Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Amazon Exam DVA-C02 Topic 2 Question 40 Discussion

Actual exam question for Amazon's DVA-C02 exam
Question #: 40
Topic #: 2
[All DVA-C02 Questions]

A company runs a payment application on Amazon EC2 instances behind an Application Load Balance The EC2 instances run in an Auto Scaling group across multiple Availability Zones The application needs to retrieve application secrets during the application startup and export the secrets as environment variables These secrets must be encrypted at rest and need to be rotated every month.

Which solution will meet these requirements with the LEAST development effort?

Show Suggested Answer Hide Answer
Suggested Answer: D

AWS Secrets Manager:Built for managing secrets, providing encryption, automatic rotation, and access control.

Customer Master Key (CMK):Provides an extra layer of control over encryption through AWS KMS.

Automatic Rotation:Enhances security by regularly changing the secret.

User Data Script:Allows secrets retrieval at instance startup and sets them as environment variables for seamless use within the application.


AWS Secrets Manager Documentation:https://docs.aws.amazon.com/secretsmanager/

AWS KMS Documentation:https://docs.aws.amazon.com/kms/

User Data for EC2 Instances:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html

by Adell at Sep 15, 2024, 09:21 PM

Limited Time Offer

25%

Off

Get Premium DVA-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Loren
2 months ago
Hmm, Option D with Secrets Manager seems tempting, but I'm not sure it's worth the extra effort compared to B. Sometimes the simplest solution is the best.
upvoted 0 times
Alease
20 days ago
True, sometimes simplicity is key when it comes to managing secrets in the application.
upvoted 0 times
...
Nydia
24 days ago
I agree, but Option B with Systems Manager Parameter Store is simpler and may require less development effort.
upvoted 0 times
...
Darrin
28 days ago
Option D with Secrets Manager is more secure and convenient for secret management.
upvoted 0 times
...
...
Pete
2 months ago
Option B is like the Swiss Army knife of secret management - it just works, no fuss!
upvoted 0 times
Paola
1 months ago
Yeah, Option B with AWS Systems Manager Parameter Store and AWS KMS key is a solid choice for secret management.
upvoted 0 times
...
Giuseppe
1 months ago
I agree, Option B seems like the most straightforward solution for managing secrets.
upvoted 0 times
...
Cyril
2 months ago
Option B is definitely the way to go, it's simple and effective.
upvoted 0 times
...
...
Lisha
2 months ago
That's a valid point, Cassi. Option B does seem like a straightforward solution as well. It's a tough choice between D and B.
upvoted 0 times
...
Cassi
2 months ago
I disagree, I believe option B is the way to go. Using AWS Systems Manager Parameter Store and AWS KMS key seems simpler to implement.
upvoted 0 times
...
Lisha
2 months ago
I think option D is the best choice. It's the easiest way to store and rotate secrets securely.
upvoted 0 times
...
Raelene
3 months ago
Option B seems the most straightforward. Using Parameter Store and KMS is a well-established approach with minimal development effort.
upvoted 0 times
Youlanda
2 months ago
I think we should go with option B for the least amount of effort.
upvoted 0 times
...
Deonna
2 months ago
Yeah, it's a simple setup and doesn't require much development work.
upvoted 0 times
...
Xenia
2 months ago
I agree, option B with Parameter Store and KMS seems like the easiest solution.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77