AIP-C01 — AWS Certified Generative AI Developer – Professional Scenario Practice Guide

This guide is for candidates preparing for the AWS Certified Generative AI Developer – Professional (AIP-C01) exam. It focuses on how to read scenario-based questions, isolate the real decision point, and choose the most defensible answer from the facts provided.

It is independent exam-preparation guidance and is not affiliated with AWS.

How to Think About AIP-C01 Scenario Questions

AIP-C01 scenarios often describe an application team building, securing, deploying, optimizing, or troubleshooting a generative AI solution on AWS. The question usually is not asking, “Which option could work?” It is asking, “Which option best satisfies the stated business goal, technical requirement, and operational constraint?”

A strong answer usually aligns with all of these:

• The user or business goal
• The current AWS environment
• The data source and model interaction pattern
• Security, privacy, and governance requirements
• Latency, cost, reliability, and operational overhead constraints
• The specific symptom, if the question is troubleshooting
• The wording of the final ask, such as “most secure,” “least operational effort,” “lowest latency,” or “best way to improve accuracy”

Your job is to translate the scenario into requirements before evaluating the answers.

Start With the Final Sentence

Before reading every detail, look at the last sentence or the actual question stem. It usually tells you what decision you are making.

Common AIP-C01 decision types include:

• Choose the best generative AI architecture.
• Select the right AWS service or feature.
• Improve model response quality.
• Secure access to prompts, outputs, models, tools, or data.
• Build a retrieval-augmented generation solution.
• Configure an agent or tool-calling workflow.
• Reduce latency or cost.
• Troubleshoot incorrect, unsafe, slow, or inconsistent responses.
• Add monitoring, logging, evaluation, or governance.
• Decide whether to use prompting, RAG, fine-tuning, agents, or traditional application logic.

After you read the final ask, turn it into a short sentence:

• “I need the safest way to let a model answer from private documents.”
• “I need to reduce latency without changing application behavior.”
• “I need to troubleshoot why the model is not using the latest knowledge base content.”
• “I need to let a generative AI app call backend APIs with least privilege.”

That sentence becomes your anchor. Every answer choice should be judged against it.

Build a Scenario Snapshot

After reading the question, summarize the scenario in five parts. This prevents you from overreacting to a single keyword.

1. Environment

Identify what already exists.

Look for:

• AWS account, Region, or multi-account setup
• Amazon Bedrock, Amazon SageMaker, Lambda, API Gateway, Step Functions, S3, DynamoDB, OpenSearch, Aurora, KMS, IAM, CloudWatch, or CloudTrail
• Existing application type, such as chatbot, assistant, document processor, summarizer, agent, content generator, or code assistant
• Network boundaries, such as private subnets, VPC endpoints, or internet access restrictions
• Data locations, such as S3 buckets, databases, ticket systems, CRM data, logs, or document repositories
• Current model behavior, prompt design, inference configuration, or deployment approach

Ask: What is already in place, and what am I allowed to change?

2. Goal or Symptom

Separate design goals from troubleshooting symptoms.

Design goals may include:

• Answer user questions from internal documents
• Generate marketing copy in a brand voice
• Summarize legal, support, medical, or technical documents
• Build an assistant that performs actions through APIs
• Extract structured fields from unstructured text
• Classify or route user requests
• Generate code, test cases, SQL, or reports
• Personalize responses based on user context

Troubleshooting symptoms may include:

• Hallucinated or unsupported answers
• Outdated answers
• Missing citations
• Slow responses
• High token costs
• Inconsistent output format
• Tool calls failing
• Access denied errors
• Sensitive data appearing in responses
• Poor retrieval relevance
• Model responses that ignore system instructions

Ask: Am I choosing a design, improving quality, securing access, or diagnosing a failure?

3. Data and Knowledge Source

Generative AI scenarios often turn on where the model should get its knowledge.

Identify whether the answer should rely on:

• The model’s general training knowledge
• Prompt context supplied at inference time
• A private document corpus
• A vector index or search service
• Structured records in databases
• Real-time API calls
• A curated training or customization dataset
• User-specific session context
• Logs, metrics, or evaluation results

Ask: Is the problem about model behavior, external knowledge, or application integration?

4. Hard Constraints

Hard constraints override convenient options.

Examples:

• Must keep data private
• Must use least privilege
• Must avoid public internet exposure
• Must support auditability
• Must preserve source attribution
• Must answer from current internal documents
• Must meet low-latency requirements
• Must reduce operational overhead
• Must support human review
• Must block unsafe categories of output
• Must avoid exposing one user’s data to another user
• Must integrate with existing AWS identity, logging, encryption, or network controls

Ask: Which facts are non-negotiable?

5. Optimization Preference

Once the hard requirements are satisfied, use the preference to choose between plausible options.

Common preferences include:

• Lowest operational overhead
• Lowest cost
• Lowest latency
• Highest accuracy
• Strongest security posture
• Easiest integration
• Best scalability
• Best auditability
• Most maintainable architecture

Ask: If several answers work, which one best matches the stated optimization?

Match the Generative AI Pattern to the Requirement

Many AIP-C01 scenarios are easier once you identify the correct solution pattern.

Prompt Engineering

Use prompt engineering when the model already has enough general capability, and the problem is about instructions, formatting, tone, or task framing.

Good fit when the scenario says:

• Responses need a specific structure.
• The model needs clearer instructions.
• The output should include JSON, bullets, summaries, or classifications.
• The task is general and does not require private or frequently changing knowledge.
• The team wants a low-effort improvement before changing architecture.

Prompt engineering may involve:

• System instructions
• Few-shot examples
• Output schemas or formatting rules
• Clear role and task definitions
• Constraints on length, tone, and style
• Separating context from instructions
• Validating output in application code

Prompting alone is usually not the best fit when the scenario requires current private data, source citations, strict authorization, or backend actions.

Retrieval-Augmented Generation

Use retrieval-augmented generation, often called RAG, when the model must answer using external knowledge supplied at runtime.

Good fit when the scenario says:

• The application must answer from internal documents.
• Content changes frequently.
• Responses need citations or traceability.
• The model is hallucinating facts not found in company material.
• Users ask questions over manuals, policies, tickets, contracts, runbooks, or knowledge articles.
• The team does not want to retrain or customize the model for every content update.

A defensible RAG answer usually includes:

• A document ingestion process
• Chunking or parsing strategy
• Embeddings
• A vector store or search index
• Retrieval filtering
• A prompt that grounds answers in retrieved context
• Optional citations or source references
• IAM, encryption, and data access controls
• Monitoring of retrieval and answer quality

If the scenario emphasizes “latest company documents,” “source attribution,” or “private knowledge base,” think RAG before fine-tuning.

Model Customization or Fine-Tuning

Consider model customization when the desired behavior is repeated, specialized, and learnable from examples.

Good fit when the scenario says:

• The organization has many high-quality labeled examples.
• The model must consistently follow a domain-specific style or classification pattern.
• Prompting produces inconsistent behavior even after refinement.
• The task is stable, repeated, and not mainly about frequently changing facts.
• The goal is to improve task-specific performance rather than inject current knowledge.

Customization is less likely to be the best answer when:

• The main issue is outdated knowledge.
• The content changes daily or weekly.
• The scenario requires citations from source documents.
• The requirement is simply to include a small amount of context in a prompt.
• The team wants the lowest possible operational complexity and managed RAG would satisfy the goal.

Agents and Tool Use

Use agents or tool-calling patterns when the model must reason about a user request and invoke actions through approved tools or APIs.

Good fit when the scenario says:

• The assistant must check order status, create tickets, update records, or query systems.
• The model must choose between multiple actions.
• The solution needs orchestration across APIs.
• The user’s natural language request must be translated into backend operations.
• The app must validate, authorize, and execute actions.

A secure agent scenario should include:

• Clearly defined tools or action groups
• Narrow permissions for each backend action
• Input validation
• User identity and authorization checks
• Logging of tool requests and results
• Guardrails for unsafe or unauthorized requests
• Human approval when actions are sensitive or irreversible

Do not assume the model itself is the authorization boundary. Backend systems should enforce authorization.

Traditional Application Logic or ML

Not every AI-sounding scenario needs generative AI.

Traditional logic or non-generative ML may be better when:

• The output must be deterministic.
• The task is simple classification or routing with clear rules.
• The application needs exact calculations.
• The system must enforce policy decisions with no ambiguity.
• The requirement is data validation, access control, or transactional processing.

On exam scenarios, be ready to choose a simpler deterministic control when the question emphasizes strict enforcement, exactness, or compliance.

