{"id":383,"date":"2022-02-09T05:52:02","date_gmt":"2022-02-09T05:52:02","guid":{"rendered":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question317\/"},"modified":"2022-02-09T05:52:02","modified_gmt":"2022-02-09T05:52:02","slug":"aws-certified-security-specialty-scs-c01-question317","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question317\/","title":{"rendered":"AWS Certified Security &#8211; Specialty SCS-C01 &#8211; Question317"},"content":{"rendered":"<div class=\"question\">A company is using Amazon Elastic Container Service (Amazon ECS) to deploy an application that deals with sensitive data. During a recent security audit, the company identified a security issue in which Amazon RDS credentials were stored with the application code in the company&#039;s source code repository.<br \/>\nA security engineer needs to develop a solution to ensure that database credentials are stored securely and rotated periodically. The credentials should be accessible to the application only. The engineer also needs to prevent database administrators from sharing database credentials as plaintext with other teammates.<br \/>\nThe solution must also minimize administrative overhead.<br \/>\nWhich solution meets these requirements?<br \/><strong><br \/>A.<\/strong> Use the AWS Systems Manager Parameter Store to generate database credentials. Use an IAM profile for ECS tasks to restrict access to database credentials to specific containers only.<br \/><strong>B.<\/strong> Use AWS Secrets Manager to store database credentials. Use an IAM inline policy for ECS tasks to restrict access to database credentials to specific containers only.<br \/><strong>C.<\/strong> Use the AWS Systems Manager Parameter Store to store database credentials. Use IAM roles for ECS tasks to restrict access to database credentials to specific containers only.<br \/><strong>D.<\/strong> Use AWS Secrets Manager to store database credentials. Use IAM roles for ECS tasks to restrict access to database credentials to specific containers only.<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>D<\/strong><\/div>\n<p><strong>Explanation:<\/strong> <\/p>\n<div class=\"explanation\">\nReference: <a href=\"https:\/\/docs.aws.amazon.com\/AmazonECS\/latest\/developerguide\/specifying-sensitive-data-secrets.html\" title=\"External link\" rel=\"nofollow noopener\" target=\"_blank\">https:\/\/docs.aws.amazon.com\/AmazonECS\/latest\/developerguide\/specify&#8230;<\/a><\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>A company is using Amazon Elastic Container Service (Amazon ECS) to deploy an application that deals with sensitive data. During a recent security audit, the company identified a security issue in which Amazon RDS credentials were stored with the application code in the company&#039;s source code repository. A security engineer needs to develop a solution [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,320],"class_list":["post-383","post","type-post","status-publish","format-standard","hentry","category-aws-certified-security-specialty-scs-c01","tag-aws-certified-security-specialty-scs-c01","tag-question-317"],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/posts\/383","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/comments?post=383"}],"version-history":[{"count":0,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/posts\/383\/revisions"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/media?parent=383"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/categories?post=383"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/wp-json\/wp\/v2\/tags?post=383"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}