A systems administrator is writing a script for provisioning nodes in the environment. Which of the following would be BEST for the administrator to use to provision the authentication credentials to the script?
A.
password='curl https://10.2.3.4/api/sytemops?op=provision'
When provisioning authentication credentials for a script, it's essential to consider security and best practices. Storing passwords or sensitive information directly in the script (option D) is generally not recommended because it exposes the credentials in plain text, which can be a security risk.
Option A is also not a recommended approach because it retrieves the password from a remote source using curl, which might not be secure and could introduce dependencies or network issues.
Option C is better than options A and D as it reads the credentials from a local file, which can be more secure than storing them directly in the script. However, it still requires careful management of the file's permissions to prevent unauthorized access to the credentials.
Option B, which uses an environment variable (env_password), is often considered the best practice for providing authentication credentials to scripts. Environment variables can be set outside the script and are typically stored securely. They are accessed within the script without exposing the sensitive information directly in the script's code. This approach provides a good balance between security and convenience.
C. This option involves reading the authentication credentials from a file located at /opt/app/credentials. This method is more secure because it keeps the credentials separate from the script and restricts access to the credentials file, improving security.
The question says this is scripted so hopefully no humans are around. At the very least keep the password in a locked down file but better yet a Key Vault. Anything plain text is out because it's not the 1990s anymore.
FYI: Env variables are not safe because your coworkers are questionable.
upvoted 1 times
...
...
This section is not available anymore. Please use the main Exam Page.CV0-003 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
TheGinjaNinja
Highly Voted 1 year, 3 months agoPongsathorn
Most Recent 8 months agoPongsathorn
8 months agoAnonimo_R_de_jalisco
8 months, 3 weeks agoTomtom11
8 months, 3 weeks agoconcepcionz
1 year, 1 month agoACunningPlan
1 year, 2 months agoACunningPlan
1 year, 2 months ago