CLF-C02 · Question #89
CLF-C02 Question #89: Real Exam Question with Answer & Explanation
The correct answer is C: AWS Secrets Manager. AWS Secrets Manager (C) is purpose-built for securely storing, rotating, and retrieving sensitive credentials such as database passwords, API keys, and other secrets - exactly what the question describes. The distractors each serve different purposes: AWS Encryption SDK (A) is a
Question
Which AWS service or feature allows users to securely store encrypted credentials and retrieve these credentials when required?
Options
- AAWS Encryption SDK
- BAWS Security Hub
- CAWS Secrets Manager
- DAWS Artifact
Explanation
AWS Secrets Manager (C) is purpose-built for securely storing, rotating, and retrieving sensitive credentials such as database passwords, API keys, and other secrets - exactly what the question describes.
The distractors each serve different purposes: AWS Encryption SDK (A) is a client-side library for encrypting data in your own applications, not a storage service for credentials. AWS Security Hub (B) is a centralized security posture dashboard that aggregates findings from other AWS services, not a secrets store. AWS Artifact (D) is a compliance documentation portal providing access to AWS audit reports and agreements, unrelated to credential storage.
Memory tip: Think of Secrets Manager as a "secure vault" - you store secrets in it and retrieve them on demand, often with automatic rotation. If the question mentions storing and retrieving credentials or secrets, Secrets Manager is almost always the answer.
Topics
Community Discussion
No community discussion yet for this question.