New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon CLF-C02 Exam - Topic 1 Question 5 Discussion

Actual exam question for Amazon's CLF-C02 exam
Question #: 5
Topic #: 1
[All CLF-C02 Questions]

A company is building an application in the AWS Cloud. The company wants to use temporary credentials for the application to access other AWS resources.

Which AWS service will meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: D

AWS Security Token Service (AWS STS) is a service that provides temporary security credentials to users or applications that need to access AWS resources. The temporary credentials have a limited lifetime and can be configured to last from a few minutes to several hours. The credentials are not stored with the user or application, but are generated dynamically and provided on request.The credentials work almost identically to long-term access key credentials, but have the advantage of not requiring distribution, rotation, or revocation1.

AWS Key Management Service (AWS KMS) is a service that provides encryption and decryption services for data and keys.It does not provide temporary security credentials2.

AWS CloudHSM is a service that provides hardware security modules (HSMs) for cryptographic operations and key management.It does not provide temporary security credentials3.

Amazon Cognito is a service that provides user authentication and authorization for web and mobile applications.It can also provide temporary security credentials for authenticated users, but not for applications4.


by Irma at Oct 09, 2023, 01:05 AM

Limited Time Offer

25%

Off

Get Premium CLF-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Leanna
3 months ago
I thought STS was mainly for federated access, not just temp creds?
upvoted 0 times
...
Ryann
3 months ago
KMS and CloudHSM are not for temporary access, just saying.
upvoted 0 times
...
Benedict
4 months ago
Wait, isn't Cognito also for managing credentials?
upvoted 0 times
...
Lynda
4 months ago
Totally agree, STS is perfect for this use case.
upvoted 0 times
...
Gaynell
4 months ago
AWS STS is the right choice for temporary credentials!
upvoted 0 times
...
Sabina
4 months ago
I’m leaning towards AWS STS too, but I wonder if there are any edge cases where Cognito could be relevant for temporary access.
upvoted 0 times
...
Emilio
4 months ago
I feel like AWS KMS and CloudHSM are more about encryption and key management, so they probably aren't the right choice here.
upvoted 0 times
...
Eleonore
5 months ago
I remember practicing a question about AWS services for authentication, and I think Amazon Cognito was mentioned, but it seems more focused on user sign-in rather than temporary access.
upvoted 0 times
...
Pilar
5 months ago
I think the answer might be AWS STS because it deals with temporary credentials, but I'm not completely sure.
upvoted 0 times
...
Olene
5 months ago
I'm a little confused by the options here. AWS KMS and AWS CloudHSM seem more focused on encryption and key management, so I don't think those are the right answers. I'm leaning towards Amazon Cognito or AWS STS, but I'll have to double-check the details.
upvoted 0 times
...
Chantell
5 months ago
Okay, I've got a strategy for this. The question is asking for a service that provides temporary credentials, so I need to think about which AWS service handles authentication and authorization. AWS STS sounds like the right answer.
upvoted 0 times
...
Jerry
5 months ago
Hmm, I'm a bit unsure about this one. I know AWS has a lot of different services, and it's not always easy to remember which one does what. I'll have to think this through carefully.
upvoted 0 times
...
Leatha
5 months ago
This one seems straightforward. I think AWS Security Token Service (AWS STS) is the service that provides temporary credentials for accessing other AWS resources.
upvoted 0 times
...
Mila
5 months ago
Okay, the key details I see are that the zone is not yet booted, and it has a virtual network interface. I think I can use that information to narrow down the correct options.
upvoted 0 times
...
Freida
5 months ago
Hmm, I'm a bit unsure about this one. I'll need to review the material on asset management and importing data to see if I can figure out the right answer.
upvoted 0 times
...
Barney
5 months ago
My gut says it has to do with Service Loose Coupling since reusable services should definitely be independent to manage performance better.
upvoted 0 times
...
Jess
5 months ago
If I recall correctly, I need to apply the Gordon Growth Model here, right? I wonder if the increase in growth offsetting the rise in cost of equity actually results in a net positive effect on the share price.
upvoted 0 times
...

Save Cancel