Basic Concept: Protecting a released AI model from unauthorized modification requires controlling who can interact with it and at what privilege level. IAM-integrated API access provides granular, auditable control over model interactions. CompTIA SecAI+ Study Guide covers model protection through identity and access management integration.
Why D is Correct: Integrating an API with IAM roles ensures that all interactions with the model are authenticated and authorized according to precisely defined permissions. IAM roles enforce the principle of least privilege, ensuring users can query the model only within authorized scope and cannot modify model parameters, weights, or configuration. API-level access provides an abstraction layer that protects the underlying model from direct access while enabling controlled, auditable interactions.
Why A is Wrong: Changing to an LLM with guardrails addresses model behavior safety but does not protect the model artifacts themselves from tampering or unauthorized modification. It changes the model type rather than implementing access controls.
Why B is Wrong: Providing secure copies for local runtime distributes model copies to multiple endpoints, significantly increasing the attack surface for tampering. Each local copy represents a potential point of unauthorized modification.
Why C is Wrong: Restricting access to IT professionals is overly broad and vague. IT professionals may still need varying levels of access for different purposes, and generic role-based access without IAM integration and API mediation provides insufficient granularity to prevent unintentional modification.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit