Amazon Web Services AIP-C01 Dumps

Option D is the correct solution because it relies primarily on managed, purpose-built AWS services and minimizes custom infrastructure and model management. Amazon Bedrock guardrails provide native, configurable content safety controls that can block or redact disallowed content before or after model inference. This directly ensures that the platform does not process or produce inappropriate outputs while maintaining low operational overhead.

Using Amazon Comprehend PII detection as a preprocessing step integrates cleanly with an Amazon S3–based ingestion workflow. Comprehend is a fully managed service that detects and optionally redacts PII in text without requiring custom models or pipelines. This ensures that sensitive information is removed before content is passed to Amazon Bedrock for generation.

Amazon Rekognition image moderation is purpose-built for detecting unsafe or inappropriate visual content and integrates naturally into Step Functions workflows. Step Functions provides orchestration without requiring servers or long-running infrastructure, allowing the company to integrate text and image moderation steps in a clear, auditable pipeline.

Option A introduces redundant monitoring logic and alarms that do not directly enforce content safety. Option B requires building and maintaining custom SageMaker models, increasing complexity and operational burden. Option C applies moderation at authentication time and uses services like Textract that are not designed for content moderation, increasing latency and management overhead.

Therefore, Option D best satisfies content safety, PII protection, S3 integration, and minimal infrastructure management requirements.

Option B best meets all stated requirements by correctly combining PII protection, evaluation before launch, and data residency compliance using Amazon Bedrock Guardrails. Amazon Bedrock guardrails provide native sensitive information filtering that operates inline during model invocation, making them well suited for preventing personal data exposure in customer-facing AI assistants.

The requirement to evaluate how effective the AI assistant is at preventing exposure before release is best addressed by using mask mode during development and testing. Mask mode allows responses to be generated while automatically redacting detected personal information, making it easy for developers and reviewers to see where and how PII would have appeared. This provides concrete validation that the guardrail rules are correctly configured without fully blocking responses, which is ideal for quality assurance and pre-production evaluation.

For production, switching the guardrail to block mode ensures that responses containing personal information are fully prevented from being returned to users. This offers the strongest protection and aligns with compliance expectations for customer account data. Block mode is appropriate once confidence in the guardrail configuration has been established during testing.

The data residency requirement is addressed by deploying a copy of the guardrail in each AWS Region where the application operates. Amazon Bedrock guardrails are Region-specific resources, and using Region-local guardrails ensures that inference, filtering, and enforcement all occur within the same Region as the customer data. This avoids cross-Region processing and helps the company comply with regulatory and contractual data residency policies.

Option A and D incorrectly rely on cross-Region guardrails, which can violate data residency constraints. Option C focuses on topic filtering rather than sensitive information filtering and keeps detect mode enabled in production, which does not actively prevent PII exposure. Therefore, B is the only option that fully satisfies safety, compliance, and evaluation requirements.

Option B is the best solution because it directly addresses the Step Functions 256 KB state payload quota by externalizing large intermediate artifacts to Amazon S3 and passing only lightweight references (URIs/keys) between states. This is a standard AWS pattern for workflows that produce large intermediate results, and it avoids introducing additional databases, compression logic, or cross-state-machine coordination that increases operational overhead.

In a multi-agent ReAct workflow, intermediate reasoning traces can be verbose and grow quickly as each agent produces chain-of-thought style artifacts, structured outputs, and supporting evidence. Step Functions is designed to orchestrate state transitions and pass JSON payloads, but large payloads should be stored outside the state machine and referenced by pointer values. Using Amazon S3 for intermediate outputs is operationally efficient because the application already uses S3 for storage, and S3 provides durable, low-cost storage with simple access patterns.

ResultPath and ResultSelector allow each state to store or reshape results so that only the required reference fields (such as s3Uri, object key, metadata, trace IDs) are forwarded to subsequent states. This preserves observability because the workflow can still log trace references, correlate steps with S3 objects, and store structured metadata for debugging. It also preserves the sequential validation design, keeping the existing ReAct pattern intact while preventing failures due to oversized payloads.

Option A adds additional services and read/write patterns that increase operational complexity. Option C introduces custom compression/decompression logic that is fragile, adds latency, and complicates troubleshooting. Option D increases orchestration overhead by splitting workflows and coordinating with events, which makes debugging harder and increases failure modes.

Therefore, Option B meets the payload limit requirement while keeping the architecture simple and observable.

Option C best satisfies the requirement to change routing decisions without redeploying code while supporting complex, frequently changing business logic at scale. AWS AppConfig is designed for centrally managing dynamic configuration (feature flags, rules, thresholds, and policy parameters) and deploying changes safely. It supports controlled deployments, validation, and rapid propagation of updated configuration values, which aligns with “real-time cost metrics that change hourly” and the need for “immediate propagation across thousands of concurrent requests.”

In this design, the Lambda function becomes the policy decision point. For each request, it evaluates user attributes (tier, transaction value), context (regulatory zone, Region), and live cost/performance thresholds stored in AppConfig to determine which Amazon Bedrock FM to invoke. Because the routing rules and FM identifiers are delivered as configuration, the company can switch models, adjust A/B testing weights, or update compliance routing rules by deploying new AppConfig configuration versions rather than pushing new application code. This reduces operational risk and accelerates iteration.

Exposing a single API Gateway endpoint also minimizes client complexity and keeps routing logic server-side, which is important when rules change frequently. Lambda can cache configuration between invocations (within the execution environment) to reduce repeated fetch overhead while still picking up changes quickly, enabling both low latency and rapid rule rollout under high concurrency.

