Practice Test

True or False: AWS Secrets Manager allows for the secure and scalable storage of access keys, passwords, and other secrets.

  • True
  • False

Answer: True

Explanation: AWS secrets Manager enables you to protect access to your applications, services, and IT resources. This service can securely encrypt, store, and retrieve credentials.

What service does AWS provide for the management of secrets such as passwords and database strings?

  • A) AWS Key Management Service
  • B) AWS Identity Access Manager
  • C) AWS Secrets Manager
  • D) AWS Parameter Store

Answer: C) AWS Secrets Manager

Explanation: AWS Secrets Manager protects access to applications, services, and IT resources. This eliminates the upfront investment and on-going maintenance costs of operating your own infrastructure.

True or False: Systems Manager Parameter Store provides secure, hierarchical storage for configuration data and secrets management.

  • True
  • False

Answer: True

Explanation: AWS Systems Manager Parameter Store provides hierarchical storage for configuration data management and secrets management, which can help you manage your secrets more securely.

Which of the following provides secure storage for SSL/TLS certificates in AWS?

  • A) AWS Systems Manager
  • B) AWS Secrets Manager
  • C) AWS Certificate Manager
  • D) AWS Parameter Store

Answer: C) AWS Certificate Manager

Explanation: AWS Certificate Manager handles the complexity of creating, storing, and managing public and private SSL/TLS certificates.

True or False: You can store secrets in plaintext using AWS Secrets Manager.

  • True
  • False

Answer: False

Explanation: Storing secrets in plaintext is a bad security practice. AWS Secrets Manager stores secrets in a highly secure and encrypted format.

True or False: AWS Secrets Manager can automatically replace secrets without interruption.

  • True
  • False

Answer: True

Explanation: AWS Secrets Manager can protect access to applications, services, and IT resources, without the upfront investment and on-going maintenance costs of operating your own infrastructure.

What AWS service helps manage systems and deploy applications at scale?

  • A) AWS Parameter Store
  • B) AWS Fleet Manager
  • C) AWS Secrets Manager
  • D) AWS Systems Manager

Answer: D) AWS Systems Manager

Explanation: AWS Systems Manager gives you visibility and control of your infrastructure on AWS.

True or False: AWS Systems Manager Parameter Store secrets can be encrypted with customer-specific AWS Key Management Service keys.

  • True
  • False

Answer: True

Explanation: AWS Systems Manager Parameter Store secrets support encryption with AWS Key Management Service (KMS) with customer-specific keys.

Which AWS service is mostly used for storing system parameters and configurations?

  • A) AWS Secrets Manager
  • B) AWS Key Management Service
  • C) AWS Systems Manager Parameter Store
  • D) AWS Identity Access Manager

Answer: C) AWS Systems Manager Parameter Store

Explanation: AWS Systems Manager Parameter Store provides hierarchal storage for saving system parameters and configurations, eliminating the need to hardcode this information.

True or False: You can’t retrieve secrets from AWS Secrets Manager using AWS CLI.

  • True
  • False

Answer: False

Explanation: Secrets can be retrieved from AWS Secrets Manager using AWS CLI (Command Line Interface), SDKs, and other means.

Interview Questions

What is AWS Secrets Manager?

AWS Secrets Manager is a secrets management service that helps you protect access to your IT resources. This service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.

How does the AWS Secrets Manager service offer more security than manually hardcoding secrets into applications?

AWS Secrets Manager prevents leakage of secrets such as database credentials by eliminating the upfront and ongoing investment needed to maintain your own infrastructure. It does not hardcode any secrets into applications and instead, rotates, retrieves, and safely manages them.

What is AWS Systems Manager Parameter Store?

AWS Systems Manager Parameter Store is a service that provides secure, hierarchical storage for configuration data management and secrets management. You can store data such as passwords, database strings, and license codes as parameter values.

Can you rotate secrets in AWS Secrets Manager?

Yes, AWS Secrets Manager enables you to automate the rotation, management, and retrieval of secrets such as database credentials, on-demand without the potential of disrupting applications.

Is it safe to store secrets in plain text in the Systems Manager Parameter Store?

No, it is not recommended to store secrets in plain text anywhere, including Systems Manager Parameter Store. Data should be encrypted for security purposes.

How does AWS Secrets Manager secure sensitive information?

AWS Secrets Manager protects access to applications, services, and IT resources, without the upfront investment and on-going maintenance costs of operating your own infrastructure. The service encrypts secrets at rest using encryption keys that you own and control.

Can existing applications be migrated to AWS Secrets Manager?

Yes, AWS Secrets Manager has an application-level credential provider that removes code changes to enhance security of existing applications.

Can AWS Secrets Manager manage secrets for multi-AWS-account environments?

Yes, AWS Secrets Manager supports managing secrets for multi-AWS-account environments, using resource-based policies and AWS Organizations.

Is resource-based policy supported in AWS Secrets Manager?

Yes, AWS Secrets Manager supports resource-based policies that give you more granular control on IAAM roles and users accessing a secret.

How does AWS Systems Manager Parameter Store compare to AWS Secrets Manager for storing sensitive configuration data?

Although Systems Manager Parameter Store can be used to store secrets, AWS Secrets Manager provides more advanced features, such as automatic secret rotation, which makes it more suitable for storing sensitive configuration data.

Can AWS Secrets Manager schedule the rotation of secrets automatically?

Yes, you can configure AWS Secrets Manager to automatically rotate the secret for a secured service or database.

What durability does AWS Secrets Manager provide for secrets?

AWS Secrets Manager is designed to be highly durable and is backed by the Amazon RDS service, which has multiple levels of redundancy.

Can AWS Secrets Manager decals secrets using AWS CloudTrail?

Yes, AWS Secrets Manager is integrated with AWS CloudTrail to record all API calls and integrates with AWS’ key management service for added security.

How can secrets be accessed in AWS Systems Manager Parameter Store?

Secrets in AWS Systems Manager Parameter Store can be accessed through Systems Manager APIs, the AWS CLI, or the AWS Management Console.

Can AWS Secrets Manager rotate all types of secrets?

AWS Secrets Manager can natively rotate credentials for Amazon Relational Database Service, Amazon DocumentDB, and Amazon Redshift. Other databases or third-party secrets can be rotated by modifying and using AWS Lambda functions.

Leave a Reply

Your email address will not be published. Required fields are marked *