Answer-first summary for fast verification
Answer: Immediately revoke the compromised key, remove it from Git, cleanse the Git history to eliminate all traces of the file, and add the key to the .gitignore file to prevent future commits.
The correct answer is D, as it is crucial to revoke the exposed key to prevent unauthorized access, remove it from Git, and purge the Git history to eliminate any traces of the file. Additionally, adding the key to the .gitignore file helps avoid similar incidents in the future. Option A is incorrect because Google Cloud Support cannot directly resolve issues related to Git repositories. Option B is flawed because storing keys in Git, even in private repositories, is a security risk. Option C is excessive and unnecessary, as deleting the project does not address the immediate need to secure the compromised key.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
While reviewing your application's source code in your private GitHub repository, you discover that a service account key has been accidentally committed to git. What is the most appropriate action to take next?
A
Contact Google Cloud Support for assistance.
B
Ignore the issue since the repository is private and keys are safe there.
C
Delete the entire project and start anew to ensure security.
D
Immediately revoke the compromised key, remove it from Git, cleanse the Git history to eliminate all traces of the file, and add the key to the .gitignore file to prevent future commits.
No comments yet.