Exam AWS Certified Machine Learning - Specialty topic 1 question 126 discussion

I will go with D, "cannot be accessed and transferred to a remote host by malicious code accidentally installed on the training container" Based on the following link: https://aws.amazon.com/blogs/security/secure-deployment-of-amazon-sagemaker-resources/ "EnableNetworkIsolation – Set this to true when creating training, hyperparameter tuning, and inference jobs to prevent situations like malicious code being accidentally installed and transferring data to a remote host."

If you enable network isolation, the containers can't make any outbound network calls, even to other AWS services such as Amazon S3. Additionally, no AWS credentials are made available to the container runtime environment. In the case of a training job with multiple instances, network inbound and outbound traffic is limited to the peers of each training container. SageMaker still performs download and upload operations against Amazon S3 using your SageMaker execution role in isolation from the training or inference container.

'network isolation' make sense

A. NO - Remove Amazon S3 access permissions from the SageMaker execution role. B. NO - Encrypting the weights has nothing to do with protecting the training data C. NO - If the dataset is encrypted, one may still hack SageMaker instance and get access to uncrypted data D. YES - Enable network isolation for training jobs, data is protected end-to-end

Network isolation

It's D, not C because encrypted can be stole.

I choose D. More document about it: https://docs.aws.amazon.com/sagemaker/latest/dg/mkt-algo-model-internet-free.html

Answer is D. https://aws.amazon.com/blogs/security/secure-deployment-of-amazon-sagemaker-resources/ search for 'isolation' and there is a security parameter : EnableNetworkIsolation talking about this.

I would choose C

most likely it is C. https://docs.aws.amazon.com/sagemaker/latest/dg/data-protection.html