AWS Certified Machine Learning Engineer - Associate (MLA-C01)

Low precision means many predicted leaks are false alarms (high FP relative to TP). While the scenario tolerates more false alarms than missed leaks, you still don’t “prioritize low precision” as a goal; it’s merely a possible trade-off you accept to achieve high recall. The objective is to reduce false negatives, not to intentionally increase false positives.

High precision focuses on ensuring that when the model predicts a leak, it is usually correct (minimizing false positives). That would reduce $300 checks and downtime, but those costs are tiny compared to the $120,000 average cost of missing a real leak. Optimizing for precision risks increasing false negatives, which is unacceptable in a safety-critical refinery context.

Low recall indicates the model misses many true leaks (high false negatives). This is the opposite of what the business needs because false negatives carry the dominant cost ($120,000 incidents). A model with low recall could look good on accuracy if leaks are rare, but it would be dangerous operationally and economically in this setting.

ECR cross-account replication copies images to other registries/regions/accounts. This violates the requirement to avoid duplicating or migrating container images. It also does not create a governance catalog with approval states, lineage metadata, or a centralized audit trail for model registration decisions. Replication solves distribution, not model lifecycle governance.

A central ECR repository with replication from producer accounts explicitly duplicates images into the governance account, which the question forbids. Even if it centralizes storage, ECR alone lacks native constructs for model version governance (beyond tags), approval workflows (Approved/Pending/Rejected), and model lineage metadata. You would need additional services to approximate a registry.

AWS Glue Data Catalog is designed for datasets (tables, schemas, partitions) and discovery via crawlers, not for container images and ML model governance. Crawling ECR is not a standard Glue pattern, and Glue does not natively support model approval workflows, model package versioning semantics, or MLOps lineage/audit requirements in the way SageMaker Model Registry does.

Tagging model packages could add domain metadata, but it is not the best fit for organizing the existing assets at scale in the way the question describes. Applying tags to more than 1,200 model package versions creates significant operational overhead and requires ongoing maintenance for every new version. Tags also organize individual resources through metadata rather than providing a clear structural grouping of model groups by domain. Because the requirement is to improve discoverability without changing current group memberships, collections are the more direct and scalable native feature.

Creating new model groups and moving existing models into them violates the explicit requirement not to modify current model group memberships. Model package versions are associated with their model groups, so moving them would change the existing organizational structure and could disrupt downstream processes. This would also introduce unnecessary migration effort and risk for a large inventory of models. Therefore, this option clearly fails the stated constraints.

SageMaker ML Lineage Tracking is used to capture relationships among datasets, jobs, models, and deployments for traceability and reproducibility. It does not automatically determine business domains such as pricing optimization, search relevance, or fraud detection, nor does it serve as a domain-based organizational layer for Model Registry assets. Even if lineage metadata exists, it would not replace an explicit mechanism for grouping model groups for discoverability. As a result, this option does not meet the requirement.

Image classification predicts one label (or a probability distribution over labels) for an entire image. It does not localize objects or output bounding-box coordinates. It could answer questions like “does this image contain ripe fruit?” but cannot return (x_min, y_min, x_max, y_max) for each fruit instance. Therefore it does not meet the localization and multi-instance detection requirements.

XGBoost in SageMaker is a gradient-boosted decision tree algorithm primarily used for tabular data (classification/regression) with engineered features. It does not natively process raw 4K images to produce bounding boxes. While you could theoretically extract image features elsewhere and train a separate model, that would not directly satisfy the object localization requirement and is not the intended SageMaker algorithm for this use case.

k-NN is a simple instance-based algorithm used for classification or regression on vector/tabular data. It is not a computer vision localization model and does not output bounding boxes from raw images. Even if embeddings were used, k-NN would typically return nearest labels, not spatial coordinates for multiple objects. It does not align with the required detection output format.

Increasing the learning rate (eta) makes each boosting step larger and typically helps fit the training data faster, not generalize better. When a model already achieves extremely high training AUC/precision, a higher eta often increases overfitting and can reduce validation performance. In XGBoost, improving generalization usually involves lowering eta (and increasing number of rounds) rather than raising it.

Removing irrelevant features can reduce overfitting, but it changes the feature space, which the prompt explicitly disallows. Also, the described overfitting is more consistent with excessive model capacity (deep trees memorizing sparse one-hot patterns) than with a few irrelevant features. In exam terms, this option is a feature-engineering/data-prep action, not the best hyperparameter-only fix requested.

Increasing max_depth increases tree complexity and the model’s ability to memorize training data. With max_depth already at 10 and training metrics near-perfect, deeper trees would almost certainly worsen the generalization gap. This is the opposite of what you want when validation AUC and precision collapse on a held-out week and on new impressions.

Incorrect. This approach requires training and deploying custom models in SageMaker for transcription and then training/deploying an LLM for summarization. It directly violates the requirement to avoid model training and significantly increases engineering effort and delivery time (data labeling, model selection, tuning, hosting, MLOps). SageMaker is appropriate when you need custom models or full control, not for fastest managed summarization.

Incorrect. Amazon Rekognition analyzes images and videos for labels, faces, text-in-image, and moderation; it is not the service for speech-to-text transcription from audio tracks. Therefore it cannot reliably “convert the media into English text” for podcasts and conference recordings. Even though Bedrock + Claude is suitable for summarization, the ingestion/transcription component is wrong, making the pipeline infeasible.

Incorrect. Amazon Comprehend performs NLP on text (entities, key phrases, sentiment, classification) but does not transcribe audio/video into text, so it cannot handle MP3/MP4 inputs. Additionally, Stable Diffusion is an image generation model, not a text summarization model, so it cannot produce German-language summaries from text. This option misaligns services to tasks and fails core requirements.

Accuracy measures the proportion of correct predictions and is primarily used for classification problems with discrete labels (e.g., spam vs. not spam). For a continuous target like smartphone resale price, there is no natural concept of “correct” unless you artificially bin prices into categories, which would change the problem. Accuracy also would not report error in USD, so it does not meet stakeholder requirements.

Area Under the ROC Curve (AUC) evaluates how well a binary classifier ranks positive examples above negative ones across all thresholds. It is not designed for regression and does not output an error magnitude in the same units as the target. Even if you converted the problem into a classification task (e.g., above/below a price), AUC would measure ranking quality, not average absolute dollar error.

F1 score is the harmonic mean of precision and recall for classification tasks, especially useful with imbalanced classes. It requires discrete class labels and a decision threshold, neither of which naturally exist for predicting a continuous resale price. F1 does not provide an error in USD and would only apply if the problem were reframed into categories (e.g., low/medium/high price), which the question does not indicate.

Amazon CloudWatch focuses on infrastructure and application observability (CPU, memory, network, logs, alarms). While useful for monitoring SageMaker training job resource utilization and troubleshooting performance bottlenecks, it does not compute fairness or bias metrics such as demographic parity difference across protected groups. CloudWatch cannot analyze training data distributions or compare prediction outcomes by sensitive attributes without significant custom implementation outside its intended purpose.

AWS Glue DataBrew is a visual data preparation service that can profile data and apply transformations via recipes. It can help clean data, handle missing values, and generate summary statistics, which may support downstream bias mitigation efforts. However, DataBrew does not natively provide formal bias/fairness metrics on training data and batch predictions (e.g., demographic parity difference) nor produce standardized bias reports for ML governance like SageMaker Clarify does.

AWS Lambda can automate preprocessing steps (validation, normalization, feature engineering triggers) and enforce consistent input quality, but it does not provide built-in bias detection or fairness metric computation across protected groups. Implementing demographic parity difference calculations in Lambda would require custom code, careful statistical definitions, and governance artifacts. The question asks for a solution that provides this level of analysis directly, which aligns with SageMaker Clarify.

SageMaker Debugger primarily helps during training and (to a limited extent) inference monitoring by collecting tensors/metrics and applying rules to detect issues like overfitting or vanishing gradients. It is not intended to mirror live production inference requests to a separate model version for side-by-side output comparison. It also does not inherently guarantee zero impact on production decisions or provide the shadow-evaluation workflow required here.

Blue/green with all-at-once traffic shifting moves 100% of production traffic to the new model immediately. That would directly affect production user decisions and risks violating the latency SLO if the new model is slower. It also prevents a controlled 24-hour evaluation period where the old model remains the sole decision-maker. This is a deployment strategy, not a no-impact evaluation method.

Canary shifting (e.g., 10% for 24 hours) is useful for gradual rollouts and monitoring, but it still routes a portion of real users to the new model’s responses. That violates the requirement to not affect any production user decisions. Additionally, even a small percentage can introduce user-visible latency or quality changes. Canary is for controlled release, not shadow evaluation.

Incorrect. Sharing models with SageMaker Canvas is intended within the same SageMaker domain so that Studio/Canvas users can access shared resources governed by that domain’s roles and settings. Different domains typically imply separate user profiles, roles, and resource boundaries, which would make sharing harder, not a requirement. The question explicitly says they are in the same domain.

Incorrect. AWS Marketplace is for distributing products (including ML models) to external customers/accounts under commercial terms. It is not used for internal sharing between users in the same SageMaker domain. Marketplace publishing adds unnecessary packaging, legal, and billing constructs unrelated to Canvas discovery.

