AWS Certified AI Practitioner Practice Exam

Which AWS service helps a financial institution comply with regulatory standards by preventing internet access in a VPC?

• A. AWS PrivateLink
• B. Amazon Macie
• C. Amazon CloudFront
• D. Internet gateway

The correct answer is: AWS PrivateLink

The correct answer is AWS PrivateLink because it provides a way to connect a Virtual Private Cloud (VPC) to compatible services without exposing traffic to the public internet. This is particularly beneficial for financial institutions that need to comply with regulatory standards, as it allows them to maintain a secure environment where sensitive data can be accessed and processed without the risks that come from internet exposure. AWS PrivateLink establishes private connectivity between VPCs and AWS services, keeping all traffic within the AWS network. This feature effectively prevents internet access, thereby enhancing security and compliance posture by adhering to necessary data governance protocols. In contrast, the other options are not focused on restricting internet access in a VPC. For example, Amazon Macie is a security service that uses machine learning to discover, classify, and protect sensitive data in AWS, but it does not inherently prevent internet access. Amazon CloudFront is a content delivery network (CDN) that accelerates the delivery of data to users globally and typically introduces internet access rather than restricting it. An Internet gateway is used to allow communication between instances in a VPC and the internet, enabling internet access rather than preventing it. Overall, AWS PrivateLink is tailored for securely managing connections and maintaining compliance by eliminating potential external threats from the internet