Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions

Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 197 discussion

Exam question from Amazon's AWS Certified Developer - Associate DVA-C02
Question #: 197
Topic #: 1
[All AWS Certified Developer - Associate DVA-C02 Questions]

A company needs to set up secure database credentials for all its AWS Cloud resources. The company’s resources include Amazon RDS DB instances, Amazon DocumentDB clusters, and Amazon Aurora DB instances. The company’s security policy mandates that database credentials be encrypted at rest and rotated at a regular interval.

Which solution will meet these requirements MOST securely?

  • A. Set up IAM database authentication for token-based access. Generate user tokens to provide centralized access to RDS DB instances, Amazon DocumentDB clusters, and Aurora DB instances.
  • B. Create parameters for the database credentials in AWS Systems Manager Parameter Store. Set the Type parameter to SecureString. Set up automatic rotation on the parameters.
  • C. Store the database access credentials as an encrypted Amazon S3 object in an S3 bucket. Block all public access on the S3 bucket. Use S3 server-side encryption to set up automatic rotation on the encryption key.
  • D. Create an AWS Lambda function by using the SecretsManagerRotationTemplate template in the AWS Secrets Manager console. Create secrets for the database credentials in Secrets Manager. Set up secrets rotation on a schedule.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by fordiscussionstwo at Oct. 6, 2023, 2:56 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
wh1t4k3r
2 weeks, 6 days ago
I love how they added the lambda b**ls**t just to confuse who's doing the test.
upvoted 1 times
...
65703c1
3 months, 3 weeks ago
Selected Answer: D
D is the correct answer.
upvoted 1 times
...
TanTran04
9 months, 1 week ago
Selected Answer: D
Rotate auto SecretsManager
upvoted 3 times
...
nickolaj
11 months ago
https://aws.amazon.com/blogs/security/rotate-amazon-rds-database-credentials-automatically-with-aws-secrets-manager/
upvoted 2 times
...
dilleman
11 months, 1 week ago
Selected Answer: D
the best and most secure option is: D. Create an AWS Lambda function by using the SecretsManagerRotationTemplate template in the AWS Secrets Manager console.
upvoted 4 times
...
Digo30sp
11 months, 2 weeks ago
Selected Answer: D
The correct answer is (D). Solution (D) is the best option because: It's the most secure solution: AWS Secrets Manager is an AWS-managed secrets management service that provides encryption at rest and automatic secret rotation. Meets the company's security requirements: The solution meets the company's security requirements because: Database credentials are encrypted at rest using AWS Key Management Service (AWS KMS). Database credentials are automatically rotated at regular intervals.
upvoted 4 times
...
fordiscussionstwo
11 months, 2 weeks ago
DDDDDDD
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel