A company has a serverless application for internal users deployed on AWS. The application uses AWS Lambda for the front end and for business logic. The Lambda function accesses an Amazon RDS database inside a VPC. The company uses AWS Systems Manager Parameter Store for storing database credentials. A recent security review highlighted the following issues: The Lambda function has internet access. The relational database is publicly accessible. The database credentials are not stored in an encrypted state. Which combination of steps should the company take to resolve these security issues? (Choose three.)
A) Disable public access to the RDS database inside the VPC.
B) Move all the Lambda functions inside the VPC.
C) Edit the IAM role used by Lambda to restrict internet access.
D) Create a VPC endpoint for Systems Manager. Store the credentials as a string parameter. Change the parameter type to an advanced parameter.
E) Edit the IAM role used by RDS to restrict internet access.
F) Create a VPC endpoint for Systems Manager. Store the credentials as a SecureString parameter.
Correct Answer:
Verified
Q278: A company has an IAM group. All
Q279: A company is hosting a web application
Q280: A company plans to create individual child
Q281: A company needs its Amazon Elastic Block
Q282: A security engineer must develop an encryption
Q284: A company's on-premises networks are connected to
Q285: A company stores images for a website
Q286: A development team is using an AWS
Q287: A company deployed an Amazon EC2 instance
Q288: A company is using AWS Organizations to
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents