Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

A recent security audit identified that a company’s application team injects database credentials into the...

A recent security audit identified that a company’s application team injects database credentials into the environment variables of an AWS Fargate task. The company’s security policy mandates that all sensitive data be encrypted at rest and in transit.

Which combination of actions should the security team take to make the application compliant with the security policy? (Select THREE.)

A.

Store the credentials securely in a file in an Amazon S3 bucket with restricted access to the application team IAM role. Ask the application team to read the credentials from the S3 object instead.

B.

Create an AWS Secrets Manager secret and specify the key-value pairs to be stored in this secret.

C.

Modify the application to pull credentials from the AWS Secrets Manager secret instead of the environment variables.

D.

Add a policy statement to the container instance IAM role that allows ssm:GetParameters, secretsmanager:GetSecretValue, and kms:Decrypt for the required secret and KMS key.

E.

Add a policy statement to the task role or task execution role that allows ssm:GetParameters, secretsmanager:GetSecretValue, and kms:Decrypt for the required secret and KMS key.

F.

Log in to the AWS Fargate instance, create a script to read the secret value from AWS Secrets Manager, and inject the environment variables. Ask the application team to redeploy the application.

SCS-C03 PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now SCS-C03 pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"