ExamGecko
Search Search Login
Home Home / Cisco / 200-901
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How are operations on REST APIs performed as compared to RPC APIs?
Refer to the exhibit. A developer can access the TLS REST API on server A, but cannot access the API on server B. The developer can ping server B. When the developer performs a packet capture on the TLS REST API port on server B, the capture shows that the packet arrived and the server responded. What causes the issue?
Where is an IP packet routed if the packet does not match any routes in the routing table?
What should a CI/CD pipeline aim to achieve?
A developer is trying to retrieve data over a REST API. The API server responds with an HTTP client error response code. After investigating the response the developer realizes the response has a RetryAfter header. What is the root cause of this error?
What is the Git command to delete a local branch named “experiment” without a warning?
Which Cisco compute management platform controls server, network, storage, and virtual resources with policy-driven management for up to 10000 physical Cisco servers?
What is a component of the first stage of an application development CI/CD pipeline?
What is a benefit of test-driven development?
What is the function of an IP address in networking?

Question 447 - 200-901 discussion

Report
Export

An engineer must review and clean up a code repository. During the review, the engineer finds a file named config.json that contains API URLs, shared keys, and other application configurations. Which two methods, according to best practice, must be used to protect secrets? (Choose two.)

A.

Store in plaintext if they are not stored in a code repository.

Answers
A.

Store in plaintext if they are not stored in a code repository.

B.

Store as plaintext when the server is secured physically.

Answers
B.

Store as plaintext when the server is secured physically.

C.

Never appear in plaintext at rest or in transit.

Answers
C.

Never appear in plaintext at rest or in transit.

D.

Make them long, secure strings that include numbers with special characters.

Answers
D.

Make them long, secure strings that include numbers with special characters.

E.

Always store in a secure vault.

Answers
E.

Always store in a secure vault.

Suggested answer: C, E

Explanation:

To protect secrets such as API URLs, shared keys, and other application configurations, it is best practice to: C. Ensure they never appear in plaintext at rest or in transit. Encrypt sensitive data both when it is stored (at rest) and when it is transmitted over the network (in transit). This prevents unauthorized access and exposure. E. Always store secrets in a secure vault. Use dedicated secret management tools like HashiCorp Vault, AWS Secrets Manager, or Azure Key Vault to store and manage sensitive information securely. These tools provide mechanisms for access control, audit logging, and automatic rotation of secrets.

Securing Secrets

HashiCorp Vault

AWS Secrets Manager

Show Answer
asked 07/10/2024
Ali Diaz
31 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms