Developing Applications and Automating Workflows Using Cisco Platforms (DEVASC) — Question 273

A developer is developing a web application that uses username and password to authenticate to the next service. The user credentials must be available at any time in the application. The developer must choose and implement a secure method of storing the authentication credentials that are used in the automation code. Which password handling method must be used to minimize the security risk?

Answer options

• A. Store the username and password in a separate configuration file.
• B. Store the username and password in a vault.
• C. Store the passwords in a dictionary.
• D. Store the username and password in code.

Correct answer: B

Explanation

Storing credentials in a vault, as indicated in option B, provides a secure method for managing sensitive information, as vaults are designed to protect secrets. Options A, C, and D are less secure; configuration files can be easily accessed, dictionaries are not secure storage, and hardcoding credentials directly in code exposes them to anyone with access to the source code.