Developing Applications Using Cisco Core Platforms and APIs (DEVCOR) — Question 390

An application engineering team needs an easy way to implement a secret storage policy and ensure that other developers cannot access the credentials. The access to the source code must be limited to avoid retrieving secrets. How must the secrets be stored?

Answer options

• A. on a cloud-based secret service through an API gateway
• B. using an encrypted document-based database
• C. using a key-value database linked to a third-party OAuth service
• D. as a variable in the code using functions and loops

Correct answer: A

Explanation

The correct answer is A because a cloud-based secret service accessed via an API gateway provides secure storage and controlled access to sensitive credentials. Options B and C do not offer the same level of security and access control as a dedicated secret management solution. Option D is insecure as storing secrets directly in code can lead to accidental exposure.