Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon SCS-C02 Exam - Topic 8 Question 35 Discussion

An Amazon API Gateway API invokes an AWS Lambda function that needs to interact with a software-as-a-service (SaaS) platform. A unique client token is generated in the SaaS platform to grant access to the Lambda function. A security engineer needs to design a solution to encrypt the access token at rest and pass the token to the Lambda function at runtime.Which solution will meet these requirements MOST cost-effectively?
C) Store the client token as a SecureString parameter in AWS Systems Manager Parameter Store. Use the AWS SDK to retrieve the value of the SecureString parameter in the Lambda function.
A) Store the client token as a secret in AWS Secrets Manager. Use th^AWS SDK to retneve the secret in the Lambda function.
B) Configure a token-based Lambda authorizer in API Gateway.
D) Use AWS Key Management Service (AWS KMS) to encrypt the client token. Pass the token to the Lambda function at runtime through an environment variable.

Amazon SCS-C02 Exam - Topic 8 Question 35 Discussion

Actual exam question for Amazon's SCS-C02 exam
Question #: 35
Topic #: 8
[All SCS-C02 Questions]

An Amazon API Gateway API invokes an AWS Lambda function that needs to interact with a software-as-a-service (SaaS) platform. A unique client token is generated in the SaaS platform to grant access to the Lambda function. A security engineer needs to design a solution to encrypt the access token at rest and pass the token to the Lambda function at runtime.

Which solution will meet these requirements MOST cost-effectively?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Sheron at Sep 18, 2024, 09:59 AM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Helene
5 months ago
Surprised no one mentioned IAM roles for access control!
upvoted 0 times
...
Nida
6 months ago
I think C is more cost-effective with Parameter Store.
upvoted 0 times
...
Florinda
6 months ago
Option A seems solid for secret management.
upvoted 0 times
...
Walker
6 months ago
D is risky with environment variables, not a fan.
upvoted 0 times
...
Anjelica
6 months ago
A is definitely the best choice for security and ease.
upvoted 0 times
...
Arthur
6 months ago
I vaguely recall that a token-based Lambda authorizer could help with security, but I’m not sure how it fits into the requirement of passing the token at runtime.
upvoted 0 times
...
Genevieve
7 months ago
I practiced a similar question about encrypting tokens, and I feel like using AWS KMS for encryption is a solid approach, but passing it through an environment variable seems risky.
upvoted 0 times
...
Jina
7 months ago
I think using AWS Systems Manager Parameter Store with SecureString could be a good choice since it’s cheaper than Secrets Manager, but I’m not completely confident.
upvoted 0 times
...
Eric
7 months ago
I remember that AWS Secrets Manager is often used for storing sensitive information, but I'm not sure if it's the most cost-effective option here.
upvoted 0 times
...
Rebecka
7 months ago
The KMS option (D) is interesting, but I'm not sure if it's the most cost-effective approach here. I'll need to do some research on the pricing and overhead of using KMS.
upvoted 0 times
...
Tomoko
7 months ago
I'm leaning towards option C with Parameter Store. Storing the token as a SecureString and using the AWS SDK to retrieve it in the Lambda function seems like a solid, cost-effective solution.
upvoted 0 times
...
Providencia
8 months ago
Okay, I think I've got a handle on this. Storing the token in Secrets Manager or Parameter Store seems like the most straightforward approach to meet the requirements.
upvoted 0 times
...
Tu
8 months ago
Hmm, I'm a bit confused on the differences between the options here. I'll need to review the details of each solution to determine which one is the most cost-effective.
upvoted 0 times
...
Gracia
8 months ago
This looks like a tricky one. I'll need to carefully consider the cost-effectiveness requirement while also ensuring the token is properly encrypted and accessible to the Lambda function.
upvoted 0 times
...
Natalya
8 months ago
This seems like a straightforward question. I'll read through the information carefully and think about the key points.
upvoted 0 times
...
Wilbert
2 years ago
I'm with the others on this one. Option C is the clear winner. Gotta love those AWS services that just work well together, am I right?
upvoted 0 times
Nana
2 years ago
Absolutely, AWS services like Parameter Store and AWS SDK work seamlessly together for a secure and efficient solution.
upvoted 0 times
...
Pete
2 years ago
I agree, using SecureString parameter in Parameter Store is a cost-effective and secure solution for storing the client token.
upvoted 0 times
...
Jeannetta
2 years ago
Option C is definitely the way to go. AWS Systems Manager Parameter Store makes it easy to securely store and retrieve sensitive data.
upvoted 0 times
...
...
Angella
2 years ago
I'm not sure, but I think option A could also work well by storing the token in AWS Secrets Manager.
upvoted 0 times
...
Izetta
2 years ago
Hmm, I'm not sure. Aren't there any options that involve a dancing penguin to make it more entertaining? Just kidding, Option C does seem like the most practical choice here.
upvoted 0 times
...
Beth
2 years ago
I agree, Option C is the way to go. Storing sensitive information in Secrets Manager or KMS can get expensive, especially for small use cases. Parameter Store is a great, low-cost alternative.
upvoted 0 times
Leah
2 years ago
It's good to know that there are affordable options like Parameter Store available for securing sensitive information.
upvoted 0 times
...
Colton
2 years ago
I agree, using Parameter Store for storing the client token is a smart choice to keep costs down.
upvoted 0 times
...
Willodean
2 years ago
Option C is definitely the most cost-effective solution for this scenario.
upvoted 0 times
...
...
Yuette
2 years ago
Option C looks like the most secure and cost-effective solution. Storing the client token as a SecureString in Parameter Store and using the AWS SDK to retrieve it in the Lambda function is a solid approach.
upvoted 0 times
Enola
2 years ago
Definitely, using AWS Systems Manager Parameter Store is a good practice for managing secrets.
upvoted 0 times
...
Craig
2 years ago
It's important to prioritize security when dealing with sensitive information like client tokens.
upvoted 0 times
...
Tamie
2 years ago
I agree, storing the token as a SecureString in Parameter Store adds an extra layer of security.
upvoted 0 times
...
Veronique
2 years ago
Option C looks like the most secure and cost-effective solution.
upvoted 0 times
...
...
Rikki
2 years ago
I agree with Franklyn. Option D provides a secure way to pass the token to the Lambda function.
upvoted 0 times
...
Franklyn
2 years ago
I think option D is the best choice because it encrypts the client token using AWS KMS.
upvoted 0 times
...

Save Cancel