nerdexam
Amazon

DVA-C02 · Question #234

A company has an existing application that has hardcoded database credentials. A developer needs to modify the existing application. The application is deployed in two AWS Regions with an active-passi

The correct answer is A. Store the credentials in AWS Secrets Manager in the primary Region. Enable secret replication to. https://docs.aws.amazon.com/secretsmanager/latest/userguide/create-manage-multi-region-

Submitted by deeparc· Mar 5, 2026Security

Question

A company has an existing application that has hardcoded database credentials. A developer needs to modify the existing application. The application is deployed in two AWS Regions with an active-passive failover configuration to meet company's disaster recovery strategy. The developer needs a solution to store the credentials outside the code. The solution must comply with the company's disaster recovery strategy. Which solution will meet these requirements in the MOST secure way?

Options

  • AStore the credentials in AWS Secrets Manager in the primary Region. Enable secret replication to
  • BStore credentials in AWS Systems Manager Parameter Store in the primary Region. Enable
  • CStore credentials in a config file. Upload the config file to an S3 bucket in the primary Region.
  • DStore credentials in a config file. Upload the config file to an Amazon Elastic File System (Amazon

How the community answered

(44 responses)
  • A
    73% (32)
  • B
    5% (2)
  • C
    9% (4)
  • D
    14% (6)

Explanation

https://docs.aws.amazon.com/secretsmanager/latest/userguide/create-manage-multi-region-

Community Discussion

No community discussion yet for this question.

Full DVA-C02 Practice