Amazon Exam SCS-C02 Topic 3 Question 15 Discussion

Actual exam question for Amazon's SCS-C02 exam

Question #: 15
Topic #: 3

A company runs an online game on AWS. When players sign up for the game, their username and password credentials are stored in an Amazon Aurora database.

The number of users has grown to hundreds of thousands of players. The number of requests for password resets and login assistance has become a burden for the company's customer service team.

The company needs to implement a solution to give players another way to log in to the game. The solution must remove the burden of password resets and login assistance while securely protecting each player's credentials.

Which solution will meet these requirements?

AWhen a new player signs up, use an AWS Lambda function to automatically create an 1AM access key and a secret access key. Program the Lambda function to store the credentials on the player's device. Create 1AM keys for existing players.

BMigrate the player credentials from the Aurora database to AWS Secrets Manager. When a new player signs up. create a key-value pair in Secrets Manager for the player's user ID and password.

CConfigure Amazon Cognito user pools to federate access to the game with third-party identity providers (IdPs), such as social IdPs Migrate the game's authentication mechanism to Cognito.

DInstead of using usernames and passwords for authentication, issue API keys to new and existing players. Create an Amazon API Gateway API to give the game client access to the game's functionality.

Show Suggested Answer

Suggested Answer: C

The best solution to meet the company's requirements of offering an alternative login method while securely protecting player credentials and reducing the burden of password resets is to use Amazon Cognito with user pools. Amazon Cognito provides a fully managed service that facilitates the authentication, authorization, and user management for web and mobile applications. By configuring Amazon Cognito user pools to federate access with third-party Identity Providers (IdPs), such as social media platforms or Google, the company can allow users to sign in through these external IdPs, thereby eliminating the need for traditional username and password logins. This not only enhances user convenience but also offloads the responsibility of managing user credentials and the associated challenges like password resets to Amazon Cognito, thereby reducing the burden on the company's customer service team. Additionally, Amazon Cognito integrates seamlessly with other AWS services and follows best practices for security and compliance, ensuring that the player's credentials are protected.

by Mitsue at Apr 10, 2024, 07:05 PM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Delmy

8 months ago

I think option D is worth considering. Using API keys instead of usernames and passwords can add an extra layer of security to the game. Plus, setting up an Amazon API Gateway API can streamline access to game functionality.

upvoted 0 times

...

Cathrine

8 months ago

I prefer option C. Configuring Amazon Cognito user pools to federate access with third-party identity providers can simplify the login process for players and reduce the need for password resets.

upvoted 0 times

...

Buck

9 months ago

I agree with Ressie. Moving the credentials to Secrets Manager seems like the most secure option. It will also make it easier to manage the login process for players.

upvoted 0 times

...

Ressie

9 months ago

I think option B is the best solution. By migrating the player credentials to AWS Secrets Manager, we can securely store the user IDs and passwords while reducing the burden on customer service.

upvoted 0 times

...

Ashton

10 months ago

That's a good point, Using API keys could definitely make it easier for players to log in without the need for constant password assistance.

upvoted 0 times

...

Herman

10 months ago

I'm leaning towards option D. Using API keys instead of usernames and passwords could simplify the login process and reduce the burden on customer service for password resets.

upvoted 0 times

...

Ivette

10 months ago

I disagree, I believe option B is the way to go. Migrating player credentials to AWS Secrets Manager will provide a centralized and secure way to manage user IDs and passwords.

upvoted 0 times

...

Ashton

10 months ago

I think option C is the best solution. Configuring Amazon Cognito user pools to federate access with third-party identity providers will make it easier for players to log in securely.

upvoted 0 times

...

Filiberto

11 months ago

Option B with AWS Secrets Manager seems like a good way to securely store the player credentials, but I'm not sure if it addresses the issue of password resets and login assistance.

upvoted 0 times

...

Shaun

11 months ago

But then the company would still have to manage password resets and login assistance, right? It doesn't really address the main problem.

upvoted 0 times

...

Sharen

11 months ago

Option D with API keys sounds interesting, but I'm not sure if that's the most secure approach for protecting player credentials.

upvoted 0 times

...

Linwood

11 months ago

I think option C looks promising. Migrating to Amazon Cognito and using third-party identity providers could help reduce the burden on customer service for password resets and logins.

upvoted 0 times

Edmond

10 months ago

C) I agree. Cognito's user pools with third-party IdPs could be a game-changer in simplifying the login process for players.

upvoted 0 times

...

Linn

10 months ago

B) That's true, Cognito does seem like a convenient option to consider for the company's online game.

upvoted 0 times

...

Eric

10 months ago

A) But with Cognito, federating access with third-party providers could offer a more seamless login experience for players.

upvoted 0 times

...

Laura

10 months ago

D) I see your point. Using Secrets Manager could indeed provide a more secure way of managing player credentials.

upvoted 0 times

...

Odette

10 months ago

C) AWS Secrets Manager might be a better option. Migrating player credentials there could enhance security and simplify login processes.

upvoted 0 times

...

Pamela

10 months ago

B) Yeah, migrating to Cognito could definitely help relieve the customer service team from dealing with password resets and logins.

upvoted 0 times

...

Kaycee

10 months ago

A) I think option C is a good choice. Using Amazon Cognito and third-party identity providers could streamline the login process for players.

upvoted 0 times

...

Lucia

11 months ago

Option B seems like a more straightforward approach. Storing the credentials in Secrets Manager could be a good way to centralize and secure the player data.

upvoted 0 times

...

Clay

11 months ago

Yeah, and then the company would have to manage all those IAM keys. That doesn't sound very scalable to me.

upvoted 0 times

...

Olene

11 months ago

Hmm, this question seems tricky. I'm not sure which option is the best solution for the company's requirements.

upvoted 0 times

...

Kristel

11 months ago

Okay, let's start with option A. Creating IAM keys for each player seems like a lot of overhead, and it could be a security risk if the keys get compromised on the player's device.

upvoted 0 times

Edda

9 months ago

But what about option C? Using Amazon Cognito with third-party IdPs could simplify the authentication process.

upvoted 0 times

...

Alica

9 months ago

I think option B might be better. Migrating credentials to Secrets Manager seems more secure.

upvoted 0 times

...

Daryl

9 months ago

I agree, storing IAM keys on player's device can be risky.

upvoted 0 times

...

Anthony

11 months ago

I agree. We need to carefully consider the tradeoffs between security, user experience, and maintenance overhead.

upvoted 0 times

...

Phung

11 months ago

Hmm, this is an interesting question. I think the solution really depends on the company's specific needs and security requirements. Let's go through each option and discuss the pros and cons.

upvoted 0 times

...