Interpret AWS Service Clues Carefully

AIP-C01 scenarios may mention AWS services directly or describe needs that imply a service category. Focus on what the service does in the architecture, not just whether its name appears in an answer.

Amazon Bedrock-Oriented Scenarios

Amazon Bedrock is commonly relevant when a scenario involves using foundation models, building managed generative AI applications, adding RAG, applying guardrails, or integrating model invocation into AWS workloads.

Bedrock-related answers may be strong when the scenario requires:

• Access to foundation models through a managed AWS service
• Serverless-style model invocation
• Managed generative AI application components
• Knowledge base integration for RAG
• Agent-style orchestration
• Guardrails or safety controls
• Integration with IAM, monitoring, encryption, and application services

When comparing Bedrock options, ask:

• Is the problem model invocation, retrieval, agent orchestration, safety, or evaluation?
• Does the answer address the data source and permissions?
• Does it reduce operational overhead when the scenario asks for that?
• Does it include the control needed by the question, such as grounding, guardrails, or tool access?

Amazon SageMaker-Oriented Scenarios

SageMaker may be relevant when the scenario involves broader ML development, training, customization, hosting, experiment tracking, pipelines, model evaluation, or a more custom ML lifecycle.

SageMaker-oriented answers may be stronger when:

• The team needs custom training or fine-tuning workflows.
• The scenario emphasizes ML pipelines or model lifecycle management.
• The workload needs custom containers or specialized deployment patterns.
• The organization already uses SageMaker for ML governance or operations.
• The problem is not just invoking a foundation model through a managed API.

When the scenario says “least operational overhead” and the task is standard foundation model use, a more managed generative AI service pattern may be more defensible than building custom infrastructure.

Storage, Retrieval, and Vector Search

For RAG scenarios, identify the role of each component:

• S3 or another repository stores source documents.
• An ingestion process extracts and chunks text.
• An embedding model converts text into vectors.
• A vector store or search service retrieves relevant chunks.
• The prompt combines retrieved context with the user question.
• The model generates an answer grounded in retrieved content.
• Application logic validates format, citations, and permissions.

If a question asks why answers are irrelevant or outdated, inspect the retrieval path:

• Were documents ingested?
• Were embeddings generated after document changes?
• Are chunks too large, too small, or poorly structured?
• Are metadata filters excluding the right documents?
• Is the prompt telling the model to answer only from retrieved context?
• Are user permissions applied before retrieval or response generation?

Serverless and Application Integration

Generative AI applications often sit behind normal application services.

Look for:

• API Gateway for exposing APIs
• Lambda for lightweight request handling
• Step Functions for multi-step orchestration
• EventBridge for event-driven workflows
• SQS or SNS for decoupling
• DynamoDB or Aurora for application state
• S3 for document storage or batch inputs
• Secrets Manager for credentials
• CloudWatch for logs and metrics
• CloudTrail for audit events

When the scenario emphasizes “least operational overhead,” serverless and managed services are often more defensible than self-managed compute, assuming they meet the technical requirements.

Read Security Requirements Before Picking Architecture

Security facts are not decorative. In AIP-C01 scenarios, security, privacy, and governance often determine the best answer.

Least Privilege

For any solution that invokes models, accesses documents, calls tools, or writes outputs, identify the principal and permissions.

Ask:

• Which IAM role does the application use?
• Which service needs access to the model?
• Which component reads source documents?
• Which component writes logs, outputs, or embeddings?
• Which tool or API can the agent invoke?
• Are permissions scoped to only required resources and actions?

A broad admin-style permission is rarely the most defensible answer when a least-privilege option is available.

Data Protection

Look for data handling requirements:

• Encryption at rest
• Encryption in transit
• KMS key use
• Secret storage
• PII or sensitive data redaction
• Data retention
• Access to prompts and completions
• Logging controls
• Separation between tenants, users, departments, or customers

If a scenario says prompts contain sensitive data, the best answer may involve multiple controls: restrict access, encrypt data, avoid unnecessary logging, use appropriate network paths, and apply guardrails or filters where relevant.

Network Controls

If the scenario mentions private subnets, no internet access, or restricted egress, do not ignore it.

Evaluate whether the answer:

• Keeps traffic within approved network paths
• Uses private connectivity where required
• Avoids exposing public endpoints unnecessarily
• Allows required service access without opening broad outbound internet access
• Preserves monitoring and auditability

A solution can be functionally correct but fail the scenario if it violates a network isolation requirement.

