🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional99 / 124
Question 99 of 124

A DevOps team runs a fleet of microservices in a managed Kubernetes cluster. Each service currently reads a static database password from an environment variable injected at deployment. Security audits found the same credential has not been changed in 14 months, is shared across all services, and appears in CI/CD pipeline logs. The team wants a cloud-native approach that eliminates long-lived shared credentials and provides per-service accountability. Which solution BEST addresses these requirements?

Reviewed for accuracy · Report an issueNext question