GH-200 Question #22: Real Exam Question with Answer & Explanation

Question

As a developer, you need to use GitHub Actions to deploy a microservice that requires runtime access to a secure token. This token is used by a variety of other microservices managed by different teams in different repos. To minimize management overhead and ensure the token is secure, which mechanisms should you use to store and access the token? (Each correct answer presents a complete solution. Choose two.)

Options

• AStore the token as a GitHub encrypted secret in the same repo as the code. During deployment,
• BUse a corporate non-GitHub secret store (e.g., HashiCorp Vault) to store the token. During
• CStore the token as an organizational-level encrypted secret in GitHub. During deployment, use
• DStore the token as a GitHub encrypted secret in the same repo as the code. Create a reusable
• EStore the token in a configuration file in a private repository. Use GitHub Actions to deploy the

Explanation

[B] Using a corporate secret store like HashiCorp Vault provides a secure, centralized location for sensitive information. GitHub Actions can then retrieve and store the token securely during deployment by setting it as an environment variable, ensuring the token remains secure and accessible at runtime. [C] Storing the token as an organizational-level encrypted secret in GitHub ensures it is accessible across multiple repositories, minimizing management overhead. GitHub Actions can then use this secret during deployment by setting it as an environment variable, allowing the microservice to access it securely at runtime.

No community discussion yet for this question.