SCS-C02 · Question #17
SCS-C02 Question #17: Real Exam Question with Answer & Explanation
The correct answer is D: Store the environment variables in AWS Systems Manager Parameter Store as secure string. There is no charge from Parameter Store to create a SecureString parameter. https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-parameter- store.html#what-is-a-parameter
Question
A company has thousands of AWS Lambda functions. While reviewing the Lambda functions, a security engineer discovers that sensitive information is being stored in environment variables and is viewable as plaintext in the Lambda console. The values of the sensitive information are only a few characters long. What is the MOST cost-effective way to address this security issue?
Options
- ASet up IAM policies from the Lambda console to hide access to the environment variables.
- BUse AWS Step Functions to store the environment variables. Access the environment variables at
- CStore the environment variables in AWS Secrets Manager, and access them at runtime. Use IAM
- DStore the environment variables in AWS Systems Manager Parameter Store as secure string
Explanation
There is no charge from Parameter Store to create a SecureString parameter. https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-parameter- store.html#what-is-a-parameter
Community Discussion
No community discussion yet for this question.