SAP-C02 · Question #326
SAP-C02 Question #326: Real Exam Question with Answer & Explanation
Sign in or unlock SAP-C02 to reveal the answer and full explanation for question #326. The question stem and answer options stay visible for context.
Question
A security engineer determined that an existing application retrieves credentials to an Amazon RDS for MySQL database from an encrypted file in Amazon S3. For the next version of the application, the security engineer wants to implement the following application design changes to improve security: - The database must use strong, randomly generated passwords stored in a secure AWS managed service. - The application resources must be deployed through AWS CloudFormation. - The application must rotate credentials for the database every 90 days. A solutions architect will generate a CloudFormation template to deploy the application. Which resources specified in the CloudFormation template will meet the security engineer's requirements with the LEAST amount of operational overhead?
Options
- AGenerate the database password as a secret resource using AWS Secrets Manager.
- BGenerate the database password as a SecureString parameter type using AWS Systems
- CGenerate the database password as a secret resource using AWS Secrets Manager.
- DGenerate the database password as a SecureString parameter type using AWS Systems
Unlock SAP-C02 to see the answer
You've previewed enough free SAP-C02 questions. Unlock SAP-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.