A production engineer is configuring a new application, which is running in containers, that requires access to a database. Which of the following methods will allow the application to authenticate to the database in the MOST secure way?
A.
Store the credentials in a variable on every worker node
B.
Store the credentials on a shared volume using whole-disk encryption
C.
Store the credentials in a configuration file using SHA-256 inside the container image
D.
Store the credentials using the orchestrator secret manager
By leveraging the orchestrator's secret management features, the production engineer can securely configure the application container to access the database without storing the credentials in plain text or within the container image itself. This approach minimizes the risk of exposure and improves overall security.
D. Store the credentials using the orchestrator secret manager
Using the orchestrator's secret manager (e.g., Kubernetes Secrets, Docker Swarm Secrets) is the most secure way to store sensitive information such as credentials for a containerized application. This method ensures that secrets are stored securely, encrypted at rest, and can be accessed only by authorized containers. Additionally, it simplifies the management of credentials, as they are centrally managed and can be updated without modifying the container image or the application code.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.CV0-003 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
CXSSP
5 months, 1 week agoAlizadeh
1 year, 7 months ago