A recent security audit identified that a company's application team injects database credentials into the environment variables of an AWS Fargate task. The company's security policy mandates that all sensitive data be encrypted at rest and in transit. Which combination of actions should the security team take to make the application compliant with the security policy?
A) Store the credentials securely in a file in an Amazon S3 bucket with restricted access to the application team IAM role. Ask the application team to read the credentials from the S3 object instead.
B) Create an AWS Secrets Manager secret and specify the key/value pairs to be stored in this secret.
C) Modify the application to pull credentials from the AWS Secrets Manager secret instead of the environment variables.
D) Add the following statement to the container instance IAM role policy: 
E) Add the following statement to the task execution role policy 
Correct Answer:
Verified
Q188: A company is implementing a new application
Q189: A company's security engineer has been asked
Q190: A security engineer has noticed that VPC
Q191: A company uses multiple AWS accounts managed
Q192: A company has a VPC with an
Q194: A security engineer is designing an incident
Q195: A company wants to deploy an application
Q196: A security engineer is responsible for providing
Q197: A company wants to encrypt data locally
Q198: A security engineer needs to ensure their
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents