An organization has discovered that developers are storing credentials in environment variables for containerized workloads. They want to protect these credentials, implement consistent configurations, and reduce unwanted exposure. Which measure best accomplishes these goals?
Turn off encryption to reduce resource usage in the container environment.
Place credentials in a text file restricted to the root user on the container host.
Store credentials in a dedicated secrets management service and apply a widely recognized configuration baseline.
Keep credentials in a centralized version control system for easier collaboration.
Using an audited secrets repository with recognized configurations helps guard credentials while adopting proven guidelines for baseline and runtime conditions. Checking secrets into version control or storing them in a root-owned file does not maintain enough oversight. Turning off encryption removes a fundamental protection, making data vulnerable.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a secrets management service?
Open an interactive chat with Bash
What is a configuration baseline and why is it important?
Open an interactive chat with Bash
Why is it unsafe to store credentials in environment variables or version control systems?