Option A relies on Lambda environment variables, which are not intended for frequent real-time updates and typically require function configuration updates that are slower and operationally brittle. Option B uses mapping templates and stage variables, which are limited for complex rule evaluation and safe rollout patterns. Option D misuses authorizers for business routing, adds extra latency and complexity, and complicates observability and error handling by splitting decisioning from execution.

Option C is the correct solution because it resolves throttling while preserving performance and avoiding fixed costs during low-traffic periods. Amazon Bedrock supports on-demand inference with usage-based pricing, making it well suited for applications with time-zone–dependent traffic spikes.

Throttling during peak hours typically occurs when inference requests exceed available regional capacity. Cross-Region inference allows Amazon Bedrock to automatically distribute requests across multiple AWS Regions, reducing contention and preventing throttling without requiring reserved or provisioned capacity. This approach ensures continuous operation while maintaining low latency for users in different geographic locations.

Invocation logging and native metrics such as InvocationThrottles, InputTokenCount, and OutputTokenCount provide visibility into usage patterns and capacity constraints. Monitoring these metrics enables teams to validate that traffic distribution is working as intended and that performance remains consistent during peak periods.

Option A introduces fixed hourly costs by relying on provisioned throughput, which directly violates the requirement to avoid unnecessary spend during low-traffic periods. Option B introduces regional failover complexity and reactive behavior instead of proactive load distribution. Option D does not address the root cause of throttling, as distributing traffic across model versions within the same Region does not increase available capacity.

Therefore, Option C best aligns with AWS Generative AI best practices for scalable, cost-efficient, global serverless applications.

Option C is the correct solution because it provides near real-time monitoring, hallucination detection, and cost anomaly awareness using built-in Amazon Bedrock and Amazon CloudWatch capabilities, with minimal custom development.

By configuring Amazon Bedrock invocation logging with text output logging, the company captures detailed prompt and response data for auditing and analysis without building custom logging pipelines. This data is stored in Amazon S3, providing durable storage for compliance and retrospective investigation.

Using Amazon Bedrock guardrails with contextual grounding checks allows the application to automatically detect hallucinations by verifying whether generated summaries are grounded in the provided clinical documents. This is the AWS-recommended approach for hallucination detection in RAG and summarization workloads and avoids the need to maintain custom evaluation models or pipelines.

Creating Amazon CloudWatch anomaly detection alarms for InputTokenCount and OutputTokenCount metrics enables automatic detection of abnormal token usage patterns that often correlate with runaway prompts, inefficient summarization, or prompt injection attempts. Anomaly detection adapts dynamically to usage trends, making it more effective than static thresholds for early cost warnings.

Option A introduces batch analytics with Glue and Athena, which is not near real time and increases operational overhead. Option B requires managing evaluation jobs and Lambda-based notification logic. Option D focuses on infrastructure-level monitoring and offline dashboards rather than near real-time GenAI quality and cost signals.

Therefore, Option C best meets the requirements with the least operational effort and maintenance overhead.

Option D is the correct solution because it directly evaluates multilingual output consistency and quality in an automated, scalable, and deployment-gating workflow. Amazon Bedrock model evaluation jobs are designed to run large-scale, repeatable evaluations against defined datasets and to produce quantitative metrics that can be used as objective release criteria.

The core issue is semantic inconsistency across languages for equivalent inputs. The most reliable way to detect this is to create standardized test conversations where each language version expresses the same intent and constraints. Running those tests through the updated model and comparing results with similarity metrics (for example, semantic similarity between expected and actual answers, or between language variants) surfaces regressions that infrastructure testing cannot detect.

Bedrock evaluation jobs support running evaluations at scale and are well suited for processing large datasets quickly. By parallelizing evaluation runs across languages and conversations, the company can meet the 45-minute requirement while executing at least 15,000 conversations. Because the process is standardized, it also allows consistent baseline comparisons across releases.

Applying hallucination thresholds ensures that answers remain grounded and do not introduce fabricated details, which is particularly important when language-specific behavior shifts after a model upgrade. Integrating evaluation jobs into the CI/CD pipeline enables fully automated execution on every model or configuration update. The pipeline can enforce a hard quality gate that blocks deployment if thresholds are not met, preventing regressions from reaching production.

Option A focuses on performance and infrastructure bottlenecks, not multilingual response quality. Option B is post-deployment and too slow to prevent regressions. Option C normalizes inputs but does not measure multilingual output equivalence or provide robust, quantitative gating.

Therefore, Option D best meets the automation, scale, timing, and deployment-blocking requirements.

The correct combination is C and D because together they enforce centralized governance over both model access and prompt content controls, which are the two core requirements of the scenario.

To ensure employees can use only approved Amazon Bedrock models, governance must be enforced at the organization level and not rely on individual application logic. Service Control Policies (SCPs) are the strongest control mechanism available in AWS Organizations because they define the maximum permissions an account or principal can have. In option C, the SCP prevents any Amazon Bedrock model invocation unless a centrally approved guardrail identifier is specified. This ensures that guardrails are always enforced, regardless of how or where the invocation originates. The additional use of IAM permissions boundaries ensures that even within allowed accounts, employees are restricted to invoking only explicitly approved foundation models.

To prevent specific topics and proprietary information from being included in prompts, Amazon Bedrock Guardrails must be used. Guardrails operate inline during model invocation and can block disallowed content before it is processed by the model. Option D correctly specifies a block filtering policy, which is appropriate when content must be prevented entirely rather than partially redacted. Deploying the guardrail using AWS CloudFormation StackSets allows the company to centrally manage and consistently deploy the same guardrail configuration across all accounts in the organization, ensuring uniform enforcement.

