As the chief of DevSecOps at a large credit card company with an app hosted on GCP, you're responsible for securely storing credentials used by 35 distributed backend microservices to connect to a non-relational database. What is the most secure method to store these credentials?

Real Exam

Explanation:

Storing credentials in source code files (Option B) is insecure as they're easily discoverable in plain text. Environment variables (Option A) are also insecure because they're available in plain text and accessible to applications on the server. ACLs restricted config files (Option D) require manual access management and still risk exposure in plain text. Secret Manager (Option C) is the correct choice as it's designed for secure storage of sensitive data like API keys and passwords, offering fine-grained access control and encryption to ensure credentials are securely stored and accessed only by authorized services or users. For more information, refer to Google Cloud's documentation on Secret Manager and Kubernetes Engine's concepts on secrets.

Powered ByGPT-5

Google Associate Cloud Engineer

Get started today

Google Associate Cloud Engineer

Get started today

As the chief of DevSecOps at a large credit card company with an app hosted on GCP, you're responsible for securely storing credentials used by 35 distributed backend microservices to connect to a non-relational database. What is the most secure method to store these credentials?