Which practice best describes credential management in deployment pipelines?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the MP Deployment Exam with flashcards and multiple choice questions. Hints and explanations available for every question. Ace your exam!

Multiple Choice

Which practice best describes credential management in deployment pipelines?

Explanation:
Credential management in deployment pipelines means treating credentials as sensitive data that must be protected with encryption, centralized storage, strict access controls, and regular rotation. The best practice is to use secret management, encryption; store in vaults or KMS; restrict access and rotate regularly. This approach keeps credentials out of code and configuration files, provides automated safeguards, and gives you audit trails. Secret stores (like Vault or cloud KMS/secret managers) encrypt secrets at rest and in transit, integrate with your CI/CD pipelines to supply credentials to services on demand, and enforce least-privilege access so only the exact components or people that need a secret can access it. Regular rotation minimizes risk: even if a secret is compromised, it won’t be valid for long, and automated rotation reduces manual effort and errors. In contrast, embedding credentials in code exposes them to version control and builds, making unauthorized access or leakage easy to occur. Sharing credentials via email bypasses access controls and auditing, creating a weak link. Disabling rotation keeps credentials static, increasing the window of opportunity for misuse if a secret is exposed.

Credential management in deployment pipelines means treating credentials as sensitive data that must be protected with encryption, centralized storage, strict access controls, and regular rotation. The best practice is to use secret management, encryption; store in vaults or KMS; restrict access and rotate regularly. This approach keeps credentials out of code and configuration files, provides automated safeguards, and gives you audit trails.

Secret stores (like Vault or cloud KMS/secret managers) encrypt secrets at rest and in transit, integrate with your CI/CD pipelines to supply credentials to services on demand, and enforce least-privilege access so only the exact components or people that need a secret can access it. Regular rotation minimizes risk: even if a secret is compromised, it won’t be valid for long, and automated rotation reduces manual effort and errors.

In contrast, embedding credentials in code exposes them to version control and builds, making unauthorized access or leakage easy to occur. Sharing credentials via email bypasses access controls and auditing, creating a weak link. Disabling rotation keeps credentials static, increasing the window of opportunity for misuse if a secret is exposed.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy