ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Machine Learning Engineer - Associate MLA-C01 All Questions

View all questions & answers for the AWS Certified Machine Learning Engineer - Associate MLA-C01 exam
Go to Exam

Exam AWS Certified Machine Learning Engineer - Associate MLA-C01 topic 1 question 99 discussion

Exam question from Amazon's AWS Certified Machine Learning Engineer - Associate MLA-C01
Question #: 99
Topic #: 1
[All AWS Certified Machine Learning Engineer - Associate MLA-C01 Questions]

A company is working on an ML project that will include Amazon SageMaker notebook instances. An ML engineer must ensure that the SageMaker notebook instances do not allow root access.

Which solution will prevent the deployment of notebook instances that allow root access?

  • A. Use IAM condition keys to stop deployments of SageMaker notebook instances that allow root access.
  • B. Use AWS Key Management Service (AWS KMS) keys to stop deployments of SageMaker notebook instances that allow root access.
  • C. Monitor resource creation by using Amazon EventBridge events. Create an AWS Lambda function that deletes all deployed SageMaker notebook instances that allow root access.
  • D. Monitor resource creation by using AWS CloudFormation events. Create an AWS Lambda function that deletes all deployed SageMaker notebook instances that allow root access.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by chris_spencer at March 11, 2025, 2:44 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AgboolaKun
2 weeks, 3 days ago
Selected Answer: A
The correct answer is A: To prevent the deployment of SageMaker notebook instances that allow root access, the ML engineer should use IAM condition keys. This can be achieved by creating an IAM policy that uses the sagemaker:RootAccess condition key to deny the creation or update of notebook instances when root access is enabled. This solution provides preventive control at the permission level, ensuring non-compliant instances cannot be created in the first place, rather than having to detect and remove them after deployment. Option C: Using EventBridge events with Lambda functions would be less effective because it's a reactive approach that would allow non-compliant instances to be created before deleting them, potentially creating security vulnerabilities during the window between creation and deletion.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago