Security and Compliance in AI Services Flashcards
AWS Certified AI Practitioner AIF-C01 Flashcards
| Front | Back |
| How can AI services be made HIPAA compliant | Use AWS services configured for PHI data, like encrypted storage and secure networking |
| How can you enforce secure communication in AI services | Use HTTPS protocols and TLS encryption |
| How can you limit access to AWS AI services | Use IAM policies to define fine-grained permissions |
| How can you monitor activity in AWS AI services | Enable AWS CloudTrail to log API calls for auditing |
| What are IAM roles used for in AWS AI services | Controlling access to resources securely |
| What AWS service helps detect unauthorized changes to AI resources | AWS Config for compliance evaluation |
| What AWS tool is used for automated security checks | AWS Security Hub for centralized security analysis |
| What does PCI DSS compliance mean for AI services | Certifies handling of payment card information securely |
| What is GDPR | The General Data Protection Regulation governing user data privacy in the EU |
| What is the benefit of Amazon Macie in AI compliance | Helps discover and protect sensitive personal data using machine learning |
| What is the benefit of regularly rotating access keys | Minimizes risks of leaked keys being misused |
| What is the purpose of encryption in AI services | Ensuring data is secured at rest and in transit |
| What is the Shared Responsibility Model | AWS manages physical infrastructure while users secure their applications and data |
| What is the significance of data residency in AI compliance | Ensuring data is stored in specific geographic regions to meet legal requirements |
| Which AWS service is used for managing encryption keys | AWS Key Management Service (KMS) |
| Why is multi-factor authentication (MFA) important | Adds an extra layer of security to access control |
| Why is versioning important in AI models | Enables rollback and auditing of model modifications |
| Why should access credentials not be hardcoded in AI applications | Prevents unauthorized access and credential exposure |
| Why should sensitive data be anonymized before processing in AI services | Reduces risk of exposing personal information |
About the Flashcards
Flashcards for the AWS Certified AI Practitioner exam focus on security and compliance for AI services on AWS, helping students review essential terminology and concepts such as encryption, access control, and data protection. The cards emphasize practical controls and responsibilities you'll need to know for the exam, from the Shared Responsibility Model to secure communication and credential management.
Topics include specific AWS tools and practices like AWS KMS, IAM roles and policies, CloudTrail logging, AWS Config and Security Hub, Amazon Macie, and measures for GDPR, HIPAA and PCI DSS compliance. Review items also cover model versioning, key rotation, multi-factor authentication, data residency, and anonymization to reinforce the key ideas tested on the exam.
Topics covered in this flashcard deck:
- Encryption and TLS
- IAM roles and policies
- Monitoring and auditing
- Data residency and anonymization
- GDPR, HIPAA, PCI DSS
- AWS security services