A developer has just completed the configuration of an API that connects sensitive internal systems. Based on company policies, the security of the data is a high priority.
Which approach must be taken to secure API keys and passwords?
Hah, this question is a trap! Anyone who picks A, B, or C is just begging to get their system compromised. The only real answer is D - rotate those keys and passwords on a regular basis. Gotta stay one step ahead of the bad guys, you know?
Ugh, this question is painful. Who would even think of putting sensitive data in the code or source tree? That's rookie-level security stuff. Changing the keys regularly is the only way to go if you want to keep your system safe.
Oh man, this is a tricky one. I guess the only real answer is D - changing the keys and passwords periodically. That's the only way to keep the system truly secure. The other options are just asking to get hacked!
Embedding sensitive data directly in the code? That's just asking for trouble! Hiding it in a file or storing it in the source tree aren't much better. Those are all terrible options that go against basic security practices.
Kent
8 months agoWalker
8 months agoTashia
8 months agoOzell
8 months agoTien
8 months agoMabelle
8 months agoHolley
8 months agoCorazon
8 months agoChana
8 months agoNovella
8 months agoAnastacia
8 months ago