Option E uses mask filtering, which is better suited for redacting sensitive output rather than preventing prohibited content from being submitted in prompts. Option B attempts to use SCPs alone but does not enforce guardrail deployment or content filtering. Option A incorrectly places guardrail enforcement in permissions boundaries, which are not designed to validate request parameters such as guardrail identifiers.

By combining SCP-based enforcement with centrally deployed Bedrock guardrails, options C and D together provide strong, scalable, and centrally managed controls for both content safety and model governance across the organization.

Option B is the correct solution because it delivers end-to-end governance, security, and auditability across Amazon Bedrock, Amazon Rekognition, and the underlying data layer while meeting strict privacy and compliance requirements.

Using IAM attribute-based access control (ABAC) allows the company to control access to foundation models and data based on department, role, or workload attributes rather than static permissions. This is critical for controlling FM access patterns at scale. Enforcing specific ModelId and GuardrailIdentifier values with IAM condition keys ensures that only approved models and guardrails are used, which directly supports secure model I/O and governance requirements.

Configuring VPC endpoints for Amazon Bedrock ensures that all model invocations remain on private AWS network paths, reducing data exfiltration risk and supporting privacy standards. AWS CloudTrail captures both management and data events, providing a definitive audit trail of who accessed which resources and when. Sending logs to CloudTrail Lake enables centralized, long-term, queryable auditing across services.

Amazon S3 server access logging adds file-level visibility into video archive access, which is essential for compliance and forensic analysis. Amazon CloudWatch alarms provide near real-time detection of anomalous or unauthorized activity across Amazon Bedrock, Amazon Rekognition, and AWS KMS.

Option A focuses primarily on model-level tracing but lacks comprehensive IAM governance and S3 access auditing. Option C provides partial controls but lacks identity-aware auditing and model governance. Option D focuses on anomaly detection and classification but does not explicitly control FM access patterns.

Therefore, Option B best satisfies all stated requirements in a unified, auditable, and security-first architecture.

Option B is the correct evaluation configuration because it enables end-to-end assessment of both retrieval and generation quality while supporting direct comparison of chunking strategies and foundation models. Amazon Bedrock evaluation jobs are designed to support RAG workflows by evaluating how well retrieved context supports accurate and high-quality model outputs.

A retrieve-and-generate evaluation job evaluates the complete RAG pipeline, not just retrieval. This is essential for medical information use cases, where both the relevance of retrieved content and the correctness of generated responses directly impact user safety and trust. Including multiple chunking strategies in the evaluation dataset allows side-by-side comparison under identical prompts and conditions.

Custom precision-at-k metrics measure how effectively the retrieval component surfaces relevant chunks, while an LLM-as-a-judge metric provides qualitative scoring of generated responses. Using a numeric scale enables consistent, repeatable evaluation and supports automated quality gates. Amazon Bedrock supports LLM-based evaluators to score dimensions such as accuracy, completeness, and relevance.

Using the same evaluator model to assess outputs from both FMs ensures consistent scoring and eliminates evaluator bias. This configuration allows the company to define quantitative thresholds that must be met before deployment, enabling automated promotion through CI/CD pipelines.

Option A evaluates retrieval only and cannot assess generation quality. Option C introduces manual review, which does not scale and delays deployment. Option D separates retrieval and generation evaluation, making it harder to correlate chunking strategies with final output quality.

Therefore, Option B best meets the requirements for systematic evaluation, comparison, and quality enforcement in an Amazon Bedrock–based RAG system.

Option C is the correct solution because it uses a single, well-tuned Amazon Bedrock guardrail that applies different actions to different content types, which is the recommended approach for minimizing false positives while enforcing strong policy controls.

Setting content filters to medium rather than high reduces overblocking of benign customer conversations while still preventing harmful content. Amazon Bedrock guardrails are designed to balance precision and recall, and medium sensitivity is commonly recommended for customer-facing financial services use cases.

Denied topics explicitly prevent the assistant from discussing investment advice, which is a regulatory requirement. Including definitions and sample phrases improves detection accuracy and reduces ambiguity.

Sensitive information filters support different actions per context. Masking PII in responses preserves conversational usefulness for legitimate customer support while preventing exposure of sensitive data. Blocking sensitive financial information in inputs prevents downstream processing of disallowed content before it reaches the foundation model.

Critically, enabling both input and output evaluation ensures that guardrails are applied consistently at every stage of interaction. Custom blocked messages and audit logging provide clear compliance evidence for regulators and internal audits.

Option A causes excessive false positives by blocking all PII outright. Option B introduces unnecessary complexity and is not how Bedrock guardrails are intended to be applied. Option D uses orchestration logic that Bedrock guardrails already handle natively.

Therefore, Option C best satisfies enforcement, flexibility, auditability, and accuracy requirements.

Option B is the correct solution because Amazon Q Business natively supports access control lists (ACLs) for S3 data sources using a single, centralized JSON file that maps S3 prefixes to IAM Identity Center groups. This approach directly aligns with the company’s data organization model, where each department’s data is stored under a distinct S3 prefix and each employee belongs to exactly one department group.

Using a single acl.json file at the bucket root minimizes operational overhead by centralizing access control logic in one location. Administrators can update department mappings without touching individual folders or changing IAM permissions, which simplifies governance and reduces the risk of configuration drift. Amazon Q Business automatically evaluates the user’s IAM Identity Center group membership at query time and filters accessible documents accordingly.

Option A increases operational complexity by requiring a separate ACL file in every department folder, which becomes difficult to maintain as departments or prefixes change. Option C attempts to enforce access using IAM permissions sets, but Amazon Q Business access control for S3 data sources is not designed to be managed through IAM condition logic and would significantly increase complexity. Option D introduces a custom metadata structure that is not the supported mechanism for Amazon Q Business access enforcement.

Therefore, Option B provides the cleanest, most scalable, and AWS-recommended solution for enforcing department-based access control with the least operational effort.

Option C is the correct solution because it provides a secure, scalable, and standards-compliant way to expose an MCP server to an AI agent while enforcing strong user authorization. The Model Context Protocol supports HTTP-based transports for remote MCP servers, making Streamable HTTP the appropriate choice when the server is hosted as a managed service rather than a local process.

Hosting the MCP server in AWS Lambda enables automatic scaling and cost-efficient execution. By placing Amazon API Gateway in front of the Lambda function, the company creates a secure, managed HTTP endpoint that the AI agent can invoke reliably. This architecture cleanly separates transport, authentication, and business logic, which aligns with AWS serverless best practices.

Using Amazon Cognito to enforce OAuth 2.1 ensures that only authenticated and authorized users can access the MCP server. This satisfies security and compliance requirements when the MCP server handles sensitive user information. Cognito integrates natively with API Gateway, removing the need for custom authentication logic and reducing operational overhead.

Option A lacks user-level authorization controls. Option B and Option D rely on STDIO transport, which is intended for local or tightly coupled processes and is not suitable for distributed, serverless architectures. Option D also introduces security risks by handling credentials through environment variables.

Therefore, Option C best meets the requirements for secure access control, scalability, and correct MCP integration in an AWS-based AI agent architecture.

The correct answers are A and D because they collectively satisfy the requirements for structured inputs, consistent output formatting, and non-blocking detection of bullying language.

Option A is required because Amazon Bedrock Prompt Management enables prompt templates with explicit input variables and defined output formats. By defining the four required inputs as variables, the company ensures that every invocation of the Amazon Nova Pro FM receives the correct structured inputs. Specifying the output format ensures consistent responses, which is essential for a grants application workflow. Adding the managed prompt to the prompts node of the flow allows Bedrock Flows to invoke the model using this standardized configuration.

Option D addresses the requirement to receive notifications when bullying language is detected without blocking responses. Amazon Bedrock guardrails support content filters with configurable actions. By applying the insults content filter and setting the response action to detect, the system flags responses containing bullying or insulting language while still allowing the response to be returned. This enables monitoring, alerting, and auditing without interrupting application functionality.

Option B is incorrect because setting the filter response to block contradicts the requirement not to block all flagged responses. Option C introduces a prompt router, which is unnecessary because the application uses a single Amazon Nova Pro FM. Option E incorrectly attempts to enforce input variables and output formatting through an inference profile, which does not provide prompt-level variable enforcement or formatting guarantees.

Therefore, A and D together provide structured prompt management and non-blocking safety detection with minimal operational complexity.

Option B best meets the combined resiliency and observability requirements because it applies AWS-recommended retry behavior for transient throttling and enables true distributed tracing across service boundaries. During peak traffic, intermittent failures are commonly caused by throttling and other transient conditions. The AWS SDK standard retry mode provides exponential backoff with jitter, which reduces synchronized retry storms, prevents cascading failures, and improves overall system stability. Jitter is important because it spreads retry attempts over time, reducing load amplification during throttling events.

For observability, AWS X-Ray provides distributed tracing that follows a request across components such as API Gateway or load balancers, application services, and downstream calls to Amazon Bedrock. X-Ray can identify where latency is being introduced and which downstream call is contributing most to end-to-end response time. This is required to “identify latency contributors” and isolate performance issues under load.

The requirement also states that the company must correlate performance issues with specific FM characteristics. X-Ray annotations are designed for this purpose: the application can annotate traces with the model ID, inference parameters, region, or inference profile used. This enables filtering and analysis (for example, comparing latency or error patterns by model, parameter set, or endpoint configuration) without building a separate telemetry system.

Option A’s fixed-delay retries increase synchronized retry behavior and do not provide distributed tracing. Option C does not prevent cascading failures and cannot provide cross-service tracing. Option D is incorrect because CloudTrail is an audit logging service and does not provide distributed tracing for request latency analysis.

Therefore, Option B provides the correct combination of resilient retries and deep, model-correlated distributed observability for Amazon Bedrock workloads.

The combination of Options C and D delivers comprehensive, real-time observability for Amazon Bedrock workloads with the least operational overhead by relying on native integrations and managed services.

Amazon Bedrock publishes built-in CloudWatch metrics for model invocations and token usage. Option C leverages these native metrics directly, allowing teams to build centralized CloudWatch dashboards without additional data pipelines or custom processing. CloudWatch alarms provide threshold-based alerting for token consumption, enabling proactive cost and usage control across all foundation models. This approach aligns with AWS guidance to use native service metrics whenever possible to reduce operational complexity.

Option D complements CloudWatch by enabling advanced, stakeholder-specific visualizations through Amazon Managed Grafana. The zero-ETL integration allows Bedrock and CloudWatch metrics to be visualized directly in Grafana without building ingestion pipelines or managing storage layers. Grafana dashboards are particularly well suited for serving different audiences, such as engineering, finance, and product teams, each with customized views of token usage and trends.

Option A introduces unnecessary complexity by adding a business intelligence layer that is better suited for historical analytics than real-time operational monitoring. Option B is useful for deep log analysis but requires query maintenance and does not provide efficient real-time dashboards at scale. Option E involves multiple services and custom data flows, significantly increasing operational overhead compared to native metric-based observability.

By combining CloudWatch dashboards and alarms with Managed Grafana’s zero-ETL visualization capabilities, the company achieves real-time visibility, flexible dashboards, and automated alerting across all Amazon Bedrock foundation models with minimal operational effort.

Option A is the correct solution because it relies on native Amazon Bedrock capabilities to deliver transparency, auditability, scalability, and low latency with minimal operational overhead. Amazon Bedrock Knowledge Bases provide a fully managed Retrieval Augmented Generation (RAG) implementation that automatically handles document ingestion, embedding, retrieval, and source attribution, enabling the application to cite authoritative content without building custom pipelines.

Enabling tracing for Amazon Bedrock Agents provides end-to-end visibility into agent reasoning steps, tool usage, and model interactions. This satisfies the requirement for comprehensive audit trails and supports regulatory review in financial services environments. Structured prompts further ensure that responses explicitly present reasoning and supporting evidence in a controlled, auditable format.

Using Amazon API Gateway and AWS Lambda allows the application to scale automatically to thousands of concurrent users without capacity planning. These services are designed for bursty workloads and can easily support the stated requirement of up to 10,000 concurrent users. Amazon CloudFront reduces latency by caching and accelerating content delivery, helping the application meet the strict 2-second response-time requirement.

Option B introduces a custom RAG pipeline with OpenSearch, increasing operational complexity and maintenance effort. Option C lacks native RAG integration and does not provide transparent reasoning or citation management. Option D focuses on offline compliance reporting rather than real-time transparency and low-latency responses.

Therefore, Option A best meets all requirements while minimizing infrastructure and operational overhead.

Option C best satisfies the requirement for flexible FM testing across environments while minimizing operational complexity and aligning with AWS-recommended deployment practices. Amazon Bedrock supports invoking on-demand foundation models through the FoundationModel abstraction, which allows applications to dynamically reference different models without requiring dedicated provisioned capacity. This is ideal for experimentation and A/B testing in both development and production environments.

Using a single AWS CDK application ensures infrastructure consistency and reduces duplication. Environment-specific configuration, such as selecting different foundation model IDs, can be externalized through parameters, context variables, or environment-specific configuration files. This allows product owners to easily switch between FMs in each environment without modifying application logic.

A single AWS CodePipeline with distinct deployment stages for development and production is an AWS best practice for multi-environment deployments. It enforces consistent build and deployment steps while still allowing environment-level customization. AWS CodeBuild deploy actions enable automated, repeatable deployments, reducing manual errors and improving governance.

Option A increases complexity by introducing multiple pipelines and relies on provisioned models, which are not necessary for FM evaluation and experimentation. Provisioned throughput is better suited for predictable, high-volume production workloads rather than frequent model switching.

Option B creates unnecessary operational overhead by duplicating CDK applications and pipelines, making long-term maintenance more difficult.

Option D directly conflicts with infrastructure-as-code best practices by manually recreating development resources, which increases configuration drift and reduces reliability.

Therefore, Option C provides the most flexible, scalable, and AWS-aligned solution for testing and switching foundation models across development and production environments.

Option B is the correct solution because Amazon Bedrock Prompt Management is purpose-built to manage, govern, and standardize prompt usage at scale across teams and Regions. It provides native version control, allowing teams to track prompt changes over time and ensure that only approved versions are used in production workflows.

Prompt Management supports approval workflows that align with enterprise governance requirements. Approval permissions can be enforced through IAM policies, ensuring that only authorized reviewers can approve or publish prompt versions. This removes the need for custom workflow engines or external storage systems, significantly reducing operational overhead.

Parameterized prompt templates enable consistent prompt structure while allowing controlled variation through defined variables. This ensures consistent quality standards and reduces prompt drift, which is critical when hundreds of prompts are reused across multiple applications and teams.

AWS CloudTrail integrates natively with Amazon Bedrock to provide immutable audit logs for prompt creation, updates, approvals, and usage. These detailed audit trails satisfy compliance requirements and allow security and governance teams to trace prompt activity across Regions and users.

Option A requires significant custom development to coordinate approvals and maintain state. Option C relies on general-purpose workflow services and manual versioning mechanisms that are error-prone and difficult to scale. Option D uses services not designed for large-scale GenAI prompt governance and introduces unnecessary complexity.

Therefore, Option B best meets the requirements for scalable, auditable, and low-overhead governance of AI-generated content using Amazon Bedrock.

Option C is the correct solution because Amazon Bedrock guardrails are purpose-built to enforce defense-in-depth safety controls for GenAI applications with minimal operational overhead. Guardrails provide managed, policy-based enforcement that operates before prompts are sent to the foundation model and after responses are generated, which directly satisfies the requirement that PII must not be sent to the model and must not appear in outputs.

By configuring a sensitive information policy, the application can automatically detect and redact PII in user inputs and model responses without building custom preprocessing pipelines. This approach is more reliable and scalable than regex or prompt engineering techniques, which are brittle and error-prone for sensitive data handling.

The topic policy capability in Amazon Bedrock guardrails allows the bank to explicitly block investment advice topics, ensuring regulatory compliance. This policy-based approach is safer and more auditable than attempting to steer the model only through prompt instructions.

Using the Converse API enables structured, standardized interactions with the model and supports consistent logging of requests and responses. Enabling delivery logging and image logging to Amazon S3 ensures that all customer interactions, including documents and images, are captured in a durable, auditable storage layer. This directly supports compliance, regulatory audits, and forensic analysis.

Option A incorrectly relies on Amazon Macie, which is designed for data-at-rest discovery rather than real-time conversational filtering. Option B introduces custom Lambda pipelines and topic modeling, increasing operational complexity. Option D relies on regex and prompt engineering, which do not meet financial-grade compliance standards.

Therefore, Option C delivers the strongest security, governance, and auditability with the least operational effort.

Option A best satisfies the requirement to capture multi-hop, highly interconnected relationships with minimal operational overhead. Traditional vector similarity search excels at finding semantically similar text but is not optimized for reasoning over explicit entity-to-entity relationships, especially when analysts need indirect, multi-hop connections (for example, fund → holding → issuer → sector → regulation). Graph-based retrieval is designed specifically for these kinds of relationship traversals.

GraphRAG combines retrieval-augmented generation with graph-aware context selection. By representing entities and their relationships in a graph store, the system can traverse multiple hops to assemble a holistic set of relevant facts. This improves completeness and reduces the chance that the model misses indirect relationships that are essential for accurate investment guidance.

Amazon Neptune Analytics provides a managed graph analytics environment capable of efficiently traversing and analyzing complex relationship networks. When integrated with Amazon Bedrock Knowledge Bases, it reduces custom engineering by providing managed ingestion, retrieval, and orchestration patterns suitable for GenAI applications. This lowers operational overhead compared to building and maintaining custom multi-stage retrieval logic.

Meeting the sub-3-second requirement is also more feasible with a graph-optimized engine because multi-hop traversals can be executed efficiently compared to chaining multiple vector searches and joining results in an application layer. The managed nature of Knowledge Bases and Neptune Analytics reduces maintenance, scaling, and operational burden while enabling strong performance.

Option B and C require extensive custom logic and orchestration, increasing complexity and latency. Option D is not designed for graph-style multi-hop exploration and would require significant custom indexing and retrieval logic.

Therefore, Option A is the most AWS-aligned and operationally efficient approach for multi-hop relationship-aware RAG with strong performance.

Option B meets the requirement to combine scalable automated evaluation with targeted human oversight using managed AWS GenAI capabilities. Amazon Bedrock evaluations enable systematic, repeatable quality assessment across large volumes of interactions. Using an LLM-as-a-judge approach with a strong evaluator model such as Anthropic Claude Sonnet allows the company to automatically score outputs for dimensions like factual accuracy, conversational appropriateness, and policy alignment. This directly supports “automated quality evaluations at scale” without building custom scoring models.

However, financial recommendations add higher risk because regulatory compliance requires additional enforcement beyond general quality scoring. Amazon Bedrock guardrails provide a dedicated policy enforcement layer that can block or intervene when responses violate compliance constraints. Guardrails are particularly important for preventing disallowed financial guidance patterns and ensuring consistent behavior across deployments.

The requirement also calls for “targeted human reviews of critical interactions.” Amazon Augmented AI (A2I) is a managed human review service that supports routing specific items to human reviewers based on rules or confidence thresholds. In this design, the system can automatically send only high-risk or policy-flagged interactions to qualified financial experts for review, keeping human effort focused where it matters most while maintaining scale.

Option A is not scalable because it requires manual review of all responses. Option C relies on static rules and end-user feedback, which is insufficient for regulatory compliance and factual accuracy assurance. Option D provides monitoring but not structured quality evaluation or policy enforcement.

Therefore, Option B provides the most complete, AWS-aligned solution for scalable evaluation plus human oversight in a regulated financial context.

Option A is the correct answer because Amazon Bedrock Flows is purpose-built to orchestrate generative AI workflows that combine data access, deterministic transformations, and model invocation with minimal operational overhead. The requirements explicitly state that the workflow must retrieve content from Amazon S3, extract a specific portion of a predefined template, send that portion to an Amazon Bedrock model, and store the model’s response back into the same S3 bucket. Amazon Bedrock Flows natively supports all of these steps.

By configuring S3 action nodes at the beginning and end of the flow, the workflow can retrieve the original communications and persist the reviewed output without custom code. The expression step allows deterministic parsing of a specific portion of the template, which is essential when only part of the message should be reviewed. This avoids relying on generative logic for parsing, which would be less predictable and harder to audit. The agent step is then used specifically for the review task, where the foundation model evaluates or modifies the extracted content.

Option B uses AWS Step Functions, which can achieve similar outcomes but requires more explicit orchestration logic and does not provide GenAI-native constructs such as expressions and agent steps in a single managed experience. Options C and D rely on Amazon Bedrock agents and AWS Lambda functions to handle parsing and data movement, which increases complexity, operational overhead, and maintenance burden.

Because Amazon Bedrock Flows directly integrates S3 actions, parsing expressions, and model review steps in a single managed workflow, Option A best meets the requirements with the least development and operational effort.

Option B best meets the requirement for reusable, versioned, and consistently governed components across multiple business units because it implements “platform-level standardization” through infrastructure as code plus automated compliance enforcement before deployment. Standardized CloudFormation templates provide reusable building blocks for security controls (identity, networking boundaries, encryption), observability practices (metrics, logs, traces), and RAG deployment patterns (knowledge base integration, ingestion pipelines, retrieval controls). This aligns with AWS guidance to operationalize well-architected patterns through repeatable templates rather than ad hoc implementations.

A centralized repository enables version control, change review, and governance of templates across all five business units. This satisfies the “versioned” and “reusable” requirements and provides a single source of truth for approved architectures. Integrating a CI/CD pipeline ensures that deployments are consistent and automated, reducing drift between business units and Regions.

CloudFormation Guard is most effective when used as a preventive control in the pipeline, not only after deployment. By running Guard rules during build or pre-deploy stages, the organization can enforce mandatory security and observability configurations and block noncompliant changes before they reach production. This supports consistent governance while still enabling business units to deploy quickly.

Option A performs compliance validation after deployment, which allows policy violations to be deployed first and remediated later. Option C provides governed provisioning but requiring console-based deployment reduces automation and can slow standardized CI/CD adoption; it also adds an additional governance layer that is not required to meet the stated needs. Option D is not enforceable and does not provide reusable, versioned, governed components.

Therefore, Option B provides the strongest, most scalable, and most consistently governed approach for standardized GenAI deployments across business units.

Option B is the correct solution because AWS AppConfig is specifically designed to support dynamic configuration management with safe rollout, validation, and rollback, which are explicit requirements in the scenario.

By storing the active model provider configuration in AWS AppConfig, the company can switch between Amazon Bedrock model providers in real time without redeploying Lambda code. AppConfig supports deployment strategies such as canary releases, linear rollouts, and immediate deployments, allowing safe and controlled changes. If a configuration causes issues, AppConfig supports automatic rollback, reducing operational risk.

AWS AppConfig also supports schema validation, ensuring that configuration values such as model identifiers, provider names, or inference parameters are valid before being applied. This prevents misconfiguration from impacting production workloads.

Option A uses Parameter Store, which lacks native rollout strategies, validation, and automated rollback, making it unsuitable for safe real-time switching. Option C requires manual routing changes and code coupling, increasing operational overhead and deployment risk. Option D introduces unnecessary complexity by hosting configuration files in Amazon S3 when AppConfig already supports native hosted configurations.

Therefore, Option B provides the most robust, scalable, and low-maintenance solution for dynamic model switching in a serverless Amazon Bedrock inference architecture.

Option C is the correct solution because it directly addresses the root cause of the problem—overly broad retrieval—while requiring minimal architectural change. Amazon Bedrock Knowledge Bases support metadata-aware filtering, which allows the system to constrain retrieval queries based on indexed metadata such as content type, publication date, source, or category.

By indexing Amazon S3 object metadata, the company can restrict vector searches to relevant subsets of the corpus, such as recent emergency reports, specific content formats, or trusted sources. This significantly reduces the number of documents evaluated during retrieval, which improves both latency and result relevance without changing embedding models or retrieval infrastructure.

This approach aligns with AWS best practices for optimizing RAG systems: when embeddings are already strong, retrieval quality is often improved by narrowing the candidate set rather than increasing model complexity. Metadata filtering reduces noise and ensures that retrieved documents are more contextually aligned with user queries.

Option A requires retraining or adapting embedding models, which the company has already determined will not provide additional benefit. Option B introduces a migration to OpenSearch, which adds operational overhead and deviates from the existing Bedrock knowledge base architecture. Option D requires moving to a different indexing service, increasing complexity and implementation effort.

Therefore, Option C provides the most effective and low-effort solution to improve retrieval accuracy and performance in the existing Amazon Bedrock RAG system.

The correct combination is A, D, and F because these guardrail features directly map to the stated financial compliance and governance requirements.

Option A is required because denied topics guardrails are explicitly designed to block entire categories of requests, such as requests for guaranteed returns or specific stock recommendations. These are regulatory-sensitive scenarios where partial filtering is insufficient and full blocking is required to prevent violations.

Option D is correct because custom word filters are the appropriate guardrail mechanism to block references to specific competitor names. Content filters are category-based (such as hate, sexual, or violence-related content) and are not suitable for blocking organization-specific competitor references. Custom word filters allow precise blocking at both input and output stages.

Option F is required because a high grounding score threshold enforces that model outputs must be strongly supported by approved source material. This prevents the AI assistant from making speculative or unfounded claims that are not aligned with the company’s approved financial guidance, which is critical in regulated financial environments.

Option B is incorrect because content filters do not target domain-specific financial advice patterns. Option C is incorrect for the same reason—competitor names are not a content filter category. Option E would weaken factual grounding and increase hallucination risk.

Therefore, A, D, and F together provide topic blocking, competitor exclusion, and factual grounding enforcement.

The correct answers are B and C because they directly address hallucination reduction while maintaining high throughput and low latency.

Option B reduces hallucinations at their source by grounding model outputs in verified content through Retrieval Augmented Generation (RAG). Using an Amazon Bedrock knowledge base with semantic chunking ensures that long technical documents are broken into meaningfully coherent sections. This allows the model to retrieve only the most relevant chunks, rather than processing an entire document in one pass, which significantly improves factual accuracy and reduces cognitive overload on the model. This approach scales efficiently and supports processing more than 1,000 documents per hour.

Option C adds a defense-in-depth safety layer by using Amazon Bedrock guardrails to detect and block hallucination-like output patterns. Guardrails operate at inference time with minimal performance overhead, making them suitable for low-latency requirements. While guardrails do not eliminate hallucinations entirely, they effectively prevent unsafe or clearly fabricated outputs from reaching users.

Option A increases latency and cost due to explicit reasoning steps and does not scale well for high-throughput workloads. Option D increases randomness and worsens hallucinations. Option E repeats the existing flawed approach.

Therefore, Options B and C together provide scalable grounding and runtime protection that meet accuracy, performance, and throughput requirements.

