What should a database specialist do to mitigate this risk?

DBS-C01 V2 0 Comments

A company is going through a security audit. The audit team has identified cleartext master user password in the AWS CloudFormation templates for Amazon RDS for MySQL DB instances. The audit team has flagged this as a security risk to the database team.

What should a database specialist do to mitigate this risk?
A . Change all the databases to use AWS IAM for authentication and remove all the cleartext passwords in CloudFormation templates.
B . Use an AWS Secrets Manager resource to generate a random password and reference the secret in the CloudFormation template.
C . Remove the passwords from the CloudFormation templates so Amazon RDS prompts for the password when the database is being created.
D . Remove the passwords from the CloudFormation template and store them in a separate file.
Replace the passwords by running CloudFormation using a sed command.

Answer: B

Explanation:

https://aws.amazon.com/blogs/infrastructure-and-automation/securing-passwords-in-aws-quick-starts-using-aws-secrets-manager/

Latest DBS-C01 Dumps Valid Version with 85 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download DBS-C01 PDF     DBS-C01 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments