A developer has just completed the configuration of an API that connects sensitive internal systems. Based on company policies, the security of the data is a high priority.
Which approach must be taken to secure API keys and passwords?
Storing them in a hidden file or inside the source tree isn't much better. Those are just security through obscurity, which we all know is not real security.
Seriously? Embedding sensitive information like API keys and passwords directly in the code? That's a huge security risk! I can't believe that's even an option on the exam.
upvoted 0 times
...
Log in to Pass4Success
Sign in:
Report Comment
Is the comment made by USERNAME spam or abusive?
Commenting
In order to participate in the comments you need to be logged-in.
You can sign-up or
login
Barrett
3 days agoDulce
4 days agoDiego
5 days agoDorthy
6 days ago