DVA-C02 · Question #762
DVA-C02 Question #762: Real Exam Question with Answer & Explanation
The correct answer is D: Create and store the secrets in AWS Secrets Manager. Choose the appropriate secret type. Tum. AWS Secrets Manager is designed to securely store sensitive information such as database credentials, OAuth tokens, and API keys. It integrates with applications to retrieve secrets at runtime and supports automatic secret rotation using built-in or custom rotation mechanisms. Se
Question
A developer is creating a web application. The developer needs to store, retrieve, and rotate database credentials, OAuth tokens, and API keys. The credentials, OAuth tokens, and API keys must be stored securely as secrets and must not be hardcoded in the application source code. The secrets must be automatically rotated every 6 months. What should the developer do to meet these requirements?
Options
- ACreate and store the secrets in AWS KMS. Configure AWS KMS to automatically rotate the
- BCreate and store the secrets in AWS Certificate Manager (ACM). Choose the appropriate
- CCreate and store the secrets in Amazon EventBridge. Configure a RotateKey event in
- DCreate and store the secrets in AWS Secrets Manager. Choose the appropriate secret type. Tum
Explanation
AWS Secrets Manager is designed to securely store sensitive information such as database credentials, OAuth tokens, and API keys. It integrates with applications to retrieve secrets at runtime and supports automatic secret rotation using built-in or custom rotation mechanisms. Setting a 6-month rotation schedule directly satisfies the requirement for periodic, automated rotation without hardcoding secrets in the application.
Community Discussion
No community discussion yet for this question.