Guardrails and Safety Controls

Guardrails or safety controls are relevant when the scenario requires:

• Blocking harmful or unsafe output
• Reducing toxic, violent, sexual, or otherwise disallowed content
• Preventing certain categories of user input
• Adding topic restrictions
• Enforcing application-specific response boundaries
• Reducing the chance of sensitive information appearing in responses

Guardrails do not replace IAM, encryption, application authorization, or retrieval filtering. Use the control that matches the risk.

Separate Constraint From Preference

Scenario wording often mixes hard constraints and softer preferences. Treat them differently.

Hard constraints:

• “Must”
• “Must not”
• “Required”
• “Cannot”
• “Only”
• “Without exposing”
• “Ensure”
• “Comply with the company policy”
• “No public internet access”
• “Users can access only their own documents”

Preferences:

• “Minimize”
• “Reduce”
• “Improve”
• “Prefer”
• “Cost-effective”
• “Low operational overhead”
• “As quickly as possible”
• “Simple to maintain”

Use this order:

1. Eliminate answers that violate hard constraints.
2. Eliminate answers that do not solve the stated goal.
3. Compare remaining answers by the optimization preference.
4. Choose the answer that is complete but not unnecessarily complex.

Example:

A company needs a customer support assistant to answer from internal product manuals updated weekly. Answers must include source references. The team wants the lowest operational overhead.

• Hard requirements: internal manuals, weekly updates, source references.
• Preference: lowest operational overhead.
• Strong pattern: managed RAG with document ingestion, embeddings, retrieval, and cited context.
• Weak pattern: fine-tune a model every week, because the main issue is changing knowledge and source traceability.

Choose the Least Disruptive Fix in Troubleshooting Scenarios

When a question describes a broken or degraded system, do not jump to rebuilding the architecture. Find the failing layer.

Common Layers to Inspect

For a generative AI workload, failures often occur in one of these places:

1. User input or prompt construction
2. Retrieval and context assembly
3. Model invocation
4. Inference parameters
5. Tool or agent configuration
6. IAM or resource permissions
7. Network access
8. Data encryption or key permissions
9. Output parsing or validation
10. Monitoring, logging, or evaluation

The best troubleshooting answer usually targets the first layer that explains the symptom.

Symptom: The Model Hallucinates Answers

Possible causes to evaluate:

• No retrieval source is being used.
• Retrieved context is irrelevant.
• Prompt does not instruct the model to use only retrieved context.
• The model is asked to answer beyond available information.
• Temperature or generation settings are too permissive for the task.
• The application does not validate citations or source grounding.

Most defensible direction:

• Improve grounding through RAG, retrieval quality, prompt constraints, and response validation before assuming model customization is required.

Symptom: Answers Are Outdated

Possible causes to evaluate:

• Source documents were not re-ingested.
• Embeddings were not refreshed.
• The vector index is stale.
• Retrieval filters point to old document versions.
• The prompt includes cached or outdated context.
• The application is using model general knowledge instead of current company content.

Most defensible direction:

• Fix the ingestion, indexing, retrieval, or caching path. Fine-tuning is usually not the best first response to frequently changing knowledge.

Symptom: Access Denied

Possible causes to evaluate:

• The application role lacks permission to invoke the model.
• A service role lacks permission to read documents.
• KMS key policy blocks decryption.
• A resource policy does not allow access.
• A VPC endpoint policy is too restrictive.
• The agent or tool role lacks permission for the backend action.

Most defensible direction:

• Identify the principal making the failed call and grant the minimum required permission to the specific resource.

Symptom: High Latency

Possible causes to evaluate:

• Prompt context is too large.
• The selected model is larger than necessary.
• Output length is excessive.
• Retrieval is slow or unfiltered.
• The workflow calls multiple services serially.
• The application waits synchronously for long-running work.
• Capacity or throughput is not aligned with traffic patterns.

Most defensible direction:

• Reduce unnecessary tokens, choose an appropriate model, optimize retrieval, use streaming or asynchronous processing when appropriate, and scale the serving path to the workload.

Symptom: Cost Is Too High

Possible causes to evaluate:

• Too many input or output tokens
• Overly large model for the task
• Repeated calls for the same result
• Inefficient chunking or retrieval
• Unbounded conversation history
• Unnecessary reprocessing of documents
• Excessive logging of large payloads
• Using custom infrastructure when a managed service would satisfy the requirement

Most defensible direction:

• Reduce token usage, cache or reuse results where safe, select a fit-for-purpose model, optimize retrieval, and align compute or throughput choices with usage patterns.

