nerdexam
ExamsMLS-C01Questions#126
AmazonAmazon

MLS-C01 · Question #126

MLS-C01 Question #126: Real Exam Question with Answer & Explanation

The correct answer is A: Add a VPC endpoint policy to allow access to the IAM users.. https://aws.amazon.com/blogs/machine-learning/securing-all-amazon-sagemaker-api-calls-with- aws-privatelink/

ML Implementation and Operations

Question

A machine learning (ML) specialist wants to secure calls to the Amazon SageMaker Service API. The specialist has configured Amazon VPC with a VPC interface endpoint for the Amazon SageMaker Service API and is attempting to secure traffic from specific sets of instances and IAM users. The VPC is configured with a single public subnet. Which combination of steps should the ML specialist take to secure the traffic? (Choose two.)

Options

  • AAdd a VPC endpoint policy to allow access to the IAM users.
  • BModify the users' IAM policy to allow access to Amazon SageMaker Service API calls only.
  • CModify the security group on the endpoint network interface to restrict access to the instances.
  • DModify the ACL on the endpoint network interface to restrict access to the instances.
  • EAdd a SageMaker Runtime VPC endpoint interface to the VPC.

Explanation

https://aws.amazon.com/blogs/machine-learning/securing-all-amazon-sagemaker-api-calls-with- aws-privatelink/

Topics

#VPC Endpoints#Endpoint Policies#Security Groups#SageMaker Security

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full MLS-C01 PracticeBrowse All MLS-C01 Questions