Answer-first summary for fast verification
Answer: Store the credentials in a secret management system
Storing credentials in the source code (A) is insecure because it makes them discoverable in plain text to anyone with access to the source code. Using a config file with restricted access (B) is better but still requires manual updates and poses risks if the file contains plain text credentials. Environment variables (C) are not ideal because they need to be available in plain text when the session starts. The most secure option is a secret management system (D), which handles credentials securely by generating, using, rotating, encrypting, and destroying cryptographic keys, and managing permissions to those keys. For more information, visit: - [Google Cloud Secret Manager](https://cloud.google.com/secret-manager) - [Google Cloud Secret Manager Documentation](https://cloud.google.com/secret-manager/docs)
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your E-commerce website consists of 30 microservices, each with its own dedicated database backend. What is the most secure method to store the credentials?
A
Store the credentials in the source code
B
Store the credentials in a config file that has restricted access through ACLs
C
Store the credentials in an environment variable
D
Store the credentials in a secret management system
No comments yet.