Databricks Certified Generative AI Engineer Associate — Question 88

A Generative AI Engineer is deploying a customer-facing, fine-tuned LLM on their public website. Given the large investment the company put into fine tuning this model, and the proprietary nature of the tuning data, they are concerned about model inversion attacks.

Which of the following Databricks AI Security Framework (DASF) risk mitigation strategies are most relevant to this use case?

Answer options

• A. Implement AI guardrails to allow users to configure and enforce compliance
• B. Leverage Databricks access control lists (ACLs) to configure permissions for accessing models
• C. Use secure model features with Databricks Feature Store
• D. Apply attribute-based access controls (ABAC) to limit unauthorized access

Correct answer: B

Explanation

The correct answer is B because leveraging Databricks access control lists (ACLs) is crucial for managing permissions and ensuring that only authorized users can access the fine-tuned model, thereby mitigating the risk of model inversion attacks. Options A, C, and D, while relevant to security, do not specifically address the need for strict access control to protect proprietary model data.