Incorrect. Deploying to a SageMaker real-time endpoint is not a prerequisite for sharing a model with Canvas. Canvas can evaluate and work with models via managed workflows and governed model artifacts; hosting is a separate lifecycle step. Endpoints are relevant for real-time inference, not for making a model discoverable for no-code evaluation/tuning.

SageMaker built-in algorithms can reduce ML engineering effort when your use case matches the provided algorithm and input format. However, they do not “run your existing TensorFlow scripts.” Migrating proprietary DICOM preprocessing and a custom segmentation pipeline into a built-in algorithm workflow typically requires significant refactoring and data transformation, which conflicts with the requirement to preserve existing code and move quickly within 2 weeks.

Bring-your-own-container (BYOC) works for maximum flexibility (custom OS packages, niche dependencies, unsupported framework versions). But it requires building, testing, securing, and maintaining a Docker image, plus ensuring CUDA/cuDNN compatibility for GPU. Under a 2-week deadline and with a mainstream framework like TensorFlow, BYOC is usually more effort than necessary compared to SageMaker’s prebuilt TensorFlow DLC + Script Mode.

AWS Marketplace models may accelerate prototyping, but they rarely match specialized radiology segmentation requirements and do not preserve the startup’s proprietary training code and preprocessing. Adapting third-party models to proprietary DICOM pipelines and domain-specific labeling often takes substantial effort and introduces licensing/compliance concerns. It also doesn’t directly address the requirement to migrate existing training and inference scripts with minimal change.

Blue/green with all-at-once traffic shifting requires the new green environment to be fully provisioned and ready before 100% of traffic is cut over. For an endpoint currently running on 8 instances, this effectively requires enough additional capacity to stand up the replacement fleet before the switch. Because only 1 extra instance is available, there is not enough capacity to prepare a full green fleet for an all-at-once cutover. Therefore this option does not satisfy the stated capacity constraint.

A shadow test mirrors a percentage of production requests to a shadow variant, but the shadow responses are not returned to users and the deployment is intended for validation rather than production cutover. It still requires separate capacity to run the shadow model in parallel, and it does not itself perform the controlled replacement of the production model version. The question asks for a deployment strategy that transitions versions with zero downtime, not just a test mechanism. Therefore shadow testing does not meet the full deployment requirement.

A rolling deployment updates endpoint instances in batches, replacing old instances with new ones over time, but it is not the best match for the requirement that both old and new model versions be hosted during the transition using the original 8 instances plus exactly 1 extra instance. The question specifically emphasizes traffic-safe coexistence of versions during transition, which is what blue/green canary is designed for. Rolling deployment is more about incremental in-place replacement and does not map as cleanly to the explicit 10% extra-capacity pattern implied by 1 additional instance out of 8. For this reason, rolling batch size 1 is less appropriate than blue/green canary.

Step Functions can orchestrate AWS Batch and SageMaker Pipelines with explicit control flow (submit job, wait, then start pipeline). However, the question explicitly says not to introduce state machines, which rules Step Functions out despite being a valid architecture. It also adds operational overhead in terms of workflow definition, state management, and potentially more complex error handling than an event-driven trigger.

SageMaker Processing steps take inputs from data sources such as S3 (or FSx/EFS), not from AWS Batch job ARNs. Pipelines cannot directly “consume” a Batch job as an input artifact by ARN. The correct integration point is the S3 outputs produced by Batch, which should be passed as pipeline parameters or discovered by convention, not by referencing Batch job identifiers as processing inputs.

Callback steps are designed for human approval or external systems to signal completion back to the pipeline via a callback token. Using them to run AWS Batch would require an external component (e.g., Lambda or a custom service) to start the Batch job and then call back when it finishes. That introduces extra moving parts and operational overhead, and it is not the simplest way to react to an already-running Batch job’s success event.

Incorrect. IAM groups cannot be associated directly with SageMaker notebook instances. Groups are a mechanism to assign permissions to IAM users, not to AWS compute/service identities. Even if engineers are in a group, the notebook instance still uses its execution role for AWS API calls, so changing a group would not reliably centralize the notebook’s runtime permissions.

Incorrect and insecure. Using a single IAM user’s long-term credentials in notebook instances is against AWS best practices (risk of key exposure, rotation burden, lack of per-session credentials). Attaching AdministratorAccess violates the requirement to avoid broad admin privileges and breaks least-privilege principles. SageMaker is designed to use execution roles with temporary credentials, not embedded access keys.

Incorrect. This combines multiple flawed ideas: IAM groups still cannot be attached to notebook instances, and granting AdministratorAccess is explicitly broader than required. While roles can be assumed by principals (users/groups via policies), the notebook instance itself needs an execution role; associating a group with a role does not automatically make the notebook use that role, and it does not meet least privilege.

