Free Amazon AIP-C01 Exam Dumps May 2026

Option D is the correct solution because it relies primarily on managed, purpose-built AWS services and minimizes custom infrastructure and model management. Amazon Bedrock guardrails provide native, configurable content safety controls that can block or redact disallowed content before or after model inference. This directly ensures that the platform does not process or produce inappropriate outputs while maintaining low operational overhead.

Using Amazon Comprehend PII detection as a preprocessing step integrates cleanly with an Amazon S3--based ingestion workflow. Comprehend is a fully managed service that detects and optionally redacts PII in text without requiring custom models or pipelines. This ensures that sensitive information is removed before content is passed to Amazon Bedrock for generation.

Amazon Rekognition image moderation is purpose-built for detecting unsafe or inappropriate visual content and integrates naturally into Step Functions workflows. Step Functions provides orchestration without requiring servers or long-running infrastructure, allowing the company to integrate text and image moderation steps in a clear, auditable pipeline.

Option A introduces redundant monitoring logic and alarms that do not directly enforce content safety. Option B requires building and maintaining custom SageMaker models, increasing complexity and operational burden. Option C applies moderation at authentication time and uses services like Textract that are not designed for content moderation, increasing latency and management overhead.

Therefore, Option D best satisfies content safety, PII protection, S3 integration, and minimal infrastructure management requirements.

Option C best meets the requirements by combining native Amazon Bedrock logging with adaptive monitoring and minimal operational overhead. Amazon Bedrock model invocation logging can be sent directly to CloudWatch Logs, where detailed fields such as InputTokenCount, OutputTokenCount, and tool invocation metadata are captured for each request.

CloudWatch metric filters allow extraction of structured metrics from logs, including tool-specific token consumption patterns. By defining filters per tool integration, the company can isolate which tools are responsible for increased token usage without building custom log-processing pipelines.

CloudWatch anomaly detection provides automatic baseline modeling and dynamic thresholds based on historical traffic patterns. Unlike static alarms, anomaly detection adapts as usage evolves, making it ideal for applications with changing workloads or seasonal usage patterns. This directly satisfies the requirement to automatically adjust thresholds as traffic patterns change.

When abnormal token consumption occurs, anomaly detection alarms trigger immediately, enabling rapid investigation and remediation. Because this solution uses fully managed AWS services without custom analytics jobs or manual threshold tuning, it significantly reduces operational effort.

Option A fails to adapt to changing patterns. Option B introduces batch analysis and delayed insights. Option D requires manual intervention and custom code, increasing maintenance burden.

Therefore, Option C provides the most scalable, adaptive, and low-maintenance solution for monitoring and controlling token consumption in Amazon Bedrock--based applications.

Option A is the most appropriate design because it provides scalable multi-agent orchestration, clear domain separation, and strong governance with minimal operational complexity. A supervisor-agent pattern is a standard AWS-recommended approach for multi-agent systems: one agent performs intent classification and routing, while specialized agents handle domain-specific tasks.

Isolating data with separate knowledge bases ensures that each specialized collaborator agent retrieves only the information relevant to its department. This improves response accuracy, reduces hallucinations, and supports privacy controls because clinical content, claims content, and scheduling content can have different access policies. IAM-based filtering ensures that each agent has permission only to the knowledge base it is authorized to use.

Routing patient inquiries through a supervisor agent supports high concurrency and extensibility. New departments or features can be added by introducing new collaborator agents and knowledge bases without redesigning the entire system. Because routing is handled centrally, changes in classification logic do not require updates across many independent supervisors.

Using RAG within each collaborator agent ensures that responses are grounded in department-approved information sources, which is critical in healthcare settings to reduce unsafe or incorrect guidance. This approach also improves performance because each retrieval scope is smaller and more relevant, supporting thousands of parallel interactions.

Option B introduces manual handoffs that do not scale. Option C relies on rule-based routing inside one general agent, which becomes brittle and difficult to govern as complexity grows. Option D mixes all departments into a single knowledge base and merges responses externally, increasing risk of incorrect domain answers and operational overhead.

Therefore, Option A best meets the scalability, correctness, and multi-agent onboarding requirements.