A developer forgot to add encryption for data stored in Service C, while all other services use encryption. What is the main security risk introduced?

medium📝 Conceptual Q14 of 15

Microservices - Authentication and Authorization

AData in Service C can be read if storage is accessed by attackers.

BService C will reject all incoming requests.

CEncryption is not needed if network is secure.

DOther services will stop working due to mismatch.

Step-by-Step Solution

Solution:

Step 1: Identify impact of missing encryption at rest
Without encryption, stored data in Service C is vulnerable to theft if storage is compromised.
Step 2: Evaluate other options
Service C will not reject requests just because of missing encryption; network security does not protect stored data; other services remain unaffected.
Final Answer:
Data in Service C can be read if storage is accessed by attackers. -> Option A
Quick Check:
Missing encryption at rest = D [OK]

Quick Trick: Encrypt stored data to prevent leaks [OK]

Common Mistakes:

MISTAKES

Assuming network security protects stored data
Thinking missing encryption breaks service functionality
Believing other services fail due to one missing encryption

Master "Authentication and Authorization" in Microservices

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Arch Try Challenge Design Recall Scale

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions

More Microservices Quizzes

A developer forgot to add encryption for data stored in Service C, while all other services use encryption. What is the main security risk introduced?

Step 1: Identify impact of missing encryption at rest

Step 2: Evaluate other options

Final Answer:

Quick Check:

Want More Practice?