ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Database - Specialty All Questions

View all questions & answers for the AWS Certified Database - Specialty exam
Go to Exam

Exam AWS Certified Database - Specialty topic 1 question 340 discussion

Exam question from Amazon's AWS Certified Database - Specialty
Question #: 340
Topic #: 1
[All AWS Certified Database - Specialty Questions]

A company performs an audit on various data stores and discovers that an Amazon S3 bucket is storing a credit card number. The S3 bucket is the target of an AWS Database Migration Service (AWS DMS) continuous replication task that uses change data capture (CDC). The company determines that this field is not needed by anyone who uses the target data. The company has manually removed the existing credit card data from the S3 bucket.

What is the MOST operationally efficient way to prevent new credit card data from being written to the S3 bucket?

  • A. Add a transformation rule to the DMS task to ignore the column from the source data endpoint.
  • B. Add a transformation rule to the DMS task to mask the column by using a simple SQL query.
  • C. Configure the target S3 bucket to use server-side encryption with AWS KMS keys (SSE-KMS).
  • D. Remove the credit card number column from the data source so that the DMS task does not need to be altered.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by marll88 at Nov. 26, 2023, 3:09 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
tsangckl
1 year, 1 month ago
Selected Answer: A
Option A: Add a transformation rule to the DMS task to ignore the column from the source data endpoint. AWS Database Migration Service (DMS) allows you to specify transformation rules that change the schema and table definitions of the source data before it is migrated to the target. By adding a transformation rule to ignore the specific column (in this case, the credit card number), you can ensure that this data is not written to the S3 bucket during the continuous replication process. This approach does not require changes to the source database schema (as in Option D), does not involve masking the data (as in Option B), and does not rely on encryption to protect the data (as in Option C). It simply prevents the unwanted data from being written to the S3 bucket, which is the most direct and operationally efficient solution to the problem.
upvoted 1 times
...
silvaa360
1 year, 5 months ago
Selected Answer: A
A for sure. https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.SelectionTransformation.Transformations.html
upvoted 4 times
...
marll88
1 year, 5 months ago
Not C. KMS encryption is secure, but it is not a procedure to prevent S3 writes
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago