AWS Certified Generative AI Developer - Professional

Get started today

Ultimate access to all questions.

Explanation:

Option A is the correct solution because it comprehensively addresses all requirements:

End-to-end data lineage: AWS Glue Data Catalog is specifically designed for data cataloging and lineage tracking across various data sources, providing metadata management and lineage capabilities.
Real-time PII filtering: Amazon Bedrock Guardrails includes built-in PII filters that can detect and filter sensitive information in real-time during inference calls.
Audit trails: AWS CloudTrail provides comprehensive logging of all API calls, including Amazon Bedrock operations, creating a complete audit trail.
Automated compliance reporting: Amazon Macie scans stored data for sensitive information, publishes findings to CloudWatch Logs, and CloudWatch dashboards can visualize these findings and generate automated reports.

Why other options are incorrect:

Option B: AWS Config tracks configuration changes, not data lineage. AWS WAF is for web application firewall protection, not real-time PII filtering in Bedrock. Amazon Comprehend Medical is for medical text analysis, not real-time PII filtering.
Option C: AWS DataSync is for data transfer, not lineage tracking. Session Manager logs user sessions, not comprehensive audit trails. Textract is for document text extraction, not real-time PII filtering.
Option D: Amazon Athena is for querying data, not tracking lineage. CloudWatch metrics and X-Ray are for monitoring and tracing, not comprehensive audit trails. Rekognition Custom Labels is for image/video analysis, not real-time PII filtering in text data.

Explanation:

Option A is the correct solution because it comprehensively addresses all requirements:

End-to-end data lineage: AWS Glue Data Catalog is specifically designed for data cataloging and lineage tracking across various data sources, providing metadata management and lineage capabilities.
Real-time PII filtering: Amazon Bedrock Guardrails includes built-in PII filters that can detect and filter sensitive information in real-time during inference calls.
Audit trails: AWS CloudTrail provides comprehensive logging of all API calls, including Amazon Bedrock operations, creating a complete audit trail.
Automated compliance reporting: Amazon Macie scans stored data for sensitive information, publishes findings to CloudWatch Logs, and CloudWatch dashboards can visualize these findings and generate automated reports.

Why other options are incorrect:

Option B: AWS Config tracks configuration changes, not data lineage. AWS WAF is for web application firewall protection, not real-time PII filtering in Bedrock. Amazon Comprehend Medical is for medical text analysis, not real-time PII filtering.
Option C: AWS DataSync is for data transfer, not lineage tracking. Session Manager logs user sessions, not comprehensive audit trails. Textract is for document text extraction, not real-time PII filtering.
Option D: Amazon Athena is for querying data, not tracking lineage. CloudWatch metrics and X-Ray are for monitoring and tracing, not comprehensive audit trails. Rekognition Custom Labels is for image/video analysis, not real-time PII filtering in text data.

Comments (0)

No comments yet.

A medical company is creating a generative AI (GenAI) system by using Amazon Bedrock. The system processes data from various sources and must maintain end-to-end data lineage. The system must also use real-time personally identifiable information (PII) filtering and audit trails to automatically report compliance.

Which solution will meet these requirements?

Real Exam

Community

DDucse

Last updated: April 21, 2026 at 14:02

Use AWS Glue Data Catalog to register all data sources and track lineage. Use Amazon Bedrock Guardrails PII filters. Enable AWS CloudTrail logging for all Amazon Bedrock API calls with Amazon S3 integration. Use Amazon Macie to scan stored data for sensitive information and publish findings to Amazon CloudWatch Logs. Create CloudWatch dashboards to visualize the findings and generate automated compliance reports.

66.7%