ExpertMedium1 markMultiple Choice
AWS SAA-C03 · Question 07 · Domain 1.1: Secure Access
An application requires access to a third-party API using an API key. The security team mandates that the API key must be encrypted at rest and automatically rotated every 30 days.<br/><br/>Which AWS service should be used to store the API key?
An application requires access to a third-party API using an API key. The security team mandates that the API key must be encrypted at rest and automatically rotated every 30 days.<br/><br/>Which AWS service should be used to store the API key?
Answer options:
A.
AWS Systems Manager Parameter Store
B.
AWS Secrets Manager
C.
AWS Key Management Service (AWS KMS)
D.
Amazon S3 with server-side encryption
How to approach this question
Look for the keyword 'automatically rotated'.
Full Answer
B.AWS Secrets Manager✓ Correct
AWS Secrets Manager
AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.
Common mistakes
Choosing Parameter Store, which is cheaper but lacks native automatic rotation.
Practice the full AWS SAA-C03 Practice Exam 6
65 questions · hints · full answers · grading
More questions from this exam
Q01A company has multiple AWS accounts in an AWS Organizations organization. The security team wants...MediumQ02A company has two AWS accounts: Account A for development and Account B for production. Developer...MediumQ03A mobile application needs to authenticate users using their social media accounts (Facebook, Goo...EasyQ04A company is running an application on Amazon EC2 instances. The application needs to connect to ...MediumQ05A company has 50 AWS accounts managed by AWS Organizations. The IT team wants to implement a cent...Easy