CrowdStrike
CCCS-203B · Question #53
CCCS-203B Question #53: Real Exam Question with Answer & Explanation
Sign in or unlock CCCS-203B to reveal the answer and full explanation for question #53. The question stem and answer options stay visible for context.
Question
During an image security scan, a container image assessment report reveals that an API key and database credentials are embedded in the Docker image's environment variables. Which of the following represents the best approach to resolving this issue before deployment?
Options
- AEncrypt the secrets within the image using AES-256 and store the decryption key in a separate
- BUse Docker's --no-cache flag when building the image to prevent secrets from being stored in
- CChange file permissions in the image to restrict access to the secrets to only the root user
- DRemove secrets from the image and use environment variables injected at runtime via a secrets
Unlock CCCS-203B to see the answer
You've previewed enough free CCCS-203B questions. Unlock CCCS-203B for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.