Developing Applications Using Cisco Core Platforms and APIs (DEVCOR) — Question 57
A developer has just completed the configuration of an API that connects sensitive internal systems. Based on company policies, the security of the data is a high priority.
Which approach must be taken to secure API keys and passwords?
Answer options
- A. Embed them directly in the code.
- B. Store them in a hidden file.
- C. Store them inside the source tree of the application.
- D. Change them periodically.
Correct answer: D
Explanation
The correct approach is to change API keys and passwords periodically to enhance security and reduce the risk of unauthorized access. Storing them directly in the code, in hidden files, or within the source tree can expose them to potential security breaches, making those options inappropriate.