CompTIA PenTest+ PT0-002 Practice Question
During a penetration test, you have identified that an organization's proprietary application lacks a proper secrets management solution. Sensitive data within the application, including database credentials, are stored in plaintext configuration files accessible by a number of services. In your final report to the client, which recommendation would best address this vulnerability?
Restricting file permissions on the configuration files to administrators only
Storing the plaintext configuration files in a more secure directory on the server
Implementing a secrets management solution to centrally manage and securely store sensitive information
Changing database credentials regularly without implementing a secrets management system