Incorrect. Excluding retrieval results that contain “Project Raven” is a retrieval-time mitigation, not a response-time guarantee. It can reduce exposure but cannot ensure the phrase never appears, because the model could still generate the phrase from other retrieved passages, user prompts, or partial context. The requirement demands deterministic response-time blocking.

Incorrect. Building a new Amazon Kendra index that omits documents containing “Project Raven” violates the constraint “without modifying the existing index” (re-indexing/rebuilding is effectively modifying the indexing approach). It also still doesn’t provide a strict response-time guarantee if the phrase can be introduced via prompts or other sources.

Incorrect. Document attribute boosting only changes ranking/relevance (deprioritization) and is not a security control. Even if content mentioning “Project Raven” is ranked lower, it can still be retrieved and used in generation, and the model could still output the phrase. Compliance requires an absolute block, not probabilistic relevance tuning.

Incorrect. Batch Transform is used for offline/batch inference, not for running distributed training jobs. Enabling encrypted communications for Batch Transform would not affect the network traffic patterns of a SageMaker training cluster (e.g., gradient exchange, MPI/NCCL collectives). The requirement explicitly targets a distributed training run and inter-node coordination traffic, which Batch Transform settings do not cover.

Incorrect. Providing a KMS key in the training job request primarily enables encryption at rest (e.g., EBS volumes used by training instances and/or output artifacts written to S3, depending on configuration). While important for storage security, it does not ensure that inter-node or framework coordination traffic during distributed training is encrypted in transit. The question explicitly focuses on in-transit encryption during the run.

Incorrect. A KMS key for a SageMaker Studio Domain governs encryption at rest for Studio-related storage (e.g., EFS volume for user home directories) and certain Studio resources. It does not control the runtime network encryption behavior of a separate SageMaker distributed training job cluster. The requirement is specific to training job in-transit traffic, not Studio domain storage encryption.

Incorrect. AWS KMS encryption controls data-at-rest protection for EBS volumes and other encrypted resources, but it does not govern SageMaker notebook instance OS-level settings like RootAccess. Key policies can restrict who can use a CMK, not whether a notebook is created with root enabled. This does not meet the requirement to prevent root access configuration.

Incorrect. EventBridge + Lambda deletion is reactive remediation. A notebook with root access could exist for seconds (or longer if the function fails), violating “must never be created” and “proactively block.” It also introduces operational risk (missed events, throttling, retries) and does not provide a hard preventive guardrail at request authorization time.

Incorrect. CloudFormation stack event detection only applies to resources created through CloudFormation, not those created via Console/CLI/SDK or Service Catalog products that may not be CloudFormation-based. Even when applicable, deleting after stack creation/update is still reactive and allows a noncompliant resource to exist temporarily, failing the proactive prevention requirement.

S3 bucket versioning keeps multiple variants of objects to protect against accidental overwrites/deletes and to support rollback. It does not control who can access which objects. Even with versioning enabled, any principal with s3:GetObject on an object key can still read it, and any principal with s3:PutObject can still write. Versioning is a durability/recovery feature, not an access control mechanism for department isolation.

S3 Object Lock enforces write-once-read-many (WORM) retention and legal holds to prevent objects from being deleted or overwritten for a retention period. It is used for compliance and immutability, not for scoping read/write permissions by user or department. Object Lock cannot prevent an engineer from reading another department’s data if their IAM permissions allow it, so it does not meet the isolation requirement.

CORS rules in S3 define which web origins (domains) can make browser-based requests to S3 and which methods/headers are allowed. SageMaker Studio notebooks and training jobs access S3 using AWS SDKs and IAM credentials/roles, not browser cross-origin calls that CORS governs. Therefore, CORS does not enforce per-prefix authorization and will not block engineers from accessing other departments’ prefixes.

Incorrect. SageMaker Model Monitor focuses on ongoing model governance signals such as data quality, drift, bias, and (optionally) model quality when ground truth is available. It does not directly measure endpoint cold-start or initialization latency. Scheduling Model Monitor jobs would not help confirm whether the extra 400 ms is due to model startup versus inference logic.

Incorrect. Even if CloudWatch metrics are enabled for Model Monitor outputs, Model Monitor is still the wrong tool for diagnosing serverless inference cold starts. The question is about request latency decomposition at the endpoint runtime, which is provided by SageMaker endpoint CloudWatch metrics, not by Model Monitor job metrics.

Incorrect. ModelLoadingWaitTime is not the best metric for validating whether the latency spike is caused by cold-start setup overhead. A wait-time metric suggests time spent waiting for model loading or resources, but it does not as directly represent the full initialization and setup phase as ModelSetupTime does. The question asks how to confirm whether startup time is the cause, so the metric that explicitly measures setup is the better choice. On the exam, prefer the metric whose name and purpose most precisely match the suspected issue.