Developing Applications and Automating Workflows Using Cisco Platforms (DEVASC) — Question 32

Which method should be used to safely store the API keys?

Answer options

• A. in an environment variable unique to the system database
• B. encrypted in a configuration file that is separate from the code
• C. plain text in the code as a constant
• D. encrypted in the code in a function

Correct answer: A

Explanation

Storing API keys in an environment variable unique to the system database ensures that they are not exposed in the codebase, providing better security. On the other hand, while encryption in a configuration file can offer some level of protection, it still risks exposure if the file is not managed properly. Keeping keys in plain text or even encrypted within the code is generally insecure as it can lead to accidental leaks or reverse engineering.