Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Security, Compliance, and Governance for AI Solutions practice sets

AIF-C01 Security, Compliance, and Governance for AI Solutions • Complete Question Bank

AIF-C01 Security, Compliance, and Governance for AI Solutions — All Questions With Answers

Complete AIF-C01 Security, Compliance, and Governance for AI Solutions question bank — all 0 questions with answers and detailed explanations.

70
Questions
Free
No signup
Certifications/AIF-C01/Practice Test/Security, Compliance, and Governance for AI Solutions/All Questions
Question 1easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses Amazon SageMaker to train sensitive ML models. Which AWS service should they use to encrypt the training data and model artifacts at rest?

Question 2mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A data scientist needs to allow a foundation model in Amazon Bedrock to access a specific S3 bucket containing reference documents. The bucket is in a different AWS account. What is the MOST secure way to grant access?

Question 3hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses Bedrock Guardrails to filter harmful content in a generative AI application. They need to prevent the model from discussing proprietary internal projects. Which Guardrail component should be configured?

Question 4mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A financial services firm needs to ensure that all calls to Amazon Bedrock APIs are logged for audit purposes. Which AWS service should they enable to capture API calls?

Question 5easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company wants to detect sensitive data such as PII in their training datasets stored in S3 before using them for model training. Which AWS service should they use?

Question 6mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses SageMaker Clarify to detect bias in a deployed model. The monitoring must run automatically on a schedule. Which SageMaker feature should they use?

Question 7hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

An organization uses AWS Lake Formation to govern a data lake used for SageMaker training. They need to enforce row-level security so that different teams only see data relevant to their projects. Which Lake Formation feature should they use?

Question 8mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company wants to use Amazon Bedrock to generate responses grounded in their proprietary knowledge base. They need to minimize hallucinations and ensure responses are based on the provided documents. Which feature should they enable?

Question 9easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A data scientist needs to restrict access to a SageMaker notebook instance to only the corporate network. Which configuration should they use?

Question 10mediummultiple choice
Review the full subnetting walkthrough →

A company needs to ensure that model inference endpoints in SageMaker are only accessible from a private subnet in their VPC, and no traffic goes over the public internet. Which network configuration should they use?

Question 11hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company using Amazon Bedrock needs to redact personally identifiable information (PII) from user inputs before sending them to the foundation model. Which Bedrock Guardrails component should be configured?

Question 12mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company wants to use a third-party foundation model in Bedrock and is concerned about the provider's data handling policies. Which action should they take to ensure their data is not used for model training by the provider?

Question 13mediummulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company needs to govern the lifecycle of ML models, including versioning, monitoring for drift, and decommissioning outdated models. Which TWO services should they use? (Choose 2)

Question 14hardmulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company wants to enforce strict data residency for training data used in SageMaker. The data must never leave a specific AWS Region. Which THREE actions should they take? (Choose 3)

Question 15easymulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company wants to log all model invocation requests in Amazon Bedrock for audit and troubleshooting. Which TWO destinations can they configure for invocation logging? (Choose 2)

Question 16easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A data scientist wants to restrict which IAM roles can invoke a specific Amazon Bedrock base model. Which AWS feature should they use?

Question 17mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A healthcare company uses Amazon SageMaker to train a model on patient data. To meet HIPAA compliance, they must ensure training data is encrypted at rest and in transit. Additionally, the training job should not have internet access. Which combination of actions should the company take?

Question 18mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A financial services firm uses Amazon Bedrock to generate investment summaries. They need to prevent the model from generating content containing personally identifiable information (PII) such as social security numbers. Which feature should they configure in Bedrock Guardrails?

Question 19hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses Amazon SageMaker Clarify to monitor a deployed model for bias. After running an analysis, they find that the model's predictions have a disparate impact on a protected group. What is the MOST appropriate next step?

Question 20mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A data governance team wants to enforce fine-grained access control on data in an Amazon S3 data lake used by multiple business units for AI training. Which AWS service should they use to define and manage data permissions at the table and column level?

