Certificate of Cloud Auditing Knowledge (CCAK) — Question 159

Which of the following can be used to determine whether access keys are stored in the source code or any other configuration files during development?

Answer options

• A. Static code review
• B. Dynamic code review
• C. Credential scanning
• D. Vulnerability scanning

Correct answer: C

Explanation

Credential scanning is specifically designed to detect sensitive information like access keys in code and configuration files, making it the correct choice. Static and dynamic code reviews focus more on code quality and behavior rather than specifically identifying credential exposure. Vulnerability scanning assesses security weaknesses but does not directly check for hardcoded credentials.