Databricks Certified Generative AI Engineer Associate — Question 47

A Generative AI Engineer is ready to deploy an LLM application written using Foundation Model APIs. They want to follow security best practices for production scenarios.

Which authentication method should they choose?

Answer options

• A. Use OAuth machine-to-machine authentication
• B. Use an access token belonging to service principals
• C. Use an access token belonging to any workspace user
• D. Use a frequently rotated access token belonging to either a workspace user or a service principal

Correct answer: B

Explanation

The correct answer is B because using an access token belonging to service principals ensures that the application is using a secure, non-user-specific token, which is more appropriate for production environments. Option A is incorrect as OAuth machine-to-machine authentication may not be necessary for all scenarios, while option C is less secure since it relies on user credentials. Option D, while it suggests frequent rotation, still involves user tokens which can pose security risks compared to service principal tokens.