A junior cloud engineer on your team accidentally committed a script containing an administrative access key to a public code repository. The key was quickly discovered and used to make unauthorized changes to the cloud environment. Which of the following is the MOST effective administrative control to prevent this type of incident from recurring?
Enforce a policy requiring peer review for all code changes before they are committed to a public repository.
Establish a security awareness program that includes mandatory training on secrets management for all technical staff.
Implement the principle of least privilege by revoking administrative access for all junior engineers.
Integrate an automated secret scanning tool into the CI/CD pipeline to block commits containing credentials.
The most effective administrative control is establishing a robust security awareness program with mandatory training on secrets management. This directly addresses the root cause of the human error by educating employees on the risks and best practices for handling credentials. While integrating a secret scanning tool is a highly recommended technical control, the question specifically asks for an administrative control. Applying the principle of least privilege is a valid security measure, but completely revoking necessary access for a role is often impractical. Enforcing peer reviews is another useful administrative control, but it is not as foundational as training and relies on human reviewers who can also make mistakes.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is recurring training on credential management important?
Open an interactive chat with Bash
What are examples of secure credential management practices?
Open an interactive chat with Bash
What is the role of mandatory knowledge checks for new hires?