ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Machine Learning - Specialty All Questions

View all questions & answers for the AWS Certified Machine Learning - Specialty exam
Go to Exam

Exam AWS Certified Machine Learning - Specialty topic 1 question 320 discussion

Exam question from Amazon's AWS Certified Machine Learning - Specialty
Question #: 320
Topic #: 1
[All AWS Certified Machine Learning - Specialty Questions]

A company decides to use Amazon SageMaker to develop machine learning (ML) models. The company will host SageMaker notebook instances in a VPC. The company stores training data in an Amazon S3 bucket. Company security policy states that SageMaker notebook instances must not have internet connectivity.

Which solution will meet the company’s security requirements?

  • A. Connect the SageMaker notebook instances that are in the VPC by using AWS Site-to-Site VPN to encrypt all internet-bound traffic. Configure VPC flow logs. Monitor all network traffic to detect and prevent any malicious activity.
  • B. Configure the VPC that contains the SageMaker notebook instances to use VPC interface endpoints to establish connections for training and hosting. Modify any existing security groups that are associated with the VPC interface endpoint to allow only outbound connections for training and hosting.
  • C. Create an IAM policy that prevents access the internet. Apply the IAM policy to an IAM role. Assign the IAM role to the SageMaker notebook instances in addition to any IAM roles that are already assigned to the instances.
  • D. Create VPC security groups to prevent all incoming and outgoing traffic. Assign the security groups to the SageMaker notebook instances.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by AIWave at March 14, 2024, 5:43 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Peter_Hsieh
7 months, 1 week ago
Selected Answer: B
https://docs.aws.amazon.com/sagemaker/latest/dg/inter-network-privacy.html
upvoted 2 times
...
vkbajoria
7 months, 3 weeks ago
Selected Answer: B
VPC interface Endpoints will do the trick.
upvoted 1 times
...
AIWave
7 months, 3 weeks ago
Selected Answer: B
- VPC Interface Endpoints allow notbook instances to communicate with sagemaker services without public internet traffic - Security groups allow outbound connections for training and hosting but block all other traffic
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago