🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional56 / 124
Question 56 of 124

A security review of a cloud-native microservices application finds that database credentials and third-party API keys are stored in plaintext within environment variables defined in the container image's Dockerfile and committed to the source code repository. The DevOps team needs a remediation approach that removes long-lived secrets from code while enabling automatic rotation and audited retrieval at runtime. Which approach best addresses these requirements?

Reviewed for accuracy · Report an issueNext question