Amazon SCS-C02 Exam - Topic 3 Question 15 Discussion

Actual exam question for Amazon's SCS-C02 exam

Question #: 15
Topic #: 3

A company runs an online game on AWS. When players sign up for the game, their username and password credentials are stored in an Amazon Aurora database.

The number of users has grown to hundreds of thousands of players. The number of requests for password resets and login assistance has become a burden for the company's customer service team.

The company needs to implement a solution to give players another way to log in to the game. The solution must remove the burden of password resets and login assistance while securely protecting each player's credentials.

Which solution will meet these requirements?

AWhen a new player signs up, use an AWS Lambda function to automatically create an 1AM access key and a secret access key. Program the Lambda function to store the credentials on the player's device. Create 1AM keys for existing players.

BMigrate the player credentials from the Aurora database to AWS Secrets Manager. When a new player signs up. create a key-value pair in Secrets Manager for the player's user ID and password.

CConfigure Amazon Cognito user pools to federate access to the game with third-party identity providers (IdPs), such as social IdPs Migrate the game's authentication mechanism to Cognito.

DInstead of using usernames and passwords for authentication, issue API keys to new and existing players. Create an Amazon API Gateway API to give the game client access to the game's functionality.

Show Suggested Answer

Suggested Answer: C

The best solution to meet the company's requirements of offering an alternative login method while securely protecting player credentials and reducing the burden of password resets is to use Amazon Cognito with user pools. Amazon Cognito provides a fully managed service that facilitates the authentication, authorization, and user management for web and mobile applications. By configuring Amazon Cognito user pools to federate access with third-party Identity Providers (IdPs), such as social media platforms or Google, the company can allow users to sign in through these external IdPs, thereby eliminating the need for traditional username and password logins. This not only enhances user convenience but also offloads the responsibility of managing user credentials and the associated challenges like password resets to Amazon Cognito, thereby reducing the burden on the company's customer service team. Additionally, Amazon Cognito integrates seamlessly with other AWS services and follows best practices for security and compliance, ensuring that the player's credentials are protected.

by Mitsue at Apr 10, 2024, 07:05 PM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Nicolette

3 months ago

I agree, C makes it easier for everyone!

upvoted 0 times

...

Bernardine

3 months ago

Migrating to Secrets Manager seems unnecessary.

upvoted 0 times

...

Graciela

3 months ago

Wait, can you really just switch to Cognito like that?

upvoted 0 times

...

Natalie

4 months ago

API keys? That sounds risky.

upvoted 0 times

...

Christiane

4 months ago

I think option C is the best choice!

upvoted 0 times

...

James

4 months ago

I feel like issuing API keys in option D could lead to security risks. I think we should stick to a more robust authentication method like Cognito.

upvoted 0 times

...

Domitila

4 months ago

I practiced a similar question where we discussed migrating to Secrets Manager. Option B sounds familiar, but I’m not convinced it addresses the login assistance problem effectively.

upvoted 0 times

...

Laura

4 months ago

I'm not entirely sure, but I think using IAM access keys like in option A might not be secure enough for player credentials.

upvoted 0 times

...

Macy

5 months ago

I remember studying about AWS Cognito and how it can simplify user authentication. It seems like option C could really help with the password reset issue.

upvoted 0 times

...

Rashad

5 months ago

I think option C is the way to go. Migrating to Cognito and using third-party identity providers seems like it would meet the requirements and provide a more secure and user-friendly authentication experience. I'll focus on understanding how to implement that properly.

upvoted 0 times

...

Brande

5 months ago

Option D with the API keys is an interesting approach. That could help simplify the authentication process and reduce the burden on customer service. I'll need to weigh the pros and cons of that versus the other options.

upvoted 0 times

...

Barney

5 months ago

I've got a good feeling about option B with Secrets Manager. Storing the credentials there and managing them through that service seems like it could be a solid solution. I'll make sure to read through the details carefully.

upvoted 0 times

...

Lashawn

5 months ago

This is a tricky one. I'm not sure if I fully understand the requirements, but I think option C might be the way to go. Migrating to Cognito could help with the password reset and login assistance issues.

upvoted 0 times

...

Erinn

5 months ago

Hmm, I'm a bit confused by the question. Option A with the IAM keys seems like it could work, but I'm not sure if that's the best approach for a large number of players. I'll need to think this through a bit more.

upvoted 0 times

...

Sage

5 months ago

Okay, let me see if I can break this down. The key seems to be whether the previously designed elements are removed or not. I'll need to pay close attention to the details in the answer choices.

upvoted 0 times

...

Dante

5 months ago

D - providing regular reports to customers demonstrates transparency and helps them feel informed. I think that's the best approach here.

upvoted 0 times

...

Francine

5 months ago

This one seems pretty straightforward. I think the key is to focus on the "when" part of the question and look for the option that describes the specific conditions for when Backup Exec DLM deletes all the backup sets.

upvoted 0 times

...

Domonique

5 months ago

Hmm, I'm a bit unsure about the syntax here. I'll need to think through the different options carefully.

upvoted 0 times

...

Delmy

2 years ago

I think option D is worth considering. Using API keys instead of usernames and passwords can add an extra layer of security to the game. Plus, setting up an Amazon API Gateway API can streamline access to game functionality.

upvoted 0 times

...

Cathrine

2 years ago

I prefer option C. Configuring Amazon Cognito user pools to federate access with third-party identity providers can simplify the login process for players and reduce the need for password resets.

upvoted 0 times

...

Buck

2 years ago

I agree with Ressie. Moving the credentials to Secrets Manager seems like the most secure option. It will also make it easier to manage the login process for players.

upvoted 0 times

...

Ressie

2 years ago

I think option B is the best solution. By migrating the player credentials to AWS Secrets Manager, we can securely store the user IDs and passwords while reducing the burden on customer service.

upvoted 0 times

...

Ashton

2 years ago

That's a good point, Using API keys could definitely make it easier for players to log in without the need for constant password assistance.

upvoted 0 times

...

Herman

2 years ago

I'm leaning towards option D. Using API keys instead of usernames and passwords could simplify the login process and reduce the burden on customer service for password resets.

upvoted 0 times

...

Ivette

2 years ago

I disagree, I believe option B is the way to go. Migrating player credentials to AWS Secrets Manager will provide a centralized and secure way to manage user IDs and passwords.

upvoted 0 times

...

Ashton

2 years ago

I think option C is the best solution. Configuring Amazon Cognito user pools to federate access with third-party identity providers will make it easier for players to log in securely.

upvoted 0 times

...

Filiberto

2 years ago

Option B with AWS Secrets Manager seems like a good way to securely store the player credentials, but I'm not sure if it addresses the issue of password resets and login assistance.

upvoted 0 times

...

Shaun

2 years ago

But then the company would still have to manage password resets and login assistance, right? It doesn't really address the main problem.

upvoted 0 times

...

Sharen

2 years ago

Option D with API keys sounds interesting, but I'm not sure if that's the most secure approach for protecting player credentials.

upvoted 0 times

...

Linwood

2 years ago

I think option C looks promising. Migrating to Amazon Cognito and using third-party identity providers could help reduce the burden on customer service for password resets and logins.

upvoted 0 times

Edmond

2 years ago

C) I agree. Cognito's user pools with third-party IdPs could be a game-changer in simplifying the login process for players.

upvoted 0 times

...

Linn

2 years ago

B) That's true, Cognito does seem like a convenient option to consider for the company's online game.

upvoted 0 times

...

Eric

2 years ago

A) But with Cognito, federating access with third-party providers could offer a more seamless login experience for players.

upvoted 0 times

...

Laura

2 years ago

D) I see your point. Using Secrets Manager could indeed provide a more secure way of managing player credentials.

upvoted 0 times

...

Odette

2 years ago

C) AWS Secrets Manager might be a better option. Migrating player credentials there could enhance security and simplify login processes.

upvoted 0 times

...

Pamela

2 years ago

B) Yeah, migrating to Cognito could definitely help relieve the customer service team from dealing with password resets and logins.

upvoted 0 times

...

Kaycee

2 years ago

A) I think option C is a good choice. Using Amazon Cognito and third-party identity providers could streamline the login process for players.

upvoted 0 times

...

Lucia

2 years ago

Option B seems like a more straightforward approach. Storing the credentials in Secrets Manager could be a good way to centralize and secure the player data.

upvoted 0 times

...

Clay

2 years ago

Yeah, and then the company would have to manage all those IAM keys. That doesn't sound very scalable to me.

upvoted 0 times

...

Olene

2 years ago

Hmm, this question seems tricky. I'm not sure which option is the best solution for the company's requirements.

upvoted 0 times

...

Kristel

2 years ago

Okay, let's start with option A. Creating IAM keys for each player seems like a lot of overhead, and it could be a security risk if the keys get compromised on the player's device.

upvoted 0 times

Edda

2 years ago

But what about option C? Using Amazon Cognito with third-party IdPs could simplify the authentication process.

upvoted 0 times

...

Alica

2 years ago

I think option B might be better. Migrating credentials to Secrets Manager seems more secure.

upvoted 0 times

...

Daryl

2 years ago

I agree, storing IAM keys on player's device can be risky.

upvoted 0 times

...

Anthony

2 years ago

I agree. We need to carefully consider the tradeoffs between security, user experience, and maintenance overhead.

upvoted 0 times

...

Phung

2 years ago

Hmm, this is an interesting question. I think the solution really depends on the company's specific needs and security requirements. Let's go through each option and discuss the pros and cons.

upvoted 0 times

...