Symptom: Output Format Is Inconsistent

Possible causes to evaluate:

• Prompt does not define a schema.
• Examples are missing or conflicting.
• Model settings allow too much variation.
• Application does not validate output.
• The task mixes natural language reasoning with strict machine-readable output.

Most defensible direction:

• Use explicit format instructions, examples, structured output handling, and validation in application code. Do not rely only on a natural language request when downstream systems require strict structure.

Evaluate Answer Choices by Their Dominant Effect

When answer choices are long, identify what each option mainly changes.

An answer may primarily change:

• The prompt
• The model
• The data source
• The retrieval layer
• The embedding or indexing process
• The IAM permissions
• The network path
• The agent tools
• The monitoring setup
• The deployment pattern
• The inference parameters
• The application validation logic

Then ask: Is that the layer the scenario is actually about?

Example:

If users receive answers that do not reflect recently uploaded policy documents, an answer that changes the inference temperature is probably addressing the wrong layer. The likely issue is ingestion, indexing, retrieval, or prompt grounding.

If an agent can retrieve data for the wrong customer, an answer that changes the foundation model is probably addressing the wrong layer. The likely issue is authorization, identity propagation, retrieval filtering, or backend access control.

Use the “Best Answer” Test

After narrowing the options, test your preferred answer against four questions.

1. Does It Directly Solve the Stated Goal?

Do not choose an answer that solves a related but different problem.

If the question asks for citations, the answer should include retrieval and source reference handling, not just better prompt wording.

If the question asks for lower operational overhead, the answer should avoid unnecessary self-managed infrastructure when managed services can meet the requirements.

2. Does It Respect Every Hard Constraint?

One violated constraint is enough to eliminate an answer.

Watch for:

• Public access when private access is required
• Broad permissions when least privilege is required
• Training or customization when data freshness is required
• Logging sensitive data when minimization is required
• A manual process when automation is required
• A synchronous workflow when long-running processing is required

3. Is It Proportionate?

Prefer the smallest complete change.

A complete answer solves the problem without adding unnecessary architecture. For example:

• Use RAG for private, changing knowledge instead of retraining a model.
• Adjust prompt and validation for structured output instead of building a new ML pipeline.
• Scope an IAM policy correctly instead of replacing the whole application.
• Refresh embeddings and indexes instead of changing model providers.
• Add tool authorization instead of relying on model instructions to prevent unauthorized actions.

4. Does It Match the Optimization Phrase?

When two answers are technically valid, the optimization phrase decides.

• “Most secure” favors explicit access controls, encryption, isolation, validation, and auditability.
• “Least operational overhead” favors managed services and simpler operations.
• “Lowest latency” favors smaller context, appropriate model choice, streaming, caching, and efficient retrieval.
• “Most cost-effective” favors token reduction, right-sized model selection, managed scaling, and avoiding unnecessary processing.
• “Highest accuracy” favors grounding, evaluation, better retrieval, curated examples, and task-specific model improvement where appropriate.

Scenario Reading Examples

Example 1: Internal Knowledge Chatbot

Scenario summary:

A company wants a chatbot for employees. It must answer using internal HR policies stored in S3. Policies change frequently. Answers must include references to source documents. The team wants minimal operational overhead.

Decision point:

• How should the team build the knowledge layer?

Reasoning:

• Internal documents and frequent updates point to RAG.
• Source references point to retrieval with citations or traceability.
• Minimal overhead points to managed generative AI and managed retrieval components.
• Fine-tuning is less defensible because the issue is changing knowledge, not stable behavior.

Most defensible answer pattern:

• Use a managed RAG approach with document ingestion, embeddings, vector retrieval, grounded prompts, source references, and appropriate IAM/encryption controls.

Example 2: Agent That Updates Customer Records

Scenario summary:

A support assistant must update customer records after confirming user intent. It needs to call an internal API. Users must be able to update only records they are authorized to access.

Decision point:

• How should tool access be secured?

Reasoning:

• The model should not be trusted as the authorization boundary.
• The backend API must enforce user-level authorization.
• The agent or application should pass authenticated user context.
• IAM and tool permissions should be narrowly scoped.
• Sensitive actions may need confirmation or human review.

