ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 261 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 261
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A company has developed a new Amazon RDS database application. The company must secure the RDS database credentials for encryption in transit and encryption at rest. The company also must rotate the credentials automatically on a regular basis.
Which solution meets these requirements?

  • A. Use AWS Systems Manager Parameter Store to store the database credentials. Configure automatic rotation of the credentials.
  • B. Use AWS Secrets Manager to store the database credentials. Configure automatic rotation of the credentials.
  • C. Store the database credentials in an Amazon S3 bucket that is configured with server-side encryption with S3 managed encryption keys (SSE-S3). Rotate the credentials with IAM database authentication.
  • D. Store the database credentials in Amazon S3 Glacier, and use S3 Glacier Vault Lock. Configure an AWS Lambda function to rotate credentials on a scheduled basis.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by santosar at Aug. 24, 2021, 11:56 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
dumma
Highly Voted 3 years, 6 months ago
B looks right, secrets manager allows auto rotation
upvoted 16 times
Igloo
3 years, 6 months ago
Agree with B https://aws.amazon.com/blogs/security/rotate-amazon-rds-database-credentials-automatically-with-aws-secrets-manager/
upvoted 2 times
...
...
Raphaello
Most Recent 1 year, 2 months ago
Selected Answer: B
B is the correct answer. Secrets manager that support secrets rotation.
upvoted 1 times
...
ITGURU51
2 years ago
A solution that meets these requirements is to use AWS Secrets Manager. This service makes it easier to rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. You can configure Secrets Manager to rotate secrets automatically, which can help you meet your security and compliance needs.
upvoted 1 times
...
dcasabona
2 years, 9 months ago
Selected Answer: B
B seems right to me.
upvoted 1 times
...
lotfi50
3 years, 2 months ago
Selected Answer: B
The answer is B
upvoted 1 times
...
Waniru
3 years, 2 months ago
Ans B: Found a great article to explain the differences and similarities between Parameter Store and Secrets Manager in terms of functionality and use cases https://medium.com/awesome-cloud/aws-difference-between-secrets-manager-and-parameter-store-systems-manager-f02686604eae
upvoted 1 times
...
Pratham123
3 years, 2 months ago
Can anybody explain why not A?
upvoted 1 times
TigerInTheCloud
3 years ago
Security Manager provides the option of automatic rotation. Systems Manager Parameter Store does not have such option.
upvoted 2 times
sapien45
2 years, 9 months ago
Thanks Tiger, I was wondering B Secret Manager then
upvoted 1 times
...
...
...
Radhaghosh
3 years, 2 months ago
Auto Rotation --> Secrets Manager (not SSM Parameter Store) Answer B
upvoted 1 times
...
hk436
3 years, 5 months ago
B is my answer.!
upvoted 2 times
...
kiev
3 years, 6 months ago
B for me as well. SM provides for automatic rotation of secretes.
upvoted 3 times
...
TollaMS
3 years, 6 months ago
The answer is B
upvoted 1 times
...
santosar
3 years, 6 months ago
My opinion is B
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago