A medical company is creating a generative AI (GenAI) system by using Amazon Bedrock.

Amazon Web Services AIP-C01 Question Answer

A medical company is creating a generative AI (GenAI) system by using Amazon Bedrock. The system processes data from various sources and must maintain end-to-end data lineage. The system must also use real-time personally identifiable information (PII) filtering and audit trails to automatically report compliance.

Which solution will meet these requirements?

Use AWS Glue Data Catalog to register all data sources and track lineage. Use Amazon Bedrock Guardrails PII filters. Enable AWS CloudTrail logging for all Amazon Bedrock API calls with Amazon S3 integration. Use Amazon Macie to scan stored data for sensitive information and publish findings to Amazon CloudWatch Logs. Create CloudWatch dashboards to visualize the findings and generate automated compliance reports.

Use AWS Config to track data source configurations and changes. Use AWS WAF with custom rules to filter PII at the application layer before Amazon Bedrock processes the data. Configure Amazon EventBridge to capture and route audit events to Amazon S3. Use Amazon Comprehend Medical with scheduled AWS Lambda functions to analyze stored outputs for compliance violations.

Use AWS DataSync to replicate data sources to track lineage. Configure Amazon Macie to scan Amazon Bedrock outputs for sensitive information. Use AWS Systems Manager Session Manager to log user interactions. Deploy Amazon Textract with AWS Step Functions workflows to identify and redact PII from generated reports.

Configure Amazon Athena to query data sources to analyze and report on data lineage. Use Amazon CloudWatch custom metrics to monitor PII exposure in Amazon Bedrock responses and establish AWS X-Ray tracing to generate an audit trail. Use an Amazon Rekognition Custom Labels model to detect sensitive information in the data that Amazon Bedrock processes.

Explanation:

Option A is the most comprehensive and architecturally aligned solution for meeting end-to-end data lineage, real-time PII filtering, and automated compliance reporting requirements in a medical GenAI system built on Amazon Bedrock. Each requirement maps directly to a managed AWS service that is purpose-built for governance, security, and compliance.

AWS Glue Data Catalog is designed to register datasets across multiple sources and maintain metadata that supports lineage tracking. By cataloging all inputs that flow into the Bedrock-based system, the organization can trace how data moves from ingestion through processing and storage, which is essential for regulatory audits in healthcare environments.

For real-time PII filtering, Amazon Bedrock Guardrails provide native PII detection and filtering during model inference. Guardrails operate inline with model invocation, ensuring sensitive information is blocked or redacted before responses are returned to users. This satisfies the requirement for real-time protection rather than post-processing analysis.

AWS CloudTrail delivers a complete audit trail of all Amazon Bedrock API calls, including InvokeModel requests and configuration changes. Storing these logs in Amazon S3 enables long-term retention and supports compliance audits. CloudTrail ensures traceability of who accessed the system, when, and how it was used.

To strengthen compliance monitoring, Amazon Macie continuously scans stored data for sensitive information and automatically classifies findings. Publishing Macie findings to Amazon CloudWatch Logs and visualizing them through dashboards enables near-real-time visibility into compliance posture and supports automated reporting workflows.

The other options fall short. Option B performs PII filtering at the application edge rather than at inference time and relies on scheduled analysis instead of real-time enforcement. Option C focuses on replication and document processing rather than inline GenAI governance. Option D uses services that are not designed for PII detection in text-based GenAI workflows and lacks native lineage tracking.

Therefore, A best fulfills all stated requirements using AWS-recommended governance and security capabilities.

Amazon Web Services AIP-C01 View All Questions

Amazon Web Services AIP-C01 Summary

Vendor: Amazon Web Services
Product: AIP-C01
Update on: Feb 22, 2026
Questions: 107

Price: $52.5 ~~$149.99~~

Buy Now AIP-C01 PDF + Testing Engine Pack

A company is building a generative AI (GenAI) application that processes financial reports and provides...

An ecommerce company is developing a generative AI (GenAI) solution that uses Amazon Bedrock with...

Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A medical company is creating a generative AI (GenAI) system by using Amazon Bedrock.

The Answer Is:

Explanation:

Amazon Web Services AIP-C01 Summary

Payments We Accept

Contact Us