A developer automates tasks using a command line interface. The tasks require privileged credentials and run on workstations that connect to an external service. Which approach helps prevent these credentials from lingering on the local devices?
Keep credentials in a text file and reference it from the script
Use environment variables with short-lived keys that refresh on each run
Restrict script execution by allowing just one account on each workstation
Include persistent credentials directly in the automation script
Short-lived keys injected as environment variables help limit exposure because they expire, lowering the benefit attackers gain if the environment is compromised. Storing static credentials, running tasks with a single user account, or retaining details in plain files increase the likelihood of discovery by unauthorized users over time.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are environment variables and how are they used in automation?
Open an interactive chat with Bash
What are short-lived keys and why are they more secure?
Open an interactive chat with Bash
Why is hardcoding credentials in scripts considered insecure?