A company is going through a security audit. The audit team has identified cleartext master user password in the AWS CloudFormation templates for Amazon RDS for MySQL DB instances. The audit team has flagged this as a security risk to the database team. What should a database specialist do to mitigate this risk?
A) Change all the databases to use AWS IAM for authentication and remove all the cleartext passwords in CloudFormation templates.
B) Use an AWS Secrets Manager resource to generate a random password and reference the secret in the CloudFormation template.
C) Remove the passwords from the CloudFormation templates so Amazon RDS prompts for the password when the database is being created.
D) Remove the passwords from the CloudFormation template and store them in a separate file. Replace the passwords by running CloudFormation using a sed command.
Correct Answer:
Verified
Q146: A database specialist must load 25 GB
Q147: A company is releasing a new mobile
Q148: A financial company recently launched a portfolio
Q149: After restoring an Amazon RDS snapshot from
Q150: An ecommerce company recently migrated one of
Q151: A company wants to automate the creation
Q152: An Amazon RDS EBS-optimized instance with Provisioned
Q153: A database specialist must create nightly backups
Q154: A media company is using Amazon RDS
Q155: A company has two separate AWS accounts:
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents