ExpertEasy1 markMultiple Choice
AWS SAP-C02 · Question 35 · Domain 2.3: Security Controls
An application needs to access database credentials. The security policy dictates that credentials must be rotated automatically every 30 days without application downtime. Which service should be used?
An application needs to access database credentials. The security policy dictates that credentials must be rotated automatically every 30 days without application downtime. Which service should be used?
Answer options:
A.
AWS Systems Manager Parameter Store (SecureString)
B.
AWS Secrets Manager
C.
AWS KMS
D.
AWS IAM
How to approach this question
Identify the service designed for credential rotation.
Full Answer
B.AWS Secrets Manager✓ Correct
AWS Secrets Manager
AWS Secrets Manager is specifically designed to manage, retrieve, and automatically rotate database credentials and API keys.
Common mistakes
Choosing Parameter Store, which requires custom Lambda functions for rotation.
Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 3
75 questions · hints · full answers · grading
More questions from this exam
Q01An enterprise has 100 VPCs across 5 AWS Regions. They need to establish a highly available, trans...HardQ02A company uses AWS Organizations. The CISO requires that no EC2 instances can be launched outside...MediumQ03An application uses Amazon Aurora PostgreSQL. To meet disaster recovery requirements, the databas...HardQ04A company is setting up a new multi-account AWS environment. They want to automate the creation o...MediumQ05An organization wants to allocate AWS costs to specific departments. They use multiple AWS accoun...Medium