DVA-C02 · Question #718
DVA-C02 Question #718: Real Exam Question with Answer & Explanation
Sign in or unlock DVA-C02 to reveal the answer and full explanation for question #718. The question stem and answer options stay visible for context.
Question
A developer needs to improve security for database credentials in an Amazon ECS environment. Currently, the developer stores Amazon Aurora PostgreSQL credentials directly in ECS task definition environment variables. The developer must implement a more secure method to provide the database credentials to running task instances. Which solution will meet these requirements with the LEAST development effort?
Options
- ACreate a customer managed AWS KMS key. Use the KMS key to encrypt the credentials. Add the
- BUse an AWS managed AWS KMS key to encrypt the credentials. Add the encrypted credentials
- CStore the credentials as a secret in AWS Secrets Manager. Create a task IAM role that has
- DStore the credentials as a secret in AWS Secrets Manager. Create a task execution IAM role that
Unlock DVA-C02 to see the answer
You've previewed enough free DVA-C02 questions. Unlock DVA-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.