Developing Applications Using Cisco Core Platforms and APIs (DEVCOR) — Question 105

A developer deploys a SQLite database in a Docker container. Single-use secret keys are generated each time a user accesses the database. The keys expire after 24 hours.
Where should the keys be stored?

Answer options

• A. Outside of the Docker container in the source code of applications that connect to the SQLite database.
• B. In a separate file inside the Docker container that runs the SQLite database.
• C. In an encrypted database table within the SQLite database.
• D. In a separate storage volume within the Docker container.

Correct answer: D

Explanation

The correct answer is D because storing the keys in a separate storage volume allows for better security and management of the keys, ensuring they are isolated from the application code and database. Option A is insecure as it exposes keys in the source code, while B and C do not provide optimal security for ephemeral keys that need to be managed separately.