Implementing DevOps Solutions and Practices Using Cisco Platforms (DEVOPS) — Question 32

Which method is a safe way to provide a username/password combination to an application running as a service in a Docker container?

Answer options

• A. encode the value with base64 in a secure DNS CTEXT entry
• B. as an environment variable in the Dockerfile
• C. Docker environment variable
• D. Docker secrets

Correct answer: D

Explanation

The correct answer is D, Docker secrets, as it is specifically designed for securely managing sensitive information in Docker containers. Options A and B are not secure methods, as base64 encoding is easily reversible and storing credentials in the Dockerfile exposes them to anyone with access to the image. Option C, using Docker environment variables, also lacks security since these variables can be easily accessed by anyone with access to the container.