ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

Your team is designing the deployment topology for a microservice-based application on a public cloud. To maintain a secure path to production, the CI/CD pipeline must deploy artifacts without storing long-lived administrative credentials. Which architectural choice addresses this requirement MOST effectively?

Integrate the pipeline runners with the cloud provider's managed identity service so they request short-lived deployment tokens at runtime.
Schedule a nightly job that rotates the pipeline's deployment credentials and commits the new values to version control.
Encrypt static administrative passwords inside pipeline scripts using a symmetric key stored in the source code repository.
Insert a bastion host in the production subnet and require pipeline jobs to SSH through it using stored key pairs.

Report Issue

Answer Description

Using the cloud provider's managed identity (or equivalent role-based) service lets the build or deployment agents request short-lived, automatically rotated tokens when the pipeline runs. Because no long-term secret ever resides in source control, build scripts, or the runner's file system, the attack surface for credential theft is greatly reduced and the requirement is fully met. Encrypting static passwords or keys (even if rotated periodically) still leaves long-lived secrets that can be exfiltrated. Forcing SSH through a bastion improves network segmentation but does not eliminate stored keys. Automatically committing refreshed credentials to the repository simply redistributes, rather than removes, the secret exposure risk. Therefore, integrating the pipeline with the provider's managed identity service is the most effective architectural control.

Ask Bash

Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.