New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon SCS-C02 Exam - Topic 8 Question 35 Discussion

Actual exam question for Amazon's SCS-C02 exam
Question #: 35
Topic #: 8
[All SCS-C02 Questions]

An Amazon API Gateway API invokes an AWS Lambda function that needs to interact with a software-as-a-service (SaaS) platform. A unique client token is generated in the SaaS platform to grant access to the Lambda function. A security engineer needs to design a solution to encrypt the access token at rest and pass the token to the Lambda function at runtime.

Which solution will meet these requirements MOST cost-effectively?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Sheron at Sep 18, 2024, 09:59 AM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Helene
2 months ago
Surprised no one mentioned IAM roles for access control!
upvoted 0 times
...
Nida
2 months ago
I think C is more cost-effective with Parameter Store.
upvoted 0 times
...
Florinda
2 months ago
Option A seems solid for secret management.
upvoted 0 times
...
Walker
3 months ago
D is risky with environment variables, not a fan.
upvoted 0 times
...
Anjelica
3 months ago
A is definitely the best choice for security and ease.
upvoted 0 times
...
Arthur
3 months ago
I vaguely recall that a token-based Lambda authorizer could help with security, but I’m not sure how it fits into the requirement of passing the token at runtime.
upvoted 0 times
...
Genevieve
3 months ago
I practiced a similar question about encrypting tokens, and I feel like using AWS KMS for encryption is a solid approach, but passing it through an environment variable seems risky.
upvoted 0 times
...
Jina
4 months ago
I think using AWS Systems Manager Parameter Store with SecureString could be a good choice since it’s cheaper than Secrets Manager, but I’m not completely confident.
upvoted 0 times
...
Eric
4 months ago
I remember that AWS Secrets Manager is often used for storing sensitive information, but I'm not sure if it's the most cost-effective option here.
upvoted 0 times
...
Rebecka
4 months ago
The KMS option (D) is interesting, but I'm not sure if it's the most cost-effective approach here. I'll need to do some research on the pricing and overhead of using KMS.
upvoted 0 times
...
Tomoko
4 months ago
I'm leaning towards option C with Parameter Store. Storing the token as a SecureString and using the AWS SDK to retrieve it in the Lambda function seems like a solid, cost-effective solution.
upvoted 0 times
...
Providencia
4 months ago
Okay, I think I've got a handle on this. Storing the token in Secrets Manager or Parameter Store seems like the most straightforward approach to meet the requirements.
upvoted 0 times
...
Tu
4 months ago
Hmm, I'm a bit confused on the differences between the options here. I'll need to review the details of each solution to determine which one is the most cost-effective.
upvoted 0 times
...
Gracia
5 months ago
This looks like a tricky one. I'll need to carefully consider the cost-effectiveness requirement while also ensuring the token is properly encrypted and accessible to the Lambda function.
upvoted 0 times
...
Natalya
5 months ago
This seems like a straightforward question. I'll read through the information carefully and think about the key points.
upvoted 0 times
...
Wilbert
1 year ago
I'm with the others on this one. Option C is the clear winner. Gotta love those AWS services that just work well together, am I right?
upvoted 0 times
Nana
1 year ago
Absolutely, AWS services like Parameter Store and AWS SDK work seamlessly together for a secure and efficient solution.
upvoted 0 times
...
Pete
1 year ago
I agree, using SecureString parameter in Parameter Store is a cost-effective and secure solution for storing the client token.
upvoted 0 times
...
Jeannetta
1 year ago
Option C is definitely the way to go. AWS Systems Manager Parameter Store makes it easy to securely store and retrieve sensitive data.
upvoted 0 times
...
...
Angella
1 year ago
I'm not sure, but I think option A could also work well by storing the token in AWS Secrets Manager.
upvoted 0 times
...
Izetta
1 year ago
Hmm, I'm not sure. Aren't there any options that involve a dancing penguin to make it more entertaining? Just kidding, Option C does seem like the most practical choice here.
upvoted 0 times
...
Beth
1 year ago
I agree, Option C is the way to go. Storing sensitive information in Secrets Manager or KMS can get expensive, especially for small use cases. Parameter Store is a great, low-cost alternative.
upvoted 0 times
Leah
1 year ago
It's good to know that there are affordable options like Parameter Store available for securing sensitive information.
upvoted 0 times
...
Colton
1 year ago
I agree, using Parameter Store for storing the client token is a smart choice to keep costs down.
upvoted 0 times
...
Willodean
1 year ago
Option C is definitely the most cost-effective solution for this scenario.
upvoted 0 times
...
...
Yuette
1 year ago
Option C looks like the most secure and cost-effective solution. Storing the client token as a SecureString in Parameter Store and using the AWS SDK to retrieve it in the Lambda function is a solid approach.
upvoted 0 times
Enola
1 year ago
Definitely, using AWS Systems Manager Parameter Store is a good practice for managing secrets.
upvoted 0 times
...
Craig
1 year ago
It's important to prioritize security when dealing with sensitive information like client tokens.
upvoted 0 times
...
Tamie
1 year ago
I agree, storing the token as a SecureString in Parameter Store adds an extra layer of security.
upvoted 0 times
...
Veronique
1 year ago
Option C looks like the most secure and cost-effective solution.
upvoted 0 times
...
...
Rikki
1 year ago
I agree with Franklyn. Option D provides a secure way to pass the token to the Lambda function.
upvoted 0 times
...
Franklyn
1 year ago
I think option D is the best choice because it encrypts the client token using AWS KMS.
upvoted 0 times
...

Save Cancel