🔥 3-day streak
AWS Certified Machine Learning Engineer - Associate158 / 194
Question 158 of 194

A healthcare company runs SageMaker training and processing jobs from notebook instances that process protected health information (PHI). Security requires that these workloads can reach only approved S3 buckets and SageMaker APIs, must never traverse the public internet, and must be blocked from writing PHI to any S3 bucket outside the company's account. Which combination of controls best enforces these requirements?

Reviewed for accuracy · Report an issueNext question