Most defensible answer pattern:

• Configure approved tools or action groups with least-privilege permissions, validate inputs, pass user identity to backend services, enforce authorization in the API, and log actions.

Example 3: Inconsistent JSON Output

Scenario summary:

An application sends model output to a downstream system that requires valid JSON. The model sometimes returns prose around the JSON, causing parsing failures.

Decision point:

• How should the developer improve reliability?

Reasoning:

• The problem is output structure, not external knowledge.
• Prompt instructions should specify the exact schema.
• Examples can reduce ambiguity.
• Application-side validation is necessary before sending output downstream.
• Retrying with corrective prompts may be appropriate, but relying on natural language alone is weak.

Most defensible answer pattern:

• Use explicit structured-output instructions, examples, schema validation, and error handling in the application workflow.

Example 4: Slow RAG Responses

Scenario summary:

A document assistant retrieves many large chunks for every question. Users report slow responses and costs are increasing.

Decision point:

• How should the developer optimize performance and cost?

Reasoning:

• Large retrieved context increases token usage and latency.
• The model may be processing irrelevant content.
• Retrieval tuning may reduce context size while improving quality.
• A smaller or faster model may be sufficient for the task.
• Caching common answers may help if freshness and authorization rules allow it.

Most defensible answer pattern:

• Tune chunking and retrieval, apply metadata filters, limit context to relevant passages, reduce prompt size, choose an appropriate model, and consider caching or streaming where suitable.

Quick Decision Framework for Final Review

Use this sequence on every scenario practice question.

Step 1: Label the Task

Write one label mentally:

• Architecture
• RAG
• Prompting
• Fine-tuning or customization
• Agent or tool use
• Security
• Networking
• Troubleshooting
• Cost optimization
• Latency optimization
• Monitoring or evaluation

Step 2: Identify the Primary Object

What is being selected or changed?

• Service
• Model
• Prompt
• Knowledge base
• Vector index
• IAM role or policy
• Encryption key
• Agent tool
• API integration
• Deployment pattern
• Logging or monitoring configuration
• Evaluation method

Step 3: Extract the Hard Requirements

Convert the scenario into short requirements:

• “Use private documents.”
• “Keep traffic private.”
• “Users see only their own data.”
• “Provide citations.”
• “Reduce operational overhead.”
• “Do not expose sensitive data in logs.”
• “Call backend APIs safely.”
• “Improve answer accuracy.”
• “Reduce latency for interactive users.”

Step 4: Eliminate Violations

Remove choices that:

• Ignore the data source
• Use the wrong AI pattern
• Over-permission access
• Skip required encryption or isolation
• Fail to address user authorization
• Do not solve the symptom
• Add unnecessary operational burden
• Optimize the wrong metric

Step 5: Choose the Complete, Minimal Answer

The best answer should feel complete enough to satisfy the facts, but not inflated with unrelated services or unnecessary rebuilds.

Compact Checklist for AIP-C01 Scenario Practice

Before selecting an answer, ask:

• What is the actual decision point?
• Is this about knowledge, behavior, action, security, performance, or operations?
• Does the solution need prompt engineering, RAG, customization, agents, or deterministic logic?
• Where does the required data come from?
• Is the data current, private, user-specific, or sensitive?
• Are citations or grounding required?
• Which component needs IAM permissions?
• Is least privilege preserved?
• Are encryption, logging, and audit requirements addressed?
• Is a private network path required?
• Does the answer reduce operational overhead if requested?
• Does the answer optimize latency or cost without breaking quality or security?
• For troubleshooting, which layer best explains the symptom?
• Is the answer proportional to the problem?

How to Use Scenario Practice Efficiently

For each practice scenario, do more than mark right or wrong. Review it in this format:

• Primary decision:
• Hard constraints:
• Optimization phrase:
• Correct solution pattern:
• Why the right answer wins:
• Why the closest wrong answer is incomplete:
• AWS services or controls involved:
• Fact I should have noticed sooner:

This builds the habit the exam rewards: reading the facts, identifying the governing constraint, and selecting the most defensible AWS generative AI solution.

For final review, mix targeted topic drills with full-length mock exams. Use topic drills to strengthen weak areas such as RAG, agents, IAM, monitoring, or optimization. Use mock exams to practice pacing, scenario reading, and choosing the best answer under time pressure.