Question 21hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A security engineer is configuring logging for Amazon Bedrock model invocations. They need to capture both the input and output of all API calls for compliance audits. Which set of steps should they take?

Question 22easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company wants to automatically discover sensitive data such as credit card numbers in their Amazon S3 training datasets before using them for model training. Which AWS service should they use?

Question 23mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company is deploying an AI-powered document summarization system using Amazon Bedrock. They must ensure that the model only uses information from provided source documents and does not generate unsupported claims. Which Bedrock Guardrails feature should they enable?

Question 24hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A data scientist is using Amazon SageMaker to train a model with data that resides in an S3 bucket owned by another AWS account. The training job fails with access denied errors. The data scientist has already been granted cross-account read access to the S3 bucket via a bucket policy. What additional configuration is required?

Question 25easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

An organization wants to control which topics their AI chatbot can discuss. For example, they want to block all conversations about investment advice. Which Amazon Bedrock Guardrails feature should they configure?

Question 26mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A machine learning team uses Amazon SageMaker to train and deploy models. They need to ensure that only approved base models from the AWS Marketplace are used. Which feature should they use to enforce this policy?

Question 27mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses Amazon Bedrock with a third-party foundation model. They are concerned about the third-party provider accessing their data. What should they review to understand data handling practices?

Question 28mediummulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company is deploying an AI model on Amazon SageMaker and needs to monitor for model drift over time. Which TWO actions should they take? (Choose TWO)

Question 29hardmulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A financial institution is using Amazon Bedrock for a customer-facing application. They must ensure compliance with data residency requirements: model inputs and outputs must not leave a specific AWS Region. Which THREE steps should they take? (Choose THREE)

Question 30mediummulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company wants to use AWS Lake Formation to govern access to data used for AI training. They need to ensure that only approved columns of sensitive tables are visible to data scientists. Which THREE steps should they implement? (Choose THREE)

Question 31easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A data scientist needs to restrict access to a specific Amazon SageMaker notebook instance so that only a designated IAM role can invoke the CreatePresignedNotebookInstanceUrl API. Which IAM policy element should be used to achieve this?

Question 32mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company is using Amazon Bedrock to generate text summaries of customer emails. The compliance team requires that any email containing a Social Security Number (SSN) must be blocked from being sent to the model for summarization. Which Bedrock Guardrail configuration should be used?

Question 33mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A machine learning team is training a model using Amazon SageMaker with data stored in an S3 bucket. The security policy requires that all data be encrypted at rest and in transit, and that the training job cannot access the internet. Which combination of settings should the team use?

Question 34hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A financial services company uses Amazon Bedrock to generate investment advice. They have configured a guardrail to deny any harmful content. However, a user prompt 'Tell me how to commit fraud' was not blocked. What is the most likely cause?

Question 35easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company needs to audit all API calls made to Amazon Bedrock, including model invocations and guardrail evaluations. Which AWS service should they enable to capture these API calls for compliance?

Question 36mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A healthcare startup is using Amazon SageMaker to train a model on patient data. They need to ensure that the training data does not contain any personally identifiable information (PII) before being used. Which AWS service can automatically detect and report PII in the data stored in S3?

Question 37mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company is deploying a real-time inference endpoint using Amazon SageMaker. The security team requires that all data sent to the endpoint be encrypted in transit and that the endpoint is only accessible from within the company's VPC. Which configuration should be used?

Question 38hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

An organization uses AWS Lake Formation to govern access to data used for machine learning in Amazon SageMaker. They want to ensure that a particular IAM role used by SageMaker can only query a subset of columns in a table containing sensitive customer data. Which Lake Formation permission should be granted to the role?

Question 39easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A data scientist wants to use a third-party foundation model from Amazon Bedrock for a generative AI application. The compliance officer needs to understand how the third-party model provider handles data privacy. Where can the data scientist find this information?

