HomeCSSLP Secure Software PrepQuestion 1 of 10
CSSLP Secure Software PrepQuestion 1 / 10

During software deployment, which category includes sensitive information like database connection strings and API tokens that need to be secured through encryption and strict access controls?

Practise this CSSLP Secure Software Prep question free, then download the PDF, watch the video walkthrough, or unlock timed mock exams for the full web bank.
Multiple choice — select the best answer
✓ Correct answer: D. Secrets Answer: Secrets During the deployment and maintenance phases of software development, it is crucial to securely store and manage various types of sensitive information. Examples include: Credentials: These control access to different environments and tools. Each environment and account should have dedicated credentials following the principle of least privilege. Secrets: This category includes data such as database connection strings, API tokens, and other sensitive information which should be protected with encryption and access controls. Keys/Certificates: Proper management of encryption keys and digital certificates is necessary. They should not be embedded directly into the code and should be validated before usage. Configurations: The security configuration of an application must be preserved through access control measures and ensuring the integrity and authenticity of the configuration data.

Keep practising. Use the free CSSLP Secure Software Prep PDF, watch the YouTube walkthrough, or unlock all 10 web questions with timed mock exams.

Keep practising

Related questions

Free practice here. Timed mocks when you are ready.

Study the CSSLP Secure Software Prep free question explanations, download the PDF, then unlock timed mock exams on the web when you want exam-day practice.