ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified SysOps Administrator - Associate All Questions

View all questions & answers for the AWS Certified SysOps Administrator - Associate exam
Go to Exam

Exam AWS Certified SysOps Administrator - Associate topic 1 question 378 discussion

Exam question from Amazon's AWS Certified SysOps Administrator - Associate
Question #: 378
Topic #: 1
[All AWS Certified SysOps Administrator - Associate Questions]

A company deploys a new application to Amazon EC2 instances. The application code is stored in an AWS CodeCommit repository. The company uses an AWS CodePipeline pipeline to deploy the code to the EC2 instances through a continuous integration and continuous delivery (CI/CD) process.

A SysOps administrator needs to ensure that sensitive database information is configured properly on the EC2 instances to prevent accidental leakage of credentials.

Which solutions will store and retrieve the sensitive information in the MOST secure manner? (Choose two.)

  • A. Store the values in AWS Secrets Manager. Update the code to retrieve these values when the application starts. Store the values as environmental variables that the application can use.
  • B. Store the values in AWS Systems Manager Parameter Store as secret strings. Update the code to retrieve these values when the application starts. Store the values as environmental variables that the application can use.
  • C. Store the values in an AWS Lambda function. Update the code to invoke the Lambda function when the application starts. Configure the Lambda function to inject the values as environmental variables that the application can use.
  • D. Store the configuration information in a file on the EC2 instances. Ensure that the underlying drives are encrypted by AWS Key Management Service (AWS KMS). Update the application to read the file when the application starts. Store the values as environmental variables.
  • E. Store the values in a text file in an Amazon S3 bucket. In the CI/CD pipeline, copy the file to the EC2 instance in an appropriate location on a disk that the application can read.
Show Suggested Answer Hide Answer
Suggested Answer: AB 🗳️
by xSohox at Aug. 25, 2023, 3:53 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
joshnort
1 year ago
Selected Answer: AB
AB: AWS Secrets Manager is specifically designed for securely storing and managing secrets such as database credentials, API keys, and other sensitive information. You can rotate and manage these secrets easily, and the application can retrieve them securely. Storing them as environmental variables is a good practice for applications to access sensitive information securely. https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html Parameter Store allows for secure storage of sensitive data such as passwords, database strings, etc., including secret strings. It also supports parameter hierarchy, versioning, and integration with AWS Identity and Access Management (IAM) for access control. Again, storing them as environmental variables provides a secure way for the application to access these secrets. https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-parameter-store.html
upvoted 2 times
...
Learning4life
1 year, 5 months ago
Answer is AC. We all know Secret Manager for A, but there is no secret string that is mentioned in B. Lambda can use environment variables to sore secrets securely for use with Lambda functions and are encrypted at rest.
upvoted 1 times
Aamee
6 months, 2 weeks ago
It's definitely A and B so read the question again.
upvoted 1 times
...
Debugs_Bunny
1 year, 4 months ago
read B again
upvoted 3 times
...
...
Globus777
1 year, 6 months ago
Answer is AB
upvoted 2 times
...
AWSdeveloper08
1 year, 8 months ago
Selected Answer: AB
since the question is asking for the multiple options to secure passwords, ill got with AB
upvoted 2 times
...
xSohox
1 year, 8 months ago
Selected Answer: AB
AB look like the most secured methods.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago