Explanation:
Option C is the correct solution because it uses a single, well-tuned Amazon Bedrock guardrail that applies different actions to different content types, which is the recommended approach for minimizing false positives while enforcing strong policy controls.
Key reasons why Option C is correct:
Medium sensitivity for content filters: Setting content filters to medium rather than high reduces overblocking of benign customer conversations while still preventing harmful content. This minimizes false positives while maintaining security.
Comprehensive denied topics configuration: Explicitly setting up denied topics for investment advice with clear definitions and sample phrases improves detection accuracy and reduces ambiguity, which is crucial for regulatory compliance.
Differentiated PII handling: Configuring sensitive information filters to mask PII in responses (protecting customer data) while blocking financial information in inputs (preventing inappropriate discussions) provides multiple handling strategies for different types of sensitive content.
Audit trail capability: Enabling both input and output evaluations with custom blocked messages creates comprehensive audit trails for compliance reporting.
Single guardrail approach: Using a single, well-configured guardrail is more efficient and maintainable than multiple guardrails, and Amazon Bedrock guardrails are designed to handle multiple content types with different actions within a single configuration.
Why other options are incorrect:
Option A: Setting content filters to high for all categories would likely create excessive false positives, blocking legitimate customer service conversations. Also, blocking all PII rather than masking it may be too restrictive for customer service scenarios.
Option B: Creating multiple guardrails with tiered policies adds unnecessary complexity. Amazon Bedrock guardrails are designed to handle multiple content types and actions within a single configuration, making multiple guardrails redundant and harder to manage.
Option D: Creating separate guardrails for each use case and chaining them with Step Functions is overly complex and inefficient. Amazon Bedrock guardrails can handle all these requirements in a single configuration, and chaining guardrails would increase latency and complexity without providing additional benefits.
Ultimate access to all questions.
No comments yet.
A financial services company is developing a customer service AI assistant by using Amazon Bedrock. The AI assistant must not discuss investment advice with users. The AI assistant must block harmful content, mask personally identifiable information (PII), and maintain audit trails for compliance reporting. The AI assistant must apply content filtering to both user inputs and model responses based on content sensitivity.
The company requires an Amazon Bedrock guardrail configuration that will effectively enforce policies with minimal false positives. The solution must provide multiple handling strategies for multiple types of sensitive content.
Which solution will meet these requirements?
A
Configure a single guardrail and set content filters to high for all categories. Set up denied topics for investment advice and include sample phrases to block. Set up sensitive information filters that apply the block action for all PII entities. Apply the guardrail to all model inference calls.
B
Configure multiple guardrails by using tiered policies. Create one guardrail and set content filters to high. Configure the guardrail to block PII for public interactions. Configure a second guardrail and set content filters to medium. Configure the second guardrail to mask PII for internal use. Configure multiple topic-specific guardrails to block investment advice and set up contextual grounding checks.
C
Configure a guardrail and set content filters to medium for harmful content. Set up denied topics for investment advice and include clear definitions and sample phrases to block. Configure sensitive information filters to mask PII in responses and to block financial information in inputs. Enable both input and output evaluations that use custom blocked messages for audits.
D
Create a separate guardrail for each use case. Create one guardrail that applies a harmful content filter. Create a guardrail to apply topic filters for investment advice. Create a guardrail to apply sensitive information filters to block PII. Use AWS Step Functions to chain the guardrails sequentially.