Examice

Exam DVA-C02 All QuestionsBrowse all questions from this exam

Question 9

A company wants to share information with a third party. The third party has an HTTP API endpoint that the company can use to share the information. The company has the required API key to access the HTTP API.

The company needs a way to manage the API key by using code. The integration of the API key with the application code cannot affect application performance.

Which solution will meet these requirements MOST securely?

Store the API credentials in AWS Secrets Manager. Retrieve the API credentials at runtime by using the AWS SDK. Use the credentials to make the API call.

Store the API credentials in a local code variable. Push the code to a secure Git repository. Use the local code variable at runtime to make the API call.

Store the API credentials as an object in a private Amazon S3 bucket. Restrict access to the S3 object by using IAM policies. Retrieve the API credentials at runtime by using the AWS SDK. Use the credentials to make the API call.

Store the API credentials in an Amazon DynamoDB table. Restrict access to the table by using resource-based policies. Retrieve the API credentials at runtime by using the AWS SDK. Use the credentials to make the API call.

Correct Answer: A

Storing the API credentials in AWS Secrets Manager is the most secure and practical solution. AWS Secrets Manager provides a secure way to manage and retrieve sensitive information, like API keys, without hardcoding them in the source code or storing them in less secure locations. By using AWS SDK to retrieve the credentials at runtime, the application can maintain strong security without compromising performance.

Discussion

Kristijan92Option: A

answer A

elfinka9Option: A

Why B is marked as correct ????

c949c84Option: A

Most secure

leonardoliverosOption: A

B isn't secury A is the best option for this scenary

gullyboy77Option: A

Secret Manager is the safest way to store secrets in AWS.

chvtejaswiOption: A

Answer A

sp323Option: A

parameter store is secure, so A

nkroker

B is certainly a wrong answer because if you read the application development with AWS case study and also the best practices then in it the AWS itself does not encourage the developer to store the sensitive API and license keys in code on the other hand it encourages to use the provided solutions like KMS, Secrets Manager and Parameter Store.

297dfbbOption: A

A is correct. B is wrong because you never store credentials in source control.

65703c1Option: A

A is the correct answer.

Prosen2522

A is it

badsati

Straight A

bednarkOption: A

A is correct

hmdevOption: A

A seems to be the most secure and correct. Always use Secret Manger to store secrets, as the name implies.

Yuxing_LiOption: A

A is correct

sivuca1Option: A

The other options (B, C and D) are not as safe or manageable:

ssoratroiOption: A

parameter store is the better solution so A