Multiple Choice
A company has a serverless application for internal users deployed on AWS. The application uses AWS Lambda for the front end and for business logic. The Lambda function accesses an Amazon RDS database inside a VPC. The company uses AWS Systems Manager Parameter Store for storing database credentials. A recent security review highlighted the following issues: The Lambda function has internet access. The relational database is publicly accessible. The database credentials are not stored in an encrypted state. Which combination of steps should the company take to resolve these security issues? (Choose three.)
A) Disable public access to the RDS database inside the VPC.
B) Move all the Lambda functions inside the VPC.
C) Edit the IAM role used by Lambda to restrict internet access.
D) Create a VPC endpoint for Systems Manager. Store the credentials as a string parameter. Change the parameter type to an advanced parameter.
E) Edit the IAM role used by RDS to restrict internet access.
F) Create a VPC endpoint for Systems Manager. Store the credentials as a SecureString parameter.
Correct Answer:
Verified
Correct Answer:
Verified
Q10: A Security Administrator has a website hosted
Q11: A company's security engineer has been asked
Q12: A company has an application hosted in
Q13: A Software Engineer wrote a customized reporting
Q14: A company will store sensitive documents in
Q16: A company plans to migrate a sensitive
Q17: A company requires that IP packet data
Q18: A company wants to encrypt the private
Q19: An organization policy states that all encryption
Q20: An organization receives an alert that indicates