AWS Certified Cloud Practitioner (CLF-C02) — Question 708

What is the MOST secure way to store passwords on AWS?

Answer options

• A. Store passwords in an Amazon S3 bucket.
• B. Store passwords as AWS CloudFormation parameters.
• C. Store passwords in AWS Storage Gateway.
• D. Store passwords in AWS Secrets Manager.

Correct answer: D

Explanation

AWS Secrets Manager is a dedicated service designed to securely store, rotate, and manage sensitive credentials like passwords with built-in encryption and access control. While services like Amazon S3 and AWS CloudFormation can store data, they lack the specialized security features and automatic rotation native to Secrets Manager. AWS Storage Gateway is a hybrid cloud storage service and is not intended for managing credentials.