A developer automates tasks using a command line interface. The tasks require privileged credentials and run on workstations that connect to an external service. Which approach helps prevent these credentials from lingering on the local devices?
Keep credentials in a text file and reference it from the script
Include persistent credentials directly in the automation script
Use environment variables with short-lived keys that refresh on each run
Restrict script execution by allowing just one account on each workstation
Short-lived keys injected as environment variables help limit exposure because they expire, lowering the benefit attackers gain if the environment is compromised. Storing static credentials, running tasks with a single user account, or retaining details in plain files increase the likelihood of discovery by unauthorized users over time.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are environment variables, and why are they useful for securing credentials?
Open an interactive chat with Bash
What are short-lived keys, and how do they differ from static credentials?
Open an interactive chat with Bash
What are the risks of storing persistent credentials in scripts or text files?