ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Database - Specialty All Questions

View all questions & answers for the AWS Certified Database - Specialty exam
Go to Exam

Exam AWS Certified Database - Specialty topic 1 question 329 discussion

Exam question from Amazon's AWS Certified Database - Specialty
Question #: 329
Topic #: 1
[All AWS Certified Database - Specialty Questions]

A company is using an Amazon Aurora PostgreSQL database for a project with a government agency. All database communications must be encrypted in transit. All non-SSL/TLS connection requests must be rejected.

What should a database specialist do to meet these requirements?

  • A. Set the rds.force_ssl parameter in the DB cluster parameter group to default.
  • B. Set the rds.force_ssl parameter in the DB cluster parameter group to 1.
  • C. Set the rds.force_ssl parameter in the DB cluster parameter group to 0.
  • D. Set the SQLNET.SSL_VERSION option in the DB cluster option group to 1.2.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by marll88 at Nov. 26, 2023, 2:12 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
MultiAZ
1 year, 5 months ago
Selected Answer: B
Answer is B Value of 1 will force SSL to all connections
upvoted 2 times
...
KikiNoviandi
1 year, 6 months ago
Selected Answer: B
The default rds.force_ssl parameter is set to 1 (on) for RDS for PostgreSQL version 15.
upvoted 2 times
...
dbkorn
1 year, 6 months ago
B is correct All database communications must be encrypted in transit. All non-SSL/TLS connection requests must be rejected. Set the rds.force_ssl parameter in the DB cluster parameter group to 1 to enforce Enable SSL for connections to your DB instance. and rds.force_ssl parameter is dynamic parameters don't require a reboot after changing their settings. A: is wrong , Can not be change default parameter group C: is wrong , rds.force_ssl parameter set to 0 "off SSL for connections to your DB instance" D: is not related SSL for connections to your DB instance https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Concepts.General.SSL.html
upvoted 1 times
...
marll88
1 year, 6 months ago
I think B. You can require that connections to your PostgreSQL DB instance use SSL by using the rds.force_ssl parameter. The default rds.force_ssl parameter is set to 1 (on) for RDS for PostgreSQL version 15. All other RDS for PostgreSQL major version 14 and older have the default value for rds.force_ssl parameter set to 0 (off). You can set the rds.force_ssl parameter to 1 (on) to require SSL for connections to your DB instance. https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Concepts.General.SSL.html
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel