Amazon Exam DBS-C01 Topic 7 Question 36 Discussion

Actual exam question for Amazon's DBS-C01 exam

Question #: 36
Topic #: 7

A company is going through a security audit. The audit team has identified cleartext master user password in the AWS CloudFormation templates for Amazon RDS for MySQL DB instances. The audit team has flagged this as a security risk to the database team.

What should a database specialist do to mitigate this risk?

AChange all the databases to use AWS IAM for authentication and remove all the cleartext passwords in CloudFormation templates.

BUse an AWS Secrets Manager resource to generate a random password and reference the secret in the CloudFormation template.

CRemove the passwords from the CloudFormation templates so Amazon RDS prompts for the password when the database is being created.

DRemove the passwords from the CloudFormation template and store them in a separate file. Replace the passwords by running CloudFormation using a sed command.

Show Suggested Answer

Suggested Answer: B

by Marti at May 08, 2022, 08:29 AM

Limited Time Offer

25%

Off

Get Premium DBS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!