Question 40mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company has deployed a machine learning model using Amazon SageMaker and wants to monitor the model for bias over time. Which SageMaker feature should they use to detect bias in the model's predictions after deployment?

Question 41hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses Amazon Bedrock with a custom model that was trained on data subject to GDPR. The company needs to ensure that inference logs containing user prompts and model responses are stored in a specific AWS Region for data residency compliance. How should they configure Bedrock model invocation logging?

Question 42mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A machine learning team needs to share a SageMaker notebook with a colleague from a different AWS account. The colleague should be able to open and run the notebook but not delete it. Which combination of actions should the team take?

Question 43mediummulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company is deploying a generative AI application using Amazon Bedrock and needs to ensure that the model's responses do not include any sensitive information. Which TWO Bedrock Guardrail configurations should be used together to meet this requirement? (Select TWO.)

Question 44hardmulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company is using Amazon SageMaker to manage the lifecycle of their machine learning models. They need to implement a governance framework that includes model versioning, monitoring for drift, and decommissioning of outdated models. Which THREE AWS services or features should they use together to meet these requirements? (Select THREE.)

Question 45easymulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company wants to encrypt training data stored in Amazon S3 and model artifacts in Amazon SageMaker using customer-managed keys. Which TWO AWS services or features should they use? (Select TWO.)

Question 46easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses Amazon Bedrock to access foundation models. The security team wants to ensure that only specific IAM roles can invoke a particular model. Which configuration should they use?

Question 47mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A data scientist is training a model using Amazon SageMaker and needs to ensure the training data is encrypted at rest and in transit. The data is stored in S3. Which combination of steps meets this requirement?

Question 48mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses Amazon Bedrock to generate content and wants to prevent the model from producing harmful or biased responses. Which AWS service should they configure to enforce content safety policies?

Question 49hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A financial services company uses Amazon SageMaker to train models with sensitive customer data. They must ensure that no data leaves a specific AWS Region due to data residency regulations. The training data is in S3. Which architecture meets this requirement while minimizing data transfer?

Question 50mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses Amazon Bedrock and needs to log all model invocations for audit purposes. The logs must be stored in a central S3 bucket and also sent to CloudWatch Logs for real-time monitoring. Which configuration should they use?

Question 51easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A machine learning engineer wants to detect if sensitive data, such as personally identifiable information (PII), exists in a training dataset stored in S3 before training a model. Which AWS service should they use?

Question 52mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A data science team is deploying a model using Amazon SageMaker. They need to monitor the model for bias after it is deployed. Which AWS service or feature should they use?

Question 53easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses AWS Lake Formation to manage data lakes for analytics. They want to ensure that only authorized users can access specific columns in a table containing sensitive data used for ML training. Which Lake Formation feature should they use?

Question 54mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company wants to use a third-party foundation model from Amazon Bedrock but is concerned about data privacy because the model provider might store prompts and responses. How should they address this concern?

Question 55hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company has trained a model using Amazon SageMaker and stored the model artifacts in S3 with SSE-KMS encryption. The development team wants to grant cross-account access to the model artifacts so a partner can deploy the model in their own account. Which steps are required?

Question 56mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses Amazon Bedrock Guardrails to filter harmful content. They want to ensure that the model does not generate responses containing specific keywords related to their internal project names. Which Guardrails component should they configure?

Question 57hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company has deployed a model on Amazon SageMaker and enabled Model Monitor. They notice that the model's prediction accuracy has declined over time. Which type of drift is this, and what should they do?

Question 58mediummulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses Amazon Bedrock and wants to ensure that the model outputs are grounded in a set of provided documents to reduce hallucinations. Which TWO actions should they take? (Select TWO.)

Question 59hardmulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company is implementing an AI governance framework for their machine learning models deployed on Amazon SageMaker. Which THREE actions should they include to manage the model lifecycle effectively? (Select THREE.)

Question 60easymulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A data scientist needs to use Amazon SageMaker to train a model and must ensure that the training data and the model artifacts are encrypted using customer-managed KMS keys. Which TWO resources can be encrypted with KMS keys in this scenario? (Select TWO.)

Question 61mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses Amazon Bedrock to build an AI assistant. They need to restrict the model from generating responses about competitors. Which Bedrock feature should they configure?

Question 62easymultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A data scientist needs to train a model in Amazon SageMaker using a dataset that contains personally identifiable information (PII). The company policy requires all data at rest to be encrypted with a customer-managed key. Which configuration meets this requirement?

Question 63hardmultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

An organization uses a third-party foundation model accessed through Amazon Bedrock. The compliance team requires that all model inputs and outputs be auditable and retained for one year. Which approach should the team implement?

Question 64mediummultiple choice
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A machine learning team wants to detect bias in a deployed model's predictions on new data. They use Amazon SageMaker. Which service should they use to generate bias reports after deployment?

Question 65mediummulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses Amazon Macie to discover sensitive data in an S3 bucket containing training datasets. The bucket policy currently prohibits access from external accounts. Which TWO steps are necessary to allow a cross-account SageMaker training job to access this bucket while maintaining security?

Question 66hardmulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A financial services company is deploying a large language model (LLM) on Amazon Bedrock for customer-facing applications. The compliance team mandates that the model must not generate any content containing personally identifiable information (PII). Additionally, the company wants to ensure that the model only answers questions related to its product documentation and refuses off-topic queries. Which THREE Bedrock Guardrails configurations should be applied?

Question 67mediummulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A machine learning team uses Amazon SageMaker to train models. They need to ensure that only approved base models from the AWS Marketplace can be used, and that training jobs cannot access the internet. Which TWO configurations should they implement?

Question 68easymulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company wants to use Amazon Bedrock to build an application that summarizes customer support tickets. They are concerned about data privacy and want to ensure that customer data is not used by the third-party model provider for training or improvement. Which TWO actions should they take?

Question 69hardmulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

An organization is implementing governance for machine learning models using SageMaker. They need to track model versions, monitor for drift after deployment, and automatically decommission models that have been deprecated for over 30 days. Which THREE services or features should they use?

Question 70mediummulti select
Read the full Security, Compliance, and Governance for AI Solutions explanation →

A company uses AWS Lake Formation to govern data used for AI/ML. They have a data lake containing customer transaction data. A data scientist needs to access the data for training a model in SageMaker. Which TWO steps are required to grant access while maintaining governance?

Practice tests

Scored 10-question sessions with instant feedback and explanations.

AIF-C01 Practice Test 1 — 25 Questions→AIF-C01 Practice Test 2 — 25 Questions→AIF-C01 Practice Test 3 — 25 Questions→AIF-C01 Practice Test 4 — 25 Questions→AIF-C01 Practice Test 5 — 25 Questions→AIF-C01 Practice Exam 1 — 20 Questions→AIF-C01 Practice Exam 2 — 20 Questions→AIF-C01 Practice Exam 3 — 20 Questions→AIF-C01 Practice Exam 4 — 20 Questions→Free AIF-C01 Practice Test 1 — 30 Questions→Free AIF-C01 Practice Test 2 — 30 Questions→Free AIF-C01 Practice Test 3 — 30 Questions→AIF-C01 Practice Questions 1 — 50 Questions→AIF-C01 Practice Questions 2 — 50 Questions→AIF-C01 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Applications of Foundation ModelsAI and ML FundamentalsSecurity, Compliance, and Governance for AI SolutionsFundamentals of AI and MLFundamentals of Generative AIGenerative AI and Foundation ModelsGuidelines for Responsible AISecurity, Compliance and Governance for AI Solutions

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Security, Compliance, and Governance for AI Solutions setsAll Security, Compliance, and Governance for AI Solutions questionsAIF-C01 Practice Hub