SCS-C02 · Question #66
SCS-C02 Question #66: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #66. The question stem and answer options stay visible for context.
Question
A team is using AWS Secrets Manager to store an application database password. Only a limited number of IAM principals within the account can have access to the secret. The principals who require access to the secret change frequently. A security engineer must create a solution that maximizes flexibility and scalability. Which solution will meet these requirements?
Options
- AUse a role-based approach by creating an IAM role with an inline permissions policy that allows
- BDeploy a VPC endpoint for Secrets Manager. Create and attach an endpoint policy that specifies
- CUse a tag-based approach by attaching a resource policy to the secret. Apply tags to the secret
- DUse a deny-by-default approach by using IAM policies to deny access to the secret explicitly.
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.