AWS Certified Database – Specialty — Question 43

A large financial services company requires that all data be encrypted in transit. A Developer is attempting to connect to an Amazon RDS DB instance using the company VPC for the first time with credentials provided by a Database Specialist. Other members of the Development team can connect, but this user is consistently receiving an error indicating a communications link failure. The Developer asked the Database Specialist to reset the password a number of times, but the error persists.
Which step should be taken to troubleshoot this issue?

Answer options

• A. Ensure that the database option group for the RDS DB instance allows ingress from the Developer machine's IP address
• B. Ensure that the RDS DB instance's subnet group includes a public subnet to allow the Developer to connect
• C. Ensure that the RDS DB instance has not reached its maximum connections limit
• D. Ensure that the connection is using SSL and is addressing the port where the RDS DB instance is listening for encrypted connections

Correct answer: D

Explanation

The correct answer is D because the requirement for encryption in transit necessitates the use of SSL, and ensuring the connection is directed to the correct port is essential for establishing a secure connection. Options A and B do not address the encryption requirement, while option C is irrelevant since it pertains to connection limits rather than the encryption issue.