Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam SCS-C02 Topic 3 Question 15 Discussion

Actual exam question for Amazon's SCS-C02 exam
Question #: 15
Topic #: 3
[All SCS-C02 Questions]

A company runs an online game on AWS. When players sign up for the game, their username and password credentials are stored in an Amazon Aurora database.

The number of users has grown to hundreds of thousands of players. The number of requests for password resets and login assistance has become a burden for the company's customer service team.

The company needs to implement a solution to give players another way to log in to the game. The solution must remove the burden of password resets and login assistance while securely protecting each player's credentials.

Which solution will meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: C

The best solution to meet the company's requirements of offering an alternative login method while securely protecting player credentials and reducing the burden of password resets is to use Amazon Cognito with user pools. Amazon Cognito provides a fully managed service that facilitates the authentication, authorization, and user management for web and mobile applications. By configuring Amazon Cognito user pools to federate access with third-party Identity Providers (IdPs), such as social media platforms or Google, the company can allow users to sign in through these external IdPs, thereby eliminating the need for traditional username and password logins. This not only enhances user convenience but also offloads the responsibility of managing user credentials and the associated challenges like password resets to Amazon Cognito, thereby reducing the burden on the company's customer service team. Additionally, Amazon Cognito integrates seamlessly with other AWS services and follows best practices for security and compliance, ensuring that the player's credentials are protected.


Contribute your Thoughts:

Delmy
6 months ago
I think option D is worth considering. Using API keys instead of usernames and passwords can add an extra layer of security to the game. Plus, setting up an Amazon API Gateway API can streamline access to game functionality.
upvoted 0 times
...
Cathrine
6 months ago
I prefer option C. Configuring Amazon Cognito user pools to federate access with third-party identity providers can simplify the login process for players and reduce the need for password resets.
upvoted 0 times
...
Buck
6 months ago
I agree with Ressie. Moving the credentials to Secrets Manager seems like the most secure option. It will also make it easier to manage the login process for players.
upvoted 0 times
...
Ressie
6 months ago
I think option B is the best solution. By migrating the player credentials to AWS Secrets Manager, we can securely store the user IDs and passwords while reducing the burden on customer service.
upvoted 0 times
...
Ashton
7 months ago
That's a good point, Using API keys could definitely make it easier for players to log in without the need for constant password assistance.
upvoted 0 times
...
Herman
7 months ago
I'm leaning towards option D. Using API keys instead of usernames and passwords could simplify the login process and reduce the burden on customer service for password resets.
upvoted 0 times
...
Ivette
7 months ago
I disagree, I believe option B is the way to go. Migrating player credentials to AWS Secrets Manager will provide a centralized and secure way to manage user IDs and passwords.
upvoted 0 times
...
Ashton
7 months ago
I think option C is the best solution. Configuring Amazon Cognito user pools to federate access with third-party identity providers will make it easier for players to log in securely.
upvoted 0 times
...
Filiberto
8 months ago
Option B with AWS Secrets Manager seems like a good way to securely store the player credentials, but I'm not sure if it addresses the issue of password resets and login assistance.
upvoted 0 times
...
Shaun
8 months ago
But then the company would still have to manage password resets and login assistance, right? It doesn't really address the main problem.
upvoted 0 times
...
Sharen
8 months ago
Option D with API keys sounds interesting, but I'm not sure if that's the most secure approach for protecting player credentials.
upvoted 0 times
...
Linwood
8 months ago
I think option C looks promising. Migrating to Amazon Cognito and using third-party identity providers could help reduce the burden on customer service for password resets and logins.
upvoted 0 times
Edmond
7 months ago
C) I agree. Cognito's user pools with third-party IdPs could be a game-changer in simplifying the login process for players.
upvoted 0 times
...
Linn
7 months ago
B) That's true, Cognito does seem like a convenient option to consider for the company's online game.
upvoted 0 times
...
Eric
8 months ago
A) But with Cognito, federating access with third-party providers could offer a more seamless login experience for players.
upvoted 0 times
...
Laura
8 months ago
D) I see your point. Using Secrets Manager could indeed provide a more secure way of managing player credentials.
upvoted 0 times
...
Odette
8 months ago
C) AWS Secrets Manager might be a better option. Migrating player credentials there could enhance security and simplify login processes.
upvoted 0 times
...
Pamela
8 months ago
B) Yeah, migrating to Cognito could definitely help relieve the customer service team from dealing with password resets and logins.
upvoted 0 times
...
Kaycee
8 months ago
A) I think option C is a good choice. Using Amazon Cognito and third-party identity providers could streamline the login process for players.
upvoted 0 times
...
...
Lucia
8 months ago
Option B seems like a more straightforward approach. Storing the credentials in Secrets Manager could be a good way to centralize and secure the player data.
upvoted 0 times
...
Clay
8 months ago
Yeah, and then the company would have to manage all those IAM keys. That doesn't sound very scalable to me.
upvoted 0 times
...
Olene
8 months ago
Hmm, this question seems tricky. I'm not sure which option is the best solution for the company's requirements.
upvoted 0 times
...
Kristel
8 months ago
Okay, let's start with option A. Creating IAM keys for each player seems like a lot of overhead, and it could be a security risk if the keys get compromised on the player's device.
upvoted 0 times
Edda
7 months ago
But what about option C? Using Amazon Cognito with third-party IdPs could simplify the authentication process.
upvoted 0 times
...
Alica
7 months ago
I think option B might be better. Migrating credentials to Secrets Manager seems more secure.
upvoted 0 times
...
Daryl
7 months ago
I agree, storing IAM keys on player's device can be risky.
upvoted 0 times
...
...
Anthony
8 months ago
I agree. We need to carefully consider the tradeoffs between security, user experience, and maintenance overhead.
upvoted 0 times
...
Phung
8 months ago
Hmm, this is an interesting question. I think the solution really depends on the company's specific needs and security requirements. Let's go through each option and discuss the pros and cons.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77