Which of the following methods will allow the application to authenticate to the database in the MOST secure way?

A production engineer is configuring a new application, which is running in containers, that requires access to a database.

Which of the following methods will allow the application to authenticate to the database in the MOST secure way?
A . Store the credentials in a variable on every worker node
B . Store the credentials on a shared volume using whole-disk encryption
C . Store the credentials in a configuration file using SHA-256 inside the container image
D . Store the credentials using the orchestrator secret manager

View Answer

Answer: D

Explanation:

The most secure way to store the credentials for a new application that is running in containers and requires access to a database is to use the orchestrator secret manager. The orchestrator secret manager is a feature that allows storing and managing sensitive data, such as passwords, tokens, or keys, for containers in an encrypted and centralized way. It also provides access control, auditing, and rotation features for the secrets. This method will protect the credentials from being exposed or compromised by unauthorized parties or malicious actors.

Reference: [CompTIA Cloud+ Certification Exam Objectives], Domain 2.0 Security, Objective 2.5 Given a scenario, apply data security techniques in the cloud.