Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

During a security design review of a cloud-native application, you must document requirements for how microservices will obtain database credentials for their service accounts. Which approach MOST directly satisfies secure credential storage and rotation expectations for service accounts under the CSSLP data access provisioning objective?

  • Store the service account credentials in a version-controlled, GPG-encrypted YAML file and replace the encryption key once a year.

  • Embed the database password in an environment variable for each microservice and encrypt the container image at rest.

  • Leverage an enterprise secrets vault that injects short-lived, automatically rotated database credentials into each container at start-up.

  • Use a service account with a non-expiring password and rely on network security groups to restrict database access.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Requirements
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot