Bird
0
0

What is a key security benefit of using Google Cloud Secret Manager over storing sensitive data directly in environment variables?

hard📝 Conceptual Q10 of 15
GCP - Cloud Functions
What is a key security benefit of using Google Cloud Secret Manager over storing sensitive data directly in environment variables?
AEnvironment variables can only store plaintext, while Secret Manager stores encrypted files
BEnvironment variables are encrypted by default, so Secret Manager adds no benefit
CSecret Manager disables network access to secrets, unlike environment variables
DSecret Manager provides automatic versioning and audit logging of secret access
Step-by-Step Solution
Solution:

  1. Step 1: Understand Secret Manager features

    Secret Manager offers secret versioning, access control, and audit logging.

  2. Step 2: Compare with environment variables

    Environment variables are not versioned and lack audit trails, increasing risk.

  3. Final Answer:

    Secret Manager provides automatic versioning and audit logging of secret access -> Option D

  4. Quick Check:

    Secret Manager enhances security with versioning and audit logs [OK]
Quick Trick: Secret Manager tracks versions and access logs [OK]
Common Mistakes:
  • Assuming environment variables are encrypted by default
  • Believing Secret Manager restricts network access differently
  • Confusing storage formats between environment variables and secrets

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More GCP Quizzes
Cloud Firestore and Bigtable - Why NoSQL on GCP matters - Quiz 5medium Cloud Firestore and Bigtable - Firestore document model - Quiz 9hard Cloud Functions - Cold start behavior - Quiz 14medium Cloud IAM Advanced - Policy troubleshooter - Quiz 10hard Cloud IAM Advanced - Data access logs - Quiz 2easy Cloud Load Balancing - URL maps for routing - Quiz 7medium Cloud Monitoring and Logging - Cloud Monitoring overview - Quiz 8hard Cloud Pub/Sub - Message retention and acknowledgment - Quiz 11easy Cloud Run - Cloud Run vs Cloud Functions decision - Quiz 11easy Cloud SQL and Databases - High availability configuration - Quiz 11easy