SCS-C02 · Question #75
SCS-C02 Question #75: Real Exam Question with Answer & Explanation
The correct answer is A: Use AWS Database Migration Service (AWS DMS) with full load and change data capture (CDC). If your project doesn't allow for significant downtime for this activity, you need an alternate approach that helps minimize the downtime. This pattern uses the AWS Database Migration Service (AWS DMS) to migrate and continuously replicate the data so that the cutover to the new,
Question
A company released a new software-as-a-service (SaaS) application that is receiving significant adoption by end users. The rds-storage-encrypted AWS Config managed rule generates an alert that notifies the company's security team about a resource that is not compliant. The noncompliant resource is an Amazon RDS for MySQL database that was deployed as part of the newly released application. How can the security team resolve the noncompliance with the LEAST disruption of application availability for the end users?
Options
- AUse AWS Database Migration Service (AWS DMS) with full load and change data capture (CDC)
- BCreate a snapshot of the noncompliant DB instance. Make a copy of the snapshot in the same
- CDeploy a patch to the application to stop writing to the noncompliant database. Enable storage
- DAdd a read replica to the noncompliant DB instance. Enable storage encryption on the read
Explanation
If your project doesn't allow for significant downtime for this activity, you need an alternate approach that helps minimize the downtime. This pattern uses the AWS Database Migration Service (AWS DMS) to migrate and continuously replicate the data so that the cutover to the new, encrypted database can be done with minimal downtime. https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/encrypt-an-existing-amazon- rds-for-postgresql-db-instance.html
Community Discussion
No community discussion yet for this question.