Option C is the correct solution because it directly addresses both correctness and performance issues by grounding the model’s responses in authoritative product data using Retrieval Augmented Generation. Amazon Bedrock Knowledge Bases are designed to connect foundation models to trusted enterprise data sources, ensuring that generated responses are constrained to known, validated content.

By ingesting the product catalog into a knowledge base, the GenAI application retrieves only products that actually exist in the catalog. This prevents hallucinated or unavailable recommendations, which is a common issue when models rely solely on prompt instructions without retrieval grounding. RAG ensures that the model’s output is based on retrieved facts rather than learned generalizations.

Setting the PerformanceConfigLatency parameter to optimized enables Bedrock to prioritize lower-latency retrieval and inference paths, improving responsiveness for real-time recommendation scenarios. This directly addresses the reported performance issues without requiring provisioned throughput or caching strategies that are ineffective for mostly unique interactions.

Option A improves safety and latency predictability but does not ensure recommendations are limited to valid products. Option B relies on prompt constraints, which are not sufficient to prevent hallucinations. Option D introduces additional validation and caching layers but increases complexity and does not improve generation relevance.

Therefore, Option C best resolves both relevance and latency challenges using AWS-native, low-maintenance GenAI integration patterns.

Option B is the correct solution because it provides a scalable, durable, and secure architecture for conversational GenAI workloads that require multi-step clarification workflows and persistent memory.

AWS Step Functions Standard workflows are designed for long-running, stateful workflows with high reliability, which is ideal for clarification loops that may require multiple back-and-forth interactions. The Wait for a Callback pattern allows the workflow to pause while awaiting additional user input, making it well-suited for handling ambiguous queries without losing execution state.

Storing conversation history in Amazon DynamoDB enables millisecond-latency reads and writes at massive scale, supporting thousands of concurrent users. DynamoDB’s on-demand capacity mode automatically scales with traffic, eliminating capacity planning. Server-side encryption ensures that stored conversation data is encrypted at rest, meeting security and compliance requirements for personalized data.

Option A uses Step Functions Express and Amazon RDS, which is not ideal for long-lived conversational workflows and introduces scaling and connection management challenges. Option C stores conversations as individual S3 objects, which increases latency and complicates context retrieval. Option D relies on Amazon ElastiCache, which is optimized for ephemeral caching rather than durable, auditable conversation history.

Therefore, Option B best balances scalability, performance, durability, and security for a conversational Amazon Bedrock–based customer support application.

Option B best meets all requirements because it combines AWS-recommended resiliency patterns for transient failures with streaming-aware handling and adaptive protection against cascading retries during peak load. When timeouts and throttling occur, naïve retries can amplify traffic and worsen outages. Exponential backoff with jitter is the standard AWS best practice because it spreads retry attempts over time, reduces synchronized retry storms, and lowers the probability of repeatedly colliding with service limits.

The requirement also states the strategy must “adapt to changing service availability” and “prevent overwhelming Amazon Bedrock.” A circuit breaker pattern directly addresses this by temporarily stopping or reducing retries when failure rates exceed a threshold, allowing the system to degrade gracefully instead of continually hammering the service. This is a key mechanism to prevent cascading failures during throttling events.

Because the application uses response streaming and experiences broken chunks, the retry strategy must be streaming-aware. A streaming response handler that detects chunk delivery timeouts and buffers already received chunks prevents the user from losing progress when a connection drops. Resuming from the last successfully received chunk minimizes redundant generation and reduces additional load on the model compared with restarting the entire stream. This supports better user experience and better service efficiency during intermittent failures.

Token-aware request handling is supported in this architecture because the application can apply token budgeting before invoking the model (for example, trimming or summarizing excessive context) while still preserving streaming output behavior. Option B provides the correct backbone for this by focusing on adaptive control and robust streaming recovery.

Option A is too simplistic and risks retry storms. Option C combines conflicting elements (global token limit, cached completions for streaming) and includes impractical “request only missing chunks” behavior that is not a reliable property of streamed generative output. Option D includes useful ideas (load shedding) but relies on static caps and does not provide as strong adaptive retry control as circuit breaking.

Therefore, Option B is the most correct and operationally safe strategy for peak-load Bedrock streaming workloads.

Option A is the most appropriate design because it provides scalable multi-agent orchestration, clear domain separation, and strong governance with minimal operational complexity. A supervisor-agent pattern is a standard AWS-recommended approach for multi-agent systems: one agent performs intent classification and routing, while specialized agents handle domain-specific tasks.

Isolating data with separate knowledge bases ensures that each specialized collaborator agent retrieves only the information relevant to its department. This improves response accuracy, reduces hallucinations, and supports privacy controls because clinical content, claims content, and scheduling content can have different access policies. IAM-based filtering ensures that each agent has permission only to the knowledge base it is authorized to use.

Routing patient inquiries through a supervisor agent supports high concurrency and extensibility. New departments or features can be added by introducing new collaborator agents and knowledge bases without redesigning the entire system. Because routing is handled centrally, changes in classification logic do not require updates across many independent supervisors.

Using RAG within each collaborator agent ensures that responses are grounded in department-approved information sources, which is critical in healthcare settings to reduce unsafe or incorrect guidance. This approach also improves performance because each retrieval scope is smaller and more relevant, supporting thousands of parallel interactions.

Option B introduces manual handoffs that do not scale. Option C relies on rule-based routing inside one general agent, which becomes brittle and difficult to govern as complexity grows. Option D mixes all departments into a single knowledge base and merges responses externally, increasing risk of incorrect domain answers and operational overhead.

Therefore, Option A best meets the scalability, correctness, and multi-agent onboarding requirements.