ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer - Associate DVA-C02 All Questions

View all questions & answers for the AWS Certified Developer - Associate DVA-C02 exam
Go to Exam

Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 197 discussion

Exam question from Amazon's AWS Certified Developer - Associate DVA-C02
Question #: 197
Topic #: 1
[All AWS Certified Developer - Associate DVA-C02 Questions]

A company needs to set up secure database credentials for all its AWS Cloud resources. The company’s resources include Amazon RDS DB instances, Amazon DocumentDB clusters, and Amazon Aurora DB instances. The company’s security policy mandates that database credentials be encrypted at rest and rotated at a regular interval.

Which solution will meet these requirements MOST securely?

  • A. Set up IAM database authentication for token-based access. Generate user tokens to provide centralized access to RDS DB instances, Amazon DocumentDB clusters, and Aurora DB instances.
  • B. Create parameters for the database credentials in AWS Systems Manager Parameter Store. Set the Type parameter to SecureString. Set up automatic rotation on the parameters.
  • C. Store the database access credentials as an encrypted Amazon S3 object in an S3 bucket. Block all public access on the S3 bucket. Use S3 server-side encryption to set up automatic rotation on the encryption key.
  • D. Create an AWS Lambda function by using the SecretsManagerRotationTemplate template in the AWS Secrets Manager console. Create secrets for the database credentials in Secrets Manager. Set up secrets rotation on a schedule.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by fordiscussionstwo at Oct. 6, 2023, 2:56 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
wh1t4k3r
8 months ago
I love how they added the lambda b**ls**t just to confuse who's doing the test.
upvoted 1 times
...
65703c1
11 months, 1 week ago
Selected Answer: D
D is the correct answer.
upvoted 2 times
...
TanTran04
1 year, 4 months ago
Selected Answer: D
Rotate auto SecretsManager
upvoted 3 times
...
nickolaj
1 year, 6 months ago
https://aws.amazon.com/blogs/security/rotate-amazon-rds-database-credentials-automatically-with-aws-secrets-manager/
upvoted 2 times
...
dilleman
1 year, 6 months ago
Selected Answer: D
the best and most secure option is: D. Create an AWS Lambda function by using the SecretsManagerRotationTemplate template in the AWS Secrets Manager console.
upvoted 4 times
...
Digo30sp
1 year, 6 months ago
Selected Answer: D
The correct answer is (D). Solution (D) is the best option because: It's the most secure solution: AWS Secrets Manager is an AWS-managed secrets management service that provides encryption at rest and automatic secret rotation. Meets the company's security requirements: The solution meets the company's security requirements because: Database credentials are encrypted at rest using AWS Key Management Service (AWS KMS). Database credentials are automatically rotated at regular intervals.
upvoted 4 times
...
fordiscussionstwo
1 year, 6 months ago
DDDDDDD
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago