An engineer wants to use an AI-based suggestion system to write a script that needs sensitive credentials. Which method reduces the chances of exposing those credentials to the automated tool?
Store the credentials using environment variables to reference them inside the script
Strip detailed messages from logs while embedding credentials in the script
Embed the credentials directly in the script for quick reference
Include credentials in ephemeral containers created by the script
Placing credentials in environment variables keeps them out of the source code that the automated system analyzes. Hardcoding them in the script or bundling them with AI-generated code introduces a higher risk of disclosing sensitive information. Altering logs or using ephemeral containers does not guarantee proper isolation of credentials as they can still surface in temporary files or debugging processes.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are environment variables and why are they useful for storing credentials?
Open an interactive chat with Bash
How can AI-based tools accidentally expose sensitive credentials if not secured properly?
Open an interactive chat with Bash
What is the risk of embedding credentials directly in a script?