AWS Certified Developer Associate DVA-C02 Practice Question
A developer needs to ensure that the credentials used by a serverless function to connect to a database are stored securely and are not exposed in plain text. What is the recommended method for managing the credentials to maximize security?
Encrypt the credentials manually and include them as part of the serverless function's environment variables.
Place the encrypted credentials in a cloud storage service bucket and retrieve them via the serverless function.
Leverage a secrets manager to handle the credentials and retrieve them dynamically within the serverless function.
Hardcode the credentials directly into the code base that is part of the serverless function.
Utilizing a dedicated secret management service, specifically designed to handle sensitive information, provides robust security features such as encryption at rest and controlled access policies. This service also takes care of secure storage and rotation of secrets, which is not inherently handled when encrypting and storing values directly in the serverless function's environment variables or when using simple storage services.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a secrets manager, and how does it work?
Open an interactive chat with Bash
What are the benefits of using a secrets manager over environment variables?
Open an interactive chat with Bash
How does credential rotation in a secrets manager improve security?
Open an interactive chat with Bash
AWS Certified Developer Associate DVA-C02
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access