ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty All Questions

View all questions & answers for the AWS Certified Security - Specialty exam
Go to Exam

Exam AWS Certified Security - Specialty topic 1 question 343 discussion

Exam question from Amazon's AWS Certified Security - Specialty
Question #: 343
Topic #: 1
[All AWS Certified Security - Specialty Questions]

A company is running batch workloads that use containers on Amazon Elastic Container Service (Amazon ECS). The company needs a secure solution for storing API keys that are required for integration with external services. The company's security policy states that API keys must not be stored or transmitted in plaintext. The company's IT team currently rotates the API keys manually.

A security engineer must recommend a solution that meets the security requirements and automates the rotation of the API keys

Which solution should the security engineer recommend?

  • A. Use a secure string parameter in AWS Systems Manager Parameter Store. Activate the feature for automatic rotation.
  • B. Use Amazon EC2 user data for storing the API keys. Set up a scheduled AWS Lambda function to automatically rotate the API keys.
  • C. Use AWS Fargate to store the API keys. Set up a scheduled AWS Lambda function to automatically rotate the API keys.
  • D. Use AWS Secrets Manager to store the API keys. Reference the API keys in the container definition.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by luisfsm_111 at Nov. 18, 2022, 6:04 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Toptip
1 year, 11 months ago
Selected Answer: D
only D makes sense
upvoted 1 times
...
ITGURU51
2 years ago
Secrets manager enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. So the correct answer is D.
upvoted 3 times
...
maddyr
2 years, 5 months ago
Selected Answer: D
D as secrets mgr
upvoted 2 times
...
AdamWest
2 years, 5 months ago
Selected Answer: D
D - I don t know why rotation is not listed To implement password rotation lifecycles, use AWS Secrets Manager. You can rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle using Secrets Manager
upvoted 3 times
...
sambda
2 years, 5 months ago
My ans is D as well
upvoted 1 times
...
luisfsm_111
2 years, 5 months ago
Selected Answer: D
Think it's D. However, we don't see the rotation in the answer... https://aws.amazon.com/blogs/compute/securing-credentials-using-aws-secrets-manager-with-aws-fargate/
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago