to comply with regulatory standards such as PCI-DSS and GDPR. Proper encryption ensures that sensitive information is protected both in transit and at rest.

• Automated scaling of model inference is incorrect because auto-scaling improves resource efficiency but does not directly address regulatory compliance.
• Optimizing server uptime is incorrect because ensuring uptime is important for reliability but does not fulfill compliance requirements related to security and data protection.
• Using containerized microservices for scaling is incorrect because microservices are an architectural choice for building scalable applications but do not directly relate to compliance with security and data protection regulations.

Reference:
AWS Compliance Programs

AWS Artifact provides access to compliance-related documents, such as security and compliance reports from third-party ISVs. The company can use AWS Artifact to download and monitor these reports and configure notifications when new reports are available.

• AWS Audit Manager is incorrect because AWS Audit Manager helps automate the process of auditing by collecting evidence, but it does not provide access to compliance reports from ISVs.
• AWS Security Hub is incorrect because AWS Security Hub is focused on centralizing security findings from AWS services, not on handling compliance reports from ISVs.
• Amazon SNS (Simple Notification Service) is incorrect because while SNS handles notifications, it is not a service that directly manages or provides compliance reports.

Reference:
AWS Artifact

AWS PrivateLink enables the financial institution to securely access Amazon Bedrock services from within a VPC without exposing traffic to the public internet. This ensures compliance with regulations that restrict internet access.

• Amazon Macie is incorrect because Amazon Macie is used for identifying sensitive data and monitoring security risks, not for managing VPC internet access.
• Amazon Route 53 is incorrect because Amazon Route 53 is a DNS service, and it doesn’t provide the private connectivity needed to avoid internet exposure.
• NAT gateway is incorrect because a NAT gateway allows private instances to access the internet, which contradicts the requirement of preventing internet access.

Reference:
AWS PrivateLink

Anomaly detection systems are designed to identify unusual patterns or deviations from normal behavior. In this case, it can be used to detect suspicious IP addresses by identifying traffic patterns or access behaviors that do not match normal activity, providing an extra layer of security.

• Build a chatbot for user support is incorrect because chatbots are designed for customer interaction, not for identifying or analyzing security threats.
• Create a system for translating IP logs into multiple languages is incorrect because translating logs does not help in detecting suspicious IP addresses or enhancing security.
• Implement a text summarization system is incorrect because text summarization condenses large pieces of text and is unrelated to identifying security threats from IP addresses.

Reference:
What is Anomaly Detection?

AWS CloudTrail records all API calls and actions across AWS services, including attempts to invoke Amazon Bedrock models. By reviewing these logs, the company can identify unauthorized access attempts and set appropriate IAM policies for future model use.

• AWS Shield is incorrect because AWS Shield provides protection against distributed denial of service (DDoS) attacks, not for identifying unauthorized access attempts within AWS services.
• Amazon Macie is incorrect because Macie is designed to detect sensitive data in Amazon S3, not for monitoring access attempts to AWS services.
• Amazon Inspector is incorrect because Amazon Inspector is used to assess security vulnerabilities in EC2 instances, not to track or identify unauthorized users attempting to access AWS services.

Reference:
AWS CloudTrail

Providing labeled data with specific inputs (prompts) and expected outputs (completions) allows the foundation model to learn from the company’s proprietary documents. Fine-tuning requires structured data with clear prompts and corresponding completions to improve the model’s performance in generating accurate responses for legal searches.

• Organize the dataset into a JSON file and upload it directly to the model for fine-tuning is incorrect because while data format is important, uploading a simple JSON file without labeled prompts and completions does not ensure effective fine-tuning.
• Purchase additional storage on Amazon S3 to store the training data is incorrect because buying storage does not directly help in fine-tuning the model. The focus should be on preparing the data for model training, not storage.
• Integrate AWS CloudWatch for real-time model monitoring and adjustments is incorrect because AWS CloudWatch is used for monitoring and logging, but it does not contribute to the actual fine-tuning process of the model.

Reference:
Prompt engineering concepts

By designing prompts carefully to reduce potential errors and configuring IAM roles with least privilege access, the company can ensure that only authorized users can interact with the models. This is critical for securing sensitive financial data and maintaining a controlled environment.

• Enable Amazon GuardDuty to monitor for suspicious activity on the models is incorrect because GuardDuty monitors for security threats and vulnerabilities but does not directly control access or manage the secure use of LLMs on Amazon Bedrock.
• Use AWS WAF to protect the LLMs from unauthorized traffic and requests is incorrect because AWS WAF focuses on protecting web applications from threats like SQL injection and does not handle the access control needs for using LLMs on Amazon Bedrock.
• Configure AWS Direct Connect to provide low-latency access to the models is incorrect because Direct Connect provides dedicated network connections, but it doesn’t address security concerns for controlling access to the LLMs.

Reference:
AWS Identity and Access Management

To access the encrypted transaction data in the S3 bucket, Amazon Bedrock needs the proper IAM role with permissions to decrypt the data using the SSE-S3 encryption key. Without these permissions, the FM cannot access the data, resulting in the failure. Adding decryption permissions resolves this issue securely.

• Disable encryption on the S3 bucket to allow the FM unrestricted access to the data is incorrect because disabling encryption compromises data security, which is not advisable for sensitive financial information.
• Use a Lambda function to decrypt the data before providing it to the FM is incorrect because a more direct solution is to give the FM appropriate permissions, rather than introducing additional complexity with Lambda functions.
• Adjust the model’s prompt to specify that it should access encrypted data from the S3 bucket is incorrect because the issue is related to IAM permissions and encryption, not the content of the prompt.

